| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: 'JS/RunForest.B' eingefangenWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
18.09.2012, 14:20
| #16 |
| /// Winkelfunktion /// TB-Süch-Tiger™   |  'JS/RunForest.B' eingefangen Mach einen OTL-Fix, beende alle evtl. geöffneten Programme, auch Virenscanner deaktivieren (!), starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!) Code:
ATTFilter :OTL
FF - user.js - File not found
O3 - HKU\S-1-5-21-3913258400-2781748711-3090433421-1000\..\Toolbar\WebBrowser: (no name) - {4A1C6093-14F9-44D7-860E-5D265CFCA9D9} - No CLSID value found.
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{1824f9f9-e5e3-11e0-80d0-14dae910fa26}\Shell - "" = AutoRun
O33 - MountPoints2\{1824f9f9-e5e3-11e0-80d0-14dae910fa26}\Shell\AutoRun\command - "" = H:\LaunchU3.exe -a
@Alternate Data Stream - 253 bytes -> C:\ProgramData\TEMP:157E1AD3
:Files
ipconfig /flushdns /c
:Commands
[purity]
[emptytemp]
[resethosts]
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet. Die mit diesem Script gefixten Einträge, Dateien und Ordner werden zur Sicherheit nicht vollständig gelöscht, es wird eine Sicherheitskopie auf der Systempartition im Ordner "_OTL" erstellt. Hinweis: Das obige Script ist nur für diesen einen User in dieser Situtation erstellt worden. Es ist auf keinen anderen Rechner portierbar und darf nicht anderweitig verwandt werden, da es das System nachhaltig schädigen kann!
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
18.09.2012, 22:07
| #17 |
 | 'JS/RunForest.B' eingefangen Hallo!
__________________Alles ausgeführt. Mal schaun...... Code:
ATTFilter All processes killed
========== OTL ==========
Registry value HKEY_USERS\S-1-5-21-3913258400-2781748711-3090433421-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{4A1C6093-14F9-44D7-860E-5D265CFCA9D9} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4A1C6093-14F9-44D7-860E-5D265CFCA9D9}\ not found.
Registry value HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktop deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktopChanges deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1824f9f9-e5e3-11e0-80d0-14dae910fa26}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1824f9f9-e5e3-11e0-80d0-14dae910fa26}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1824f9f9-e5e3-11e0-80d0-14dae910fa26}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1824f9f9-e5e3-11e0-80d0-14dae910fa26}\ not found.
File H:\LaunchU3.exe -a not found.
ADS C:\ProgramData\TEMP:157E1AD3 deleted successfully.
========== FILES ==========
< ipconfig /flushdns /c >
Windows-IP-Konfiguration
Der DNS-Aufl”sungscache wurde geleert.
D:\user\Downloads\cmd.bat deleted successfully.
D:\user\Downloads\cmd.txt deleted successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: Admin_Konto
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 56466 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: Public
User: user
->Temp folder emptied: 17524422 bytes
->Temporary Internet Files folder emptied: 1481050 bytes
->Java cache emptied: 3203699 bytes
->FireFox cache emptied: 989584528 bytes
->Flash cache emptied: 99873 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 207072 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50434 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 965,00 mb
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
OTL by OldTimer - Version 3.2.61.5 log created on 09182012_225928
Files\Folders moved on Reboot...
C:\Users\user\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
PendingFileRenameOperations files...
Registry entries deleted on Reboot...
|
|
19.09.2012, 15:32
| #18 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | 'JS/RunForest.B' eingefangen Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten Anleitung und Downloadlink hier => http://www.trojaner-board.de/82358-t...entfernen.html
__________________Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm! Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet, Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten. Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition ( meistens Laufwerk C: ) nach, da speichert der TDSS-Killer seine Logs. Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten! 
__________________ |
|
19.09.2012, 20:34
| #19 |
| | 'JS/RunForest.B' eingefangen Hallo! Danke für die andauernde Hilfe! Hier das LOG: Code:
ATTFilter 21:11:15.0332 1540 TDSS rootkit removing tool 2.8.10.0 Sep 17 2012 19:23:24
21:11:15.0516 1540 ============================================================
21:11:15.0517 1540 Current date / time: 2012/09/19 21:11:15.0516
21:11:15.0517 1540 SystemInfo:
21:11:15.0517 1540
21:11:15.0517 1540 OS Version: 6.1.7601 ServicePack: 1.0
21:11:15.0517 1540 Product type: Workstation
21:11:15.0517 1540 ComputerName: USER-PC
21:11:15.0517 1540 UserName: user
21:11:15.0517 1540 Windows directory: C:\Windows
21:11:15.0517 1540 System windows directory: C:\Windows
21:11:15.0517 1540 Running under WOW64
21:11:15.0517 1540 Processor architecture: Intel x64
21:11:15.0517 1540 Number of processors: 6
21:11:15.0517 1540 Page size: 0x1000
21:11:15.0517 1540 Boot type: Normal boot
21:11:15.0517 1540 ============================================================
21:11:15.0940 1540 Drive \Device\Harddisk0\DR0 - Size: 0x1BF2976000 (111.79 Gb), SectorSize: 0x200, Cylinders: 0x3901, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
21:11:15.0956 1540 Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
21:11:15.0956 1540 Drive \Device\Harddisk2\DR2 - Size: 0x1D1C1116000 (1863.02 Gb), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
21:11:15.0961 1540 ============================================================
21:11:15.0961 1540 \Device\Harddisk0\DR0:
21:11:15.0961 1540 MBR partitions:
21:11:15.0961 1540 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
21:11:15.0961 1540 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xDF61800
21:11:15.0961 1540 \Device\Harddisk1\DR1:
21:11:15.0961 1540 MBR partitions:
21:11:15.0961 1540 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x74705800
21:11:15.0961 1540 \Device\Harddisk2\DR2:
21:11:15.0961 1540 MBR partitions:
21:11:15.0961 1540 \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xE8E07800
21:11:15.0961 1540 ============================================================
21:11:15.0962 1540 C: <-> \Device\Harddisk0\DR0\Partition2
21:11:15.0983 1540 D: <-> \Device\Harddisk1\DR1\Partition1
21:11:16.0009 1540 E: <-> \Device\Harddisk2\DR2\Partition1
21:11:16.0009 1540 ============================================================
21:11:16.0009 1540 Initialize success
21:11:16.0009 1540 ============================================================
21:13:20.0653 3584 ============================================================
21:13:20.0653 3584 Scan started
21:13:20.0653 3584 Mode: Manual; SigCheck; TDLFS;
21:13:20.0653 3584 ============================================================
21:13:20.0731 3584 ================ Scan system memory ========================
21:13:20.0731 3584 System memory - ok
21:13:20.0731 3584 ================ Scan services =============================
21:13:20.0778 3584 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
21:13:20.0825 3584 1394ohci - ok
21:13:20.0841 3584 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
21:13:20.0841 3584 ACPI - ok
21:13:20.0856 3584 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
21:13:20.0872 3584 AcpiPmi - ok
21:13:20.0872 3584 [ 63AD9BC2E08F834DAA7C2620410EE316 ] AcrSch2Svc C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
21:13:20.0887 3584 AcrSch2Svc - ok
21:13:20.0919 3584 [ A9D3B95E8466BD58EEB8A1154654E162 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
21:13:20.0919 3584 AdobeFlashPlayerUpdateSvc - ok
21:13:20.0934 3584 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
21:13:20.0950 3584 adp94xx - ok
21:13:20.0950 3584 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
21:13:20.0965 3584 adpahci - ok
21:13:20.0965 3584 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
21:13:20.0981 3584 adpu320 - ok
21:13:20.0981 3584 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
21:13:21.0028 3584 AeLookupSvc - ok
21:13:21.0028 3584 [ B794DD8ACC5CC76177156463DAB4BEBB ] afcdp C:\Windows\system32\DRIVERS\afcdp.sys
21:13:21.0059 3584 afcdp - ok
21:13:21.0075 3584 [ A07F038B7A28C439ACCDA9CC46EB999F ] afcdpsrv C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
21:13:21.0121 3584 afcdpsrv - ok
21:13:21.0137 3584 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
21:13:21.0153 3584 AFD - ok
21:13:21.0153 3584 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
21:13:21.0153 3584 agp440 - ok
21:13:21.0168 3584 [ 8B6625D53C18774F0102F690E285B5E8 ] AiChargerPlus C:\Windows\system32\DRIVERS\AiChargerPlus.sys
21:13:21.0168 3584 AiChargerPlus - ok
21:13:21.0168 3584 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
21:13:21.0184 3584 ALG - ok
21:13:21.0184 3584 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
21:13:21.0184 3584 aliide - ok
21:13:21.0199 3584 [ 9C616BA191B80F5CD1A1B9553E107100 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
21:13:21.0215 3584 AMD External Events Utility - ok
21:13:21.0215 3584 AMD FUEL Service - ok
21:13:21.0215 3584 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
21:13:21.0215 3584 amdide - ok
21:13:21.0231 3584 [ 6A2EEB0C4133B20773BB3DD0B7B377B4 ] amdiox64 C:\Windows\system32\DRIVERS\amdiox64.sys
21:13:21.0231 3584 amdiox64 - ok
21:13:21.0231 3584 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
21:13:21.0246 3584 AmdK8 - ok
21:13:21.0293 3584 [ 5165E83751B8FF40E5E4925996FCC506 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
21:13:21.0402 3584 amdkmdag - ok
21:13:21.0402 3584 [ 86AB3CF484260C4318F3A6E8B035F422 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
21:13:21.0418 3584 amdkmdap - ok
21:13:21.0418 3584 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
21:13:21.0433 3584 AmdPPM - ok
21:13:21.0433 3584 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
21:13:21.0433 3584 amdsata - ok
21:13:21.0449 3584 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
21:13:21.0449 3584 amdsbs - ok
21:13:21.0449 3584 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
21:13:21.0465 3584 amdxata - ok
21:13:21.0465 3584 [ 2FBB00A7616106B95104574C6CD640C2 ] amd_sata C:\Windows\system32\DRIVERS\amd_sata.sys
21:13:21.0465 3584 amd_sata - ok
21:13:21.0480 3584 [ 87D0D7645CB0D53220649BD5FE15D93E ] amd_xata C:\Windows\system32\DRIVERS\amd_xata.sys
21:13:21.0480 3584 amd_xata - ok
21:13:21.0480 3584 [ 0A1CC583E8147004E4AD4625D7FBF88C ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
21:13:21.0496 3584 AntiVirSchedulerService - ok
21:13:21.0496 3584 [ C9A36EF935ACED86AEDF93E97E606911 ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
21:13:21.0496 3584 AntiVirService - ok
21:13:21.0511 3584 [ 5B25D1A753CC3A3EDB909BB759AC1098 ] AODDriver4.01 C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys
21:13:21.0511 3584 AODDriver4.01 - ok
21:13:21.0511 3584 [ 5B25D1A753CC3A3EDB909BB759AC1098 ] AODDriver4.1 C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys
21:13:21.0511 3584 AODDriver4.1 - ok
21:13:21.0527 3584 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
21:13:21.0574 3584 AppID - ok
21:13:21.0574 3584 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
21:13:21.0605 3584 AppIDSvc - ok
21:13:21.0605 3584 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
21:13:21.0621 3584 Appinfo - ok
21:13:21.0636 3584 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll
21:13:21.0636 3584 AppMgmt - ok
21:13:21.0636 3584 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
21:13:21.0652 3584 arc - ok
21:13:21.0652 3584 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
21:13:21.0667 3584 arcsas - ok
21:13:21.0667 3584 [ FB03A917C1294D3E6D671F24722E1BA3 ] asComSvc C:\Program Files (x86)\ASUS\AXSP\1.00.13\atkexComSvc.exe
21:13:21.0683 3584 asComSvc - ok
21:13:21.0699 3584 [ A63173897EA1A73A75D0E65036DE5B15 ] asHmComSvc C:\Program Files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe
21:13:21.0699 3584 asHmComSvc - ok
21:13:21.0714 3584 [ FEF9DD9EA587F8886ADE43C1BEFBDAFE ] AsIO C:\Windows\syswow64\drivers\AsIO.sys
21:13:21.0714 3584 AsIO - ok
21:13:21.0714 3584 [ 954950D11ADA98AC1B7EE3C770E4622C ] asmthub3 C:\Windows\system32\DRIVERS\asmthub3.sys
21:13:21.0730 3584 asmthub3 - ok
21:13:21.0730 3584 [ 01DBB05DB1DB95803E3C9F2B49AFE79C ] asmtxhci C:\Windows\system32\DRIVERS\asmtxhci.sys
21:13:21.0745 3584 asmtxhci - ok
21:13:21.0761 3584 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
21:13:21.0761 3584 aspnet_state - ok
21:13:21.0777 3584 [ 5C31DFB196CB3A488A041881634D86D2 ] AsSysCtrlService C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe
21:13:21.0777 3584 AsSysCtrlService - ok
21:13:21.0792 3584 [ 1392B92179B07B672720763D9B1028A5 ] AsUpIO C:\Windows\syswow64\drivers\AsUpIO.sys
21:13:21.0792 3584 AsUpIO - ok
21:13:21.0792 3584 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
21:13:21.0808 3584 AsyncMac - ok
21:13:21.0823 3584 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
21:13:21.0823 3584 atapi - ok
21:13:21.0823 3584 [ 24464B908E143D2561E9E452FEE97309 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
21:13:21.0839 3584 AtiHDAudioService - ok
21:13:21.0839 3584 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
21:13:21.0870 3584 AudioEndpointBuilder - ok
21:13:21.0870 3584 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
21:13:21.0901 3584 AudioSrv - ok
21:13:21.0901 3584 [ 26E38B5A58C6C55FAFBC563EEDDB0867 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
21:13:21.0917 3584 avgntflt - ok
21:13:21.0917 3584 [ 9D1F00BEFF84CBBF46D7F052BC7E0565 ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
21:13:21.0917 3584 avipbb - ok
21:13:21.0933 3584 [ 248DB59FC86DE44D2779F4C7FB1A567D ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
21:13:21.0933 3584 avkmgr - ok
21:13:21.0933 3584 [ BD39D7CFD9D6A73396B618113A8E8D57 ] avmaudio C:\Windows\system32\DRIVERS\avmaudio.sys
21:13:21.0948 3584 avmaudio - ok
21:13:21.0948 3584 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
21:13:21.0964 3584 AxInstSV - ok
21:13:21.0964 3584 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
21:13:21.0979 3584 b06bdrv - ok
21:13:21.0979 3584 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
21:13:21.0995 3584 b57nd60a - ok
21:13:21.0995 3584 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
21:13:22.0011 3584 BDESVC - ok
21:13:22.0011 3584 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
21:13:22.0042 3584 Beep - ok
21:13:22.0042 3584 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
21:13:22.0073 3584 BFE - ok
21:13:22.0089 3584 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
21:13:22.0104 3584 BITS - ok
21:13:22.0120 3584 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
21:13:22.0120 3584 blbdrive - ok
21:13:22.0120 3584 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
21:13:22.0135 3584 bowser - ok
21:13:22.0135 3584 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
21:13:22.0151 3584 BrFiltLo - ok
21:13:22.0151 3584 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
21:13:22.0167 3584 BrFiltUp - ok
21:13:22.0167 3584 [ 8EF0D5C41EC907751B8429162B1239ED ] Browser C:\Windows\System32\browser.dll
21:13:22.0182 3584 Browser - ok
21:13:22.0198 3584 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
21:13:22.0198 3584 Brserid - ok
21:13:22.0213 3584 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
21:13:22.0213 3584 BrSerWdm - ok
21:13:22.0213 3584 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
21:13:22.0229 3584 BrUsbMdm - ok
21:13:22.0229 3584 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
21:13:22.0245 3584 BrUsbSer - ok
21:13:22.0245 3584 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
21:13:22.0245 3584 BTHMODEM - ok
21:13:22.0260 3584 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
21:13:22.0276 3584 bthserv - ok
21:13:22.0276 3584 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
21:13:22.0307 3584 cdfs - ok
21:13:22.0307 3584 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
21:13:22.0323 3584 cdrom - ok
21:13:22.0323 3584 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
21:13:22.0338 3584 CertPropSvc - ok
21:13:22.0354 3584 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
21:13:22.0354 3584 circlass - ok
21:13:22.0369 3584 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
21:13:22.0369 3584 CLFS - ok
21:13:22.0385 3584 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:13:22.0385 3584 clr_optimization_v2.0.50727_32 - ok
21:13:22.0401 3584 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
21:13:22.0401 3584 clr_optimization_v2.0.50727_64 - ok
21:13:22.0401 3584 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
21:13:22.0416 3584 clr_optimization_v4.0.30319_32 - ok
21:13:22.0432 3584 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
21:13:22.0432 3584 clr_optimization_v4.0.30319_64 - ok
21:13:22.0432 3584 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
21:13:22.0447 3584 CmBatt - ok
21:13:22.0447 3584 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
21:13:22.0463 3584 cmdide - ok
21:13:22.0463 3584 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
21:13:22.0479 3584 CNG - ok
21:13:22.0479 3584 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
21:13:22.0494 3584 Compbatt - ok
21:13:22.0494 3584 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
21:13:22.0494 3584 CompositeBus - ok
21:13:22.0510 3584 COMSysApp - ok
21:13:22.0510 3584 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
21:13:22.0510 3584 crcdisk - ok
21:13:22.0525 3584 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\Windows\system32\cryptsvc.dll
21:13:22.0525 3584 CryptSvc - ok
21:13:22.0541 3584 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\Windows\system32\drivers\csc.sys
21:13:22.0557 3584 CSC - ok
21:13:22.0557 3584 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\Windows\System32\cscsvc.dll
21:13:22.0572 3584 CscService - ok
21:13:22.0588 3584 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
21:13:22.0603 3584 DcomLaunch - ok
21:13:22.0603 3584 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
21:13:22.0635 3584 defragsvc - ok
21:13:22.0635 3584 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
21:13:22.0666 3584 DfsC - ok
21:13:22.0666 3584 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
21:13:22.0697 3584 Dhcp - ok
21:13:22.0697 3584 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
21:13:22.0713 3584 discache - ok
21:13:22.0728 3584 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
21:13:22.0728 3584 Disk - ok
21:13:22.0728 3584 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
21:13:22.0744 3584 Dnscache - ok
21:13:22.0744 3584 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
21:13:22.0775 3584 dot3svc - ok
21:13:22.0775 3584 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
21:13:22.0791 3584 DPS - ok
21:13:22.0806 3584 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
21:13:22.0806 3584 drmkaud - ok
21:13:22.0822 3584 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
21:13:22.0837 3584 DXGKrnl - ok
21:13:22.0837 3584 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
21:13:22.0869 3584 EapHost - ok
21:13:22.0884 3584 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
21:13:22.0931 3584 ebdrv - ok
21:13:22.0931 3584 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
21:13:22.0947 3584 EFS - ok
21:13:22.0947 3584 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
21:13:22.0962 3584 ehRecvr - ok
21:13:22.0978 3584 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
21:13:22.0978 3584 ehSched - ok
21:13:22.0993 3584 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
21:13:22.0993 3584 elxstor - ok
21:13:23.0009 3584 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
21:13:23.0009 3584 ErrDev - ok
21:13:23.0025 3584 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
21:13:23.0040 3584 EventSystem - ok
21:13:23.0056 3584 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
21:13:23.0071 3584 exfat - ok
21:13:23.0071 3584 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
21:13:23.0103 3584 fastfat - ok
21:13:23.0118 3584 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
21:13:23.0118 3584 Fax - ok
21:13:23.0134 3584 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
21:13:23.0134 3584 fdc - ok
21:13:23.0134 3584 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
21:13:23.0165 3584 fdPHost - ok
21:13:23.0165 3584 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
21:13:23.0181 3584 FDResPub - ok
21:13:23.0196 3584 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
21:13:23.0196 3584 FileInfo - ok
21:13:23.0196 3584 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
21:13:23.0227 3584 Filetrace - ok
21:13:23.0227 3584 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
21:13:23.0243 3584 flpydisk - ok
21:13:23.0243 3584 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
21:13:23.0259 3584 FltMgr - ok
21:13:23.0259 3584 [ E94E042BC24BB301767A8125D529B705 ] fltsrv C:\Windows\system32\DRIVERS\fltsrv.sys
21:13:23.0274 3584 fltsrv - ok
21:13:23.0274 3584 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
21:13:23.0290 3584 FontCache - ok
21:13:23.0305 3584 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
21:13:23.0305 3584 FontCache3.0.0.0 - ok
21:13:23.0305 3584 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
21:13:23.0321 3584 FsDepends - ok
21:13:23.0321 3584 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
21:13:23.0321 3584 Fs_Rec - ok
21:13:23.0337 3584 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
21:13:23.0337 3584 fvevol - ok
21:13:23.0352 3584 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
21:13:23.0352 3584 gagp30kx - ok
21:13:23.0368 3584 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
21:13:23.0383 3584 gpsvc - ok
21:13:23.0399 3584 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
21:13:23.0399 3584 hcw85cir - ok
21:13:23.0399 3584 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
21:13:23.0415 3584 HdAudAddService - ok
21:13:23.0415 3584 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
21:13:23.0430 3584 HDAudBus - ok
21:13:23.0430 3584 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
21:13:23.0446 3584 HidBatt - ok
21:13:23.0446 3584 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
21:13:23.0461 3584 HidBth - ok
21:13:23.0461 3584 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
21:13:23.0461 3584 HidIr - ok
21:13:23.0461 3584 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
21:13:23.0493 3584 hidserv - ok
21:13:23.0493 3584 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
21:13:23.0508 3584 HidUsb - ok
21:13:23.0508 3584 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
21:13:23.0524 3584 hkmsvc - ok
21:13:23.0539 3584 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
21:13:23.0539 3584 HomeGroupListener - ok
21:13:23.0539 3584 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
21:13:23.0555 3584 HomeGroupProvider - ok
21:13:23.0555 3584 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
21:13:23.0571 3584 HpSAMD - ok
21:13:23.0571 3584 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
21:13:23.0602 3584 HTTP - ok
21:13:23.0602 3584 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
21:13:23.0617 3584 hwpolicy - ok
21:13:23.0617 3584 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
21:13:23.0617 3584 i8042prt - ok
21:13:23.0633 3584 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
21:13:23.0649 3584 iaStorV - ok
21:13:23.0649 3584 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
21:13:23.0664 3584 idsvc - ok
21:13:23.0664 3584 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
21:13:23.0680 3584 iirsp - ok
21:13:23.0680 3584 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
21:13:23.0711 3584 IKEEXT - ok
21:13:23.0742 3584 [ 589B94A9B73A0E819FF873743A480834 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
21:13:23.0773 3584 IntcAzAudAddService - ok
21:13:23.0773 3584 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
21:13:23.0773 3584 intelide - ok
21:13:23.0773 3584 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
21:13:23.0789 3584 intelppm - ok
21:13:23.0789 3584 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
21:13:23.0820 3584 IPBusEnum - ok
21:13:23.0820 3584 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:13:23.0836 3584 IpFilterDriver - ok
21:13:23.0851 3584 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
21:13:23.0867 3584 iphlpsvc - ok
21:13:23.0883 3584 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
21:13:23.0883 3584 IPMIDRV - ok
21:13:23.0883 3584 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
21:13:23.0914 3584 IPNAT - ok
21:13:23.0914 3584 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
21:13:23.0929 3584 IRENUM - ok
21:13:23.0929 3584 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
21:13:23.0929 3584 isapnp - ok
21:13:23.0929 3584 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
21:13:23.0945 3584 iScsiPrt - ok
21:13:23.0945 3584 [ 79A55E8907F34AB569029505418C35EF ] JRAID C:\Windows\system32\DRIVERS\jraid.sys
21:13:23.0961 3584 JRAID - ok
21:13:23.0961 3584 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
21:13:23.0961 3584 kbdclass - ok
21:13:23.0976 3584 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
21:13:23.0976 3584 kbdhid - ok
21:13:23.0976 3584 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
21:13:23.0992 3584 KeyIso - ok
21:13:23.0992 3584 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
21:13:23.0992 3584 KSecDD - ok
21:13:24.0007 3584 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
21:13:24.0007 3584 KSecPkg - ok
21:13:24.0007 3584 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
21:13:24.0039 3584 ksthunk - ok
21:13:24.0039 3584 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
21:13:24.0070 3584 KtmRm - ok
21:13:24.0070 3584 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
21:13:24.0101 3584 LanmanServer - ok
21:13:24.0101 3584 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
21:13:24.0117 3584 LanmanWorkstation - ok
21:13:24.0132 3584 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
21:13:24.0148 3584 lltdio - ok
21:13:24.0148 3584 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
21:13:24.0179 3584 lltdsvc - ok
21:13:24.0179 3584 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
21:13:24.0210 3584 lmhosts - ok
21:13:24.0210 3584 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
21:13:24.0210 3584 LSI_FC - ok
21:13:24.0226 3584 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
21:13:24.0226 3584 LSI_SAS - ok
21:13:24.0226 3584 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
21:13:24.0241 3584 LSI_SAS2 - ok
21:13:24.0241 3584 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
21:13:24.0257 3584 LSI_SCSI - ok
21:13:24.0257 3584 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
21:13:24.0273 3584 luafv - ok
21:13:24.0288 3584 [ B9FC4CCE5758B816F27DD4D1EED11841 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
21:13:24.0288 3584 MBAMProtector - ok
21:13:24.0288 3584 [ 0DCF16B1449811EFA47AB52CAC84093C ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
21:13:24.0304 3584 MBAMScheduler - ok
21:13:24.0304 3584 [ 9EAABA4D601004BEA4DAA6E146E19A96 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
21:13:24.0319 3584 MBAMService - ok
21:13:24.0319 3584 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
21:13:24.0335 3584 Mcx2Svc - ok
21:13:24.0335 3584 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
21:13:24.0351 3584 megasas - ok
21:13:24.0351 3584 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
21:13:24.0366 3584 MegaSR - ok
21:13:24.0366 3584 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
21:13:24.0382 3584 MMCSS - ok
21:13:24.0397 3584 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
21:13:24.0413 3584 Modem - ok
21:13:24.0413 3584 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
21:13:24.0429 3584 monitor - ok
21:13:24.0429 3584 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
21:13:24.0429 3584 mouclass - ok
21:13:24.0444 3584 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
21:13:24.0444 3584 mouhid - ok
21:13:24.0444 3584 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
21:13:24.0460 3584 mountmgr - ok
21:13:24.0460 3584 [ CB8AF049AC9BE419A77ADAE288673359 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
21:13:24.0475 3584 MozillaMaintenance - ok
21:13:24.0475 3584 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
21:13:24.0475 3584 mpio - ok
21:13:24.0491 3584 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
21:13:24.0507 3584 mpsdrv - ok
21:13:24.0522 3584 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
21:13:24.0553 3584 MpsSvc - ok
21:13:24.0553 3584 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
21:13:24.0569 3584 MRxDAV - ok
21:13:24.0569 3584 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
21:13:24.0585 3584 mrxsmb - ok
21:13:24.0585 3584 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:13:24.0585 3584 mrxsmb10 - ok
21:13:24.0600 3584 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:13:24.0600 3584 mrxsmb20 - ok
21:13:24.0600 3584 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
21:13:24.0616 3584 msahci - ok
21:13:24.0616 3584 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
21:13:24.0631 3584 msdsm - ok
21:13:24.0631 3584 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
21:13:24.0631 3584 MSDTC - ok
21:13:24.0647 3584 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
21:13:24.0663 3584 Msfs - ok
21:13:24.0663 3584 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
21:13:24.0694 3584 mshidkmdf - ok
21:13:24.0694 3584 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
21:13:24.0694 3584 msisadrv - ok
21:13:24.0709 3584 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
21:13:24.0725 3584 MSiSCSI - ok
21:13:24.0725 3584 msiserver - ok
21:13:24.0741 3584 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
21:13:24.0756 3584 MSKSSRV - ok
21:13:24.0756 3584 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
21:13:24.0787 3584 MSPCLOCK - ok
21:13:24.0787 3584 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
21:13:24.0803 3584 MSPQM - ok
21:13:24.0819 3584 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
21:13:24.0819 3584 MsRPC - ok
21:13:24.0834 3584 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
21:13:24.0834 3584 mssmbios - ok
21:13:24.0834 3584 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
21:13:24.0865 3584 MSTEE - ok
21:13:24.0865 3584 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
21:13:24.0865 3584 MTConfig - ok
21:13:24.0865 3584 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
21:13:24.0881 3584 Mup - ok
21:13:24.0881 3584 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
21:13:24.0912 3584 napagent - ok
21:13:24.0912 3584 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
21:13:24.0928 3584 NativeWifiP - ok
21:13:24.0943 3584 [ 79B47FD40D9A817E932F9D26FAC0A81C ] NDIS C:\Windows\system32\drivers\ndis.sys
21:13:24.0959 3584 NDIS - ok
21:13:24.0959 3584 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
21:13:24.0975 3584 NdisCap - ok
21:13:24.0990 3584 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
21:13:25.0006 3584 NdisTapi - ok
21:13:25.0006 3584 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
21:13:25.0037 3584 Ndisuio - ok
21:13:25.0037 3584 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
21:13:25.0053 3584 NdisWan - ok
21:13:25.0068 3584 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
21:13:25.0084 3584 NDProxy - ok
21:13:25.0084 3584 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
21:13:25.0099 3584 NetBIOS - ok
21:13:25.0115 3584 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
21:13:25.0131 3584 NetBT - ok
21:13:25.0131 3584 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
21:13:25.0146 3584 Netlogon - ok
21:13:25.0146 3584 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
21:13:25.0177 3584 Netman - ok
21:13:25.0177 3584 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:13:25.0193 3584 NetMsmqActivator - ok
21:13:25.0193 3584 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:13:25.0193 3584 NetPipeActivator - ok
21:13:25.0209 3584 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
21:13:25.0224 3584 netprofm - ok
21:13:25.0224 3584 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:13:25.0240 3584 NetTcpActivator - ok
21:13:25.0240 3584 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:13:25.0255 3584 NetTcpPortSharing - ok
21:13:25.0255 3584 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
21:13:25.0255 3584 nfrd960 - ok
21:13:25.0271 3584 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
21:13:25.0287 3584 NlaSvc - ok
21:13:25.0302 3584 [ B1EF4686961986DFFB7FE8F18E6FCB5B ] nlsX86cc C:\Windows\SysWOW64\nlssrv32.exe
21:13:25.0318 3584 nlsX86cc - ok
21:13:25.0318 3584 [ 907B5E1E4A592E5EDC5E4CCBDE4863C2 ] nmwcd C:\Windows\system32\drivers\ccdcmbx64.sys
21:13:25.0333 3584 nmwcd - ok
21:13:25.0333 3584 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
21:13:25.0365 3584 Npfs - ok
21:13:25.0365 3584 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
21:13:25.0380 3584 nsi - ok
21:13:25.0380 3584 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
21:13:25.0411 3584 nsiproxy - ok
21:13:25.0427 3584 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
21:13:25.0458 3584 Ntfs - ok
21:13:25.0458 3584 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
21:13:25.0474 3584 Null - ok
21:13:25.0489 3584 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
21:13:25.0489 3584 nvraid - ok
21:13:25.0489 3584 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
21:13:25.0505 3584 nvstor - ok
21:13:25.0505 3584 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
21:13:25.0521 3584 nv_agp - ok
21:13:25.0521 3584 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
21:13:25.0521 3584 ohci1394 - ok
21:13:25.0536 3584 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
21:13:25.0536 3584 p2pimsvc - ok
21:13:25.0552 3584 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
21:13:25.0567 3584 p2psvc - ok
21:13:25.0567 3584 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
21:13:25.0567 3584 Parport - ok
21:13:25.0583 3584 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
21:13:25.0583 3584 partmgr - ok
21:13:25.0583 3584 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
21:13:25.0599 3584 PcaSvc - ok
21:13:25.0599 3584 [ BC0018C2D29F655188A0ED3FA94FDB24 ] pccsmcfd C:\Windows\system32\DRIVERS\pccsmcfdx64.sys
21:13:25.0614 3584 pccsmcfd - ok
21:13:25.0614 3584 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
21:13:25.0630 3584 pci - ok
21:13:25.0630 3584 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
21:13:25.0630 3584 pciide - ok
21:13:25.0630 3584 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
21:13:25.0645 3584 pcmcia - ok
21:13:25.0645 3584 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
21:13:25.0661 3584 pcw - ok
21:13:25.0661 3584 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
21:13:25.0692 3584 PEAUTH - ok
21:13:25.0708 3584 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
21:13:25.0723 3584 PeerDistSvc - ok
21:13:25.0723 3584 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
21:13:25.0739 3584 PerfHost - ok
21:13:25.0755 3584 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
21:13:25.0786 3584 pla - ok
21:13:25.0786 3584 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
21:13:25.0801 3584 PlugPlay - ok
21:13:25.0817 3584 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
21:13:25.0817 3584 PNRPAutoReg - ok
21:13:25.0817 3584 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
21:13:25.0833 3584 PNRPsvc - ok
21:13:25.0833 3584 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
21:13:25.0864 3584 PolicyAgent - ok
21:13:25.0864 3584 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
21:13:25.0895 3584 Power - ok
21:13:25.0895 3584 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
21:13:25.0926 3584 PptpMiniport - ok
21:13:25.0926 3584 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
21:13:25.0926 3584 Processor - ok
21:13:25.0942 3584 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
21:13:25.0942 3584 ProfSvc - ok
21:13:25.0942 3584 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
21:13:25.0957 3584 ProtectedStorage - ok
21:13:25.0957 3584 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
21:13:25.0989 3584 Psched - ok
21:13:26.0004 3584 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
21:13:26.0020 3584 ql2300 - ok
21:13:26.0020 3584 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
21:13:26.0035 3584 ql40xx - ok
21:13:26.0035 3584 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
21:13:26.0051 3584 QWAVE - ok
21:13:26.0051 3584 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
21:13:26.0067 3584 QWAVEdrv - ok
21:13:26.0067 3584 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
21:13:26.0082 3584 RasAcd - ok
21:13:26.0098 3584 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
21:13:26.0113 3584 RasAgileVpn - ok
21:13:26.0113 3584 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
21:13:26.0145 3584 RasAuto - ok
21:13:26.0145 3584 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
21:13:26.0160 3584 Rasl2tp - ok
21:13:26.0176 3584 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
21:13:26.0191 3584 RasMan - ok
21:13:26.0191 3584 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
21:13:26.0223 3584 RasPppoe - ok
21:13:26.0223 3584 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
21:13:26.0254 3584 RasSstp - ok
21:13:26.0254 3584 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
21:13:26.0269 3584 rdbss - ok
21:13:26.0285 3584 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
21:13:26.0285 3584 rdpbus - ok
21:13:26.0285 3584 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
21:13:26.0316 3584 RDPCDD - ok
21:13:26.0316 3584 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
21:13:26.0332 3584 RDPDR - ok
21:13:26.0332 3584 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
21:13:26.0347 3584 RDPENCDD - ok
21:13:26.0363 3584 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
21:13:26.0379 3584 RDPREFMP - ok
21:13:26.0379 3584 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
21:13:26.0394 3584 RDPWD - ok
21:13:26.0394 3584 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
21:13:26.0410 3584 rdyboost - ok
21:13:26.0410 3584 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
21:13:26.0425 3584 RemoteAccess - ok
21:13:26.0441 3584 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
21:13:26.0457 3584 RemoteRegistry - ok
21:13:26.0457 3584 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
21:13:26.0488 3584 RpcEptMapper - ok
21:13:26.0488 3584 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
21:13:26.0503 3584 RpcLocator - ok
21:13:26.0503 3584 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
21:13:26.0535 3584 RpcSs - ok
21:13:26.0535 3584 [ 2ABD2B3BA2EF0C3BA82284C2A5E28675 ] RRNetCap C:\Windows\system32\DRIVERS\rrnetcap.sys
21:13:26.0535 3584 RRNetCap - ok
21:13:26.0535 3584 [ 2ABD2B3BA2EF0C3BA82284C2A5E28675 ] RRNetCapMP C:\Windows\system32\DRIVERS\rrnetcap.sys
21:13:26.0550 3584 RRNetCapMP - ok
21:13:26.0550 3584 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
21:13:26.0566 3584 rspndr - ok
21:13:26.0581 3584 [ 52959C47105E18B4377F77A821D945CE ] rsvcdwdr C:\Windows\system32\DRIVERS\rsvcdwdr.sys
21:13:26.0581 3584 rsvcdwdr - ok
21:13:26.0581 3584 [ EE082E06A82FF630351D1E0EBBD3D8D0 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
21:13:26.0597 3584 RTL8167 - ok
21:13:26.0597 3584 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
21:13:26.0613 3584 s3cap - ok
21:13:26.0613 3584 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
21:13:26.0613 3584 SamSs - ok
21:13:26.0628 3584 [ 5EFBBFCC6ADAC121C8E2FE76641ED329 ] SANDRA C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2011.SP5\WNt500x64\Sandra.sys
21:13:26.0628 3584 SANDRA - ok
21:13:26.0628 3584 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
21:13:26.0644 3584 sbp2port - ok
21:13:26.0644 3584 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
21:13:26.0675 3584 SCardSvr - ok
21:13:26.0675 3584 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
21:13:26.0691 3584 scfilter - ok
21:13:26.0706 3584 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
21:13:26.0737 3584 Schedule - ok
21:13:26.0737 3584 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
21:13:26.0753 3584 SCPolicySvc - ok
21:13:26.0769 3584 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
21:13:26.0769 3584 SDRSVC - ok
21:13:26.0784 3584 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
21:13:26.0800 3584 secdrv - ok
21:13:26.0800 3584 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
21:13:26.0815 3584 seclogon - ok
21:13:26.0831 3584 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
21:13:26.0847 3584 SENS - ok
21:13:26.0847 3584 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
21:13:26.0862 3584 SensrSvc - ok
21:13:26.0862 3584 [ B45B49C37B7FAF3B60E3DD30D7B6FAF3 ] Ser2pl C:\Windows\system32\DRIVERS\ser2pl64.sys
21:13:26.0878 3584 Ser2pl - ok
21:13:26.0878 3584 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
21:13:26.0878 3584 Serenum - ok
21:13:26.0878 3584 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
21:13:26.0893 3584 Serial - ok
21:13:26.0893 3584 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
21:13:26.0909 3584 sermouse - ok
21:13:26.0909 3584 [ 8C1F87F5FDD92229D1754B98F073913F ] ServiceLayer C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
21:13:26.0925 3584 ServiceLayer ( UnsignedFile.Multi.Generic ) - warning
21:13:26.0925 3584 ServiceLayer - detected UnsignedFile.Multi.Generic (1)
21:13:26.0925 3584 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
21:13:26.0956 3584 SessionEnv - ok
21:13:26.0956 3584 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
21:13:26.0971 3584 sffdisk - ok
21:13:26.0971 3584 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
21:13:26.0971 3584 sffp_mmc - ok
21:13:26.0971 3584 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
21:13:26.0987 3584 sffp_sd - ok
21:13:26.0987 3584 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
21:13:27.0003 3584 sfloppy - ok
21:13:27.0003 3584 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
21:13:27.0034 3584 SharedAccess - ok
21:13:27.0034 3584 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
21:13:27.0049 3584 ShellHWDetection - ok
21:13:27.0065 3584 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
21:13:27.0065 3584 SiSRaid2 - ok
21:13:27.0065 3584 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
21:13:27.0081 3584 SiSRaid4 - ok
21:13:27.0081 3584 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
21:13:27.0112 3584 Smb - ok
21:13:27.0112 3584 [ BBFB94699C8C265A6AF5FD51BDE26DFC ] snapman C:\Windows\system32\DRIVERS\snapman.sys
21:13:27.0127 3584 snapman - ok
21:13:27.0127 3584 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
21:13:27.0127 3584 SNMPTRAP - ok
21:13:27.0143 3584 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
21:13:27.0143 3584 spldr - ok
21:13:27.0143 3584 [ B96C17B5DC1424D56EEA3A99E97428CD ] Spooler C:\Windows\System32\spoolsv.exe
21:13:27.0174 3584 Spooler - ok
21:13:27.0205 3584 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
21:13:27.0252 3584 sppsvc - ok
21:13:27.0268 3584 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
21:13:27.0283 3584 sppuinotify - ok
21:13:27.0299 3584 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
21:13:27.0299 3584 srv - ok
21:13:27.0315 3584 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
21:13:27.0315 3584 srv2 - ok
21:13:27.0330 3584 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
21:13:27.0330 3584 srvnet - ok
21:13:27.0346 3584 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
21:13:27.0361 3584 SSDPSRV - ok
21:13:27.0361 3584 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
21:13:27.0393 3584 SstpSvc - ok
21:13:27.0393 3584 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
21:13:27.0393 3584 stexstor - ok
21:13:27.0408 3584 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
21:13:27.0424 3584 stisvc - ok
21:13:27.0424 3584 [ 7785DC213270D2FC066538DAF94087E7 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
21:13:27.0439 3584 storflt - ok
21:13:27.0439 3584 [ C40841817EF57D491F22EB103DA587CC ] StorSvc C:\Windows\system32\storsvc.dll
21:13:27.0439 3584 StorSvc - ok
21:13:27.0455 3584 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\Windows\system32\drivers\storvsc.sys
21:13:27.0455 3584 storvsc - ok
21:13:27.0455 3584 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
21:13:27.0471 3584 swenum - ok
21:13:27.0471 3584 [ F577910A133A592234EBAAD3F3AFA258 ] SwitchBoard C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
21:13:27.0486 3584 SwitchBoard ( UnsignedFile.Multi.Generic ) - warning
21:13:27.0486 3584 SwitchBoard - detected UnsignedFile.Multi.Generic (1)
21:13:27.0486 3584 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
21:13:27.0517 3584 swprv - ok
21:13:27.0564 3584 [ 6ECA1DCBE9A944239E3F01E0ADE6440A ] syncagentsrv C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
21:13:27.0642 3584 syncagentsrv - ok
21:13:27.0658 3584 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
21:13:27.0689 3584 SysMain - ok
21:13:27.0689 3584 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
21:13:27.0705 3584 TabletInputService - ok
21:13:27.0705 3584 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
21:13:27.0736 3584 TapiSrv - ok
21:13:27.0736 3584 [ 4430E9B4C60AAB672D16E801BAD0555E ] tbhsd C:\Windows\system32\drivers\tbhsd.sys
21:13:27.0736 3584 tbhsd - ok
21:13:27.0736 3584 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
21:13:27.0767 3584 TBS - ok
21:13:27.0783 3584 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
21:13:27.0798 3584 Tcpip - ok
21:13:27.0814 3584 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
21:13:27.0845 3584 TCPIP6 - ok
21:13:27.0845 3584 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
21:13:27.0876 3584 tcpipreg - ok
21:13:27.0876 3584 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
21:13:27.0876 3584 TDPIPE - ok
21:13:27.0892 3584 [ 9C1A823D4E729C965167B6E71E984296 ] tdrpman C:\Windows\system32\DRIVERS\tdrpman.sys
21:13:27.0907 3584 tdrpman - ok
21:13:27.0923 3584 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
21:13:27.0923 3584 TDTCP - ok
21:13:27.0923 3584 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
21:13:27.0954 3584 tdx - ok
21:13:27.0954 3584 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
21:13:27.0954 3584 TermDD - ok
21:13:27.0970 3584 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
21:13:28.0001 3584 TermService - ok
21:13:28.0001 3584 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
21:13:28.0017 3584 Themes - ok
21:13:28.0017 3584 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
21:13:28.0032 3584 THREADORDER - ok
21:13:28.0048 3584 [ 990447334615A0DB84F620E1426DCFE0 ] timounter C:\Windows\system32\DRIVERS\timntr.sys
21:13:28.0079 3584 timounter - ok
21:13:28.0079 3584 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
21:13:28.0110 3584 TrkWks - ok
21:13:28.0110 3584 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
21:13:28.0141 3584 TrustedInstaller - ok
21:13:28.0141 3584 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
21:13:28.0157 3584 tssecsrv - ok
21:13:28.0157 3584 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
21:13:28.0173 3584 TsUsbFlt - ok
21:13:28.0188 3584 [ 811A229718C85356BC81EB20F35EB7F6 ] TuneUp.UtilitiesSvc C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe
21:13:28.0235 3584 TuneUp.UtilitiesSvc - ok
21:13:28.0235 3584 [ DCC94C51D27C7EC0DADECA8F64C94FCF ] TuneUpUtilitiesDrv C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys
21:13:28.0235 3584 TuneUpUtilitiesDrv - ok
21:13:28.0251 3584 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
21:13:28.0266 3584 tunnel - ok
21:13:28.0266 3584 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
21:13:28.0282 3584 uagp35 - ok
21:13:28.0282 3584 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
21:13:28.0313 3584 udfs - ok
21:13:28.0313 3584 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
21:13:28.0329 3584 UI0Detect - ok
21:13:28.0329 3584 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
21:13:28.0329 3584 uliagpkx - ok
21:13:28.0329 3584 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
21:13:28.0344 3584 umbus - ok
21:13:28.0344 3584 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
21:13:28.0360 3584 UmPass - ok
21:13:28.0360 3584 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\Windows\System32\umrdp.dll
21:13:28.0375 3584 UmRdpService - ok
21:13:28.0375 3584 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
21:13:28.0407 3584 upnphost - ok
21:13:28.0407 3584 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
21:13:28.0422 3584 usbaudio - ok
21:13:28.0422 3584 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
21:13:28.0422 3584 usbccgp - ok
21:13:28.0438 3584 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
21:13:28.0438 3584 usbcir - ok
21:13:28.0438 3584 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
21:13:28.0453 3584 usbehci - ok
21:13:28.0453 3584 [ 573D192E268F0C5B486B7E96F661E538 ] usbfilter C:\Windows\system32\DRIVERS\usbfilter.sys
21:13:28.0453 3584 usbfilter - ok
21:13:28.0469 3584 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
21:13:28.0469 3584 usbhub - ok
21:13:28.0485 3584 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
21:13:28.0485 3584 usbohci - ok
21:13:28.0485 3584 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
21:13:28.0500 3584 usbprint - ok
21:13:28.0500 3584 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
21:13:28.0516 3584 usbscan - ok
21:13:28.0516 3584 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
21:13:28.0516 3584 USBSTOR - ok
21:13:28.0531 3584 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
21:13:28.0531 3584 usbuhci - ok
21:13:28.0531 3584 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
21:13:28.0563 3584 UxSms - ok
21:13:28.0563 3584 [ 5BF180F7F7C2F68ED6D5777840270BCE ] UxTuneUp C:\Windows\System32\uxtuneup.dll
21:13:28.0563 3584 UxTuneUp - ok
21:13:28.0563 3584 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
21:13:28.0578 3584 VaultSvc - ok
21:13:28.0578 3584 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
21:13:28.0578 3584 vdrvroot - ok
21:13:28.0594 3584 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
21:13:28.0625 3584 vds - ok
21:13:28.0625 3584 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
21:13:28.0625 3584 vga - ok
21:13:28.0641 3584 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
21:13:28.0656 3584 VgaSave - ok
21:13:28.0656 3584 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
21:13:28.0672 3584 vhdmp - ok
21:13:28.0672 3584 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
21:13:28.0672 3584 viaide - ok
21:13:28.0687 3584 [ EE12FAFFDD1FB13BE0D6EF67CB0D1617 ] vididr C:\Windows\system32\DRIVERS\vididr.sys
21:13:28.0687 3584 vididr - ok
21:13:28.0703 3584 [ 2DFD1EB9DE564460003DE1605A275E8D ] vidsflt61 C:\Windows\system32\DRIVERS\vsflt61.sys
21:13:28.0703 3584 vidsflt61 - ok
21:13:28.0703 3584 [ AE67D8610B143162E8B1C969EE41D39D ] Virtual CDAudio Service C:\Program Files (x86)\RapidSolution\AudialsOne 4\VCDWriter\64\VCDAudioService.exe
21:13:28.0719 3584 Virtual CDAudio Service - ok
21:13:28.0719 3584 [ 86EA3E79AE350FEA5331A1303054005F ] vmbus C:\Windows\system32\drivers\vmbus.sys
21:13:28.0734 3584 vmbus - ok
21:13:28.0734 3584 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
21:13:28.0734 3584 VMBusHID - ok
21:13:28.0734 3584 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
21:13:28.0750 3584 volmgr - ok
21:13:28.0750 3584 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
21:13:28.0765 3584 volmgrx - ok
21:13:28.0765 3584 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
21:13:28.0781 3584 volsnap - ok
21:13:28.0781 3584 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
21:13:28.0797 3584 vsmraid - ok
21:13:28.0812 3584 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
21:13:28.0843 3584 VSS - ok
21:13:28.0843 3584 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
21:13:28.0859 3584 vwifibus - ok
21:13:28.0859 3584 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
21:13:28.0890 3584 W32Time - ok
21:13:28.0890 3584 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
21:13:28.0906 3584 WacomPen - ok
21:13:28.0906 3584 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
21:13:28.0921 3584 WANARP - ok
21:13:28.0937 3584 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
21:13:28.0953 3584 Wanarpv6 - ok
21:13:28.0968 3584 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
21:13:28.0984 3584 wbengine - ok
21:13:28.0999 3584 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
21:13:28.0999 3584 WbioSrvc - ok
21:13:29.0015 3584 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
21:13:29.0031 3584 wcncsvc - ok
21:13:29.0031 3584 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
21:13:29.0031 3584 WcsPlugInService - ok
21:13:29.0046 3584 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
21:13:29.0046 3584 Wd - ok
21:13:29.0062 3584 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
21:13:29.0077 3584 Wdf01000 - ok
21:13:29.0077 3584 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
21:13:29.0093 3584 WdiServiceHost - ok
21:13:29.0109 3584 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
21:13:29.0109 3584 WdiSystemHost - ok
21:13:29.0124 3584 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
21:13:29.0124 3584 WebClient - ok
21:13:29.0140 3584 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
21:13:29.0171 3584 Wecsvc - ok
21:13:29.0171 3584 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
21:13:29.0187 3584 wercplsupport - ok
21:13:29.0187 3584 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
21:13:29.0218 3584 WerSvc - ok
21:13:29.0218 3584 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
21:13:29.0233 3584 WfpLwf - ok
21:13:29.0249 3584 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
21:13:29.0249 3584 WIMMount - ok
21:13:29.0249 3584 WinDefend - ok
21:13:29.0265 3584 WinHttpAutoProxySvc - ok
21:13:29.0265 3584 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
21:13:29.0296 3584 Winmgmt - ok
21:13:29.0311 3584 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
21:13:29.0343 3584 WinRM - ok
21:13:29.0358 3584 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
21:13:29.0358 3584 WinUsb - ok
21:13:29.0374 3584 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
21:13:29.0389 3584 Wlansvc - ok
21:13:29.0389 3584 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
21:13:29.0405 3584 WmiAcpi - ok
21:13:29.0405 3584 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
21:13:29.0421 3584 wmiApSrv - ok
21:13:29.0421 3584 WMPNetworkSvc - ok
21:13:29.0421 3584 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
21:13:29.0436 3584 WPCSvc - ok
21:13:29.0436 3584 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
21:13:29.0452 3584 WPDBusEnum - ok
21:13:29.0452 3584 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
21:13:29.0467 3584 ws2ifsl - ok
21:13:29.0467 3584 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
21:13:29.0483 3584 wscsvc - ok
21:13:29.0483 3584 WSearch - ok
21:13:29.0514 3584 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
21:13:29.0545 3584 wuauserv - ok
21:13:29.0545 3584 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
21:13:29.0561 3584 WudfPf - ok
21:13:29.0577 3584 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
21:13:29.0592 3584 WUDFRd - ok
21:13:29.0592 3584 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
21:13:29.0623 3584 wudfsvc - ok
21:13:29.0623 3584 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
21:13:29.0639 3584 WwanSvc - ok
21:13:29.0639 3584 ================ Scan global ===============================
21:13:29.0639 3584 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
21:13:29.0655 3584 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
21:13:29.0655 3584 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
21:13:29.0655 3584 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
21:13:29.0655 3584 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
21:13:29.0670 3584 [Global] - ok
21:13:29.0670 3584 ================ Scan MBR ==================================
21:13:29.0670 3584 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
21:13:29.0733 3584 \Device\Harddisk0\DR0 - ok
21:13:29.0733 3584 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
21:13:29.0779 3584 \Device\Harddisk1\DR1 - ok
21:13:29.0795 3584 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk2\DR2
21:13:29.0904 3584 \Device\Harddisk2\DR2 - ok
21:13:29.0904 3584 ================ Scan VBR ==================================
21:13:29.0904 3584 [ 5FE86135674B6DF27CFBC3505090D425 ] \Device\Harddisk0\DR0\Partition1
21:13:29.0920 3584 \Device\Harddisk0\DR0\Partition1 - ok
21:13:29.0920 3584 [ 96D8538C594C049E678359DB0A726BC8 ] \Device\Harddisk0\DR0\Partition2
21:13:29.0920 3584 \Device\Harddisk0\DR0\Partition2 - ok
21:13:29.0935 3584 [ 187A982CD3E228D6484537D0E587073F ] \Device\Harddisk1\DR1\Partition1
21:13:29.0935 3584 \Device\Harddisk1\DR1\Partition1 - ok
21:13:29.0935 3584 [ E378C31BCF769DC3A1D21CDC43D008E5 ] \Device\Harddisk2\DR2\Partition1
21:13:29.0951 3584 \Device\Harddisk2\DR2\Partition1 - ok
21:13:29.0951 3584 ============================================================
21:13:29.0951 3584 Scan finished
21:13:29.0951 3584 ============================================================
21:13:29.0951 4616 Detected object count: 2
21:13:29.0951 4616 Actual detected object count: 2
21:14:55.0799 4616 ServiceLayer ( UnsignedFile.Multi.Generic ) - skipped by user
21:14:55.0799 4616 ServiceLayer ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:14:55.0799 4616 SwitchBoard ( UnsignedFile.Multi.Generic ) - skipped by user
21:14:55.0799 4616 SwitchBoard ( UnsignedFile.Multi.Generic ) - User select action: Skip
|
|
20.09.2012, 11:27
| #20 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | 'JS/RunForest.B' eingefangen Dann bitte jetzt CF ausführen: ComboFix Ein Leitfaden und Tutorium zur Nutzung von ComboFix
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat! Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie Zitat:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
20.09.2012, 15:02
| #21 |
| | 'JS/RunForest.B' eingefangen Hallo! Firewall und Antivir habe ich abgestellt auch Acronis und Copernic Desctop search Hoffe mal,das war ausreichend. Code:
ATTFilter ComboFix 12-09-20.01 - user 20.09.2012 15:45:33.1.6 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1252.49.1031.18.8154.6435 [GMT 2:00]
ausgeführt von:: c:\users\user\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Neuer Wiederherstellungspunkt wurde erstellt
.
.
((((((((((((((((((((((( Dateien erstellt von 2012-08-20 bis 2012-09-20 ))))))))))))))))))))))))))))))
.
.
2012-09-20 13:48 . 2012-09-20 13:48 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-09-19 13:23 . 2012-09-19 13:23 -------- d-----w- c:\program files\CDBurnerXP
2012-09-18 21:59 . 2012-08-23 08:26 9310152 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{A72ACB50-0FC9-4F64-893E-FFC40A1E3DB7}\mpengine.dll
2012-09-16 18:02 . 2012-09-16 18:02 -------- d-----w- c:\users\user\AppData\Roaming\Canneverbe Limited
2012-09-16 18:02 . 2012-09-16 18:02 -------- d-----w- c:\programdata\Canneverbe Limited
2012-08-27 17:21 . 2012-08-27 17:21 -------- d-----w- c:\program files (x86)\ESET
2012-08-24 11:20 . 2012-09-17 15:27 -------- d-----w- c:\users\user\AppData\Roaming\dvdcss
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-09-12 12:28 . 2011-09-21 10:05 64462936 ----a-w- c:\windows\system32\MRT.exe
2012-09-07 15:04 . 2012-08-06 10:50 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-08-16 16:50 . 2012-04-03 13:27 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-08-16 16:50 . 2011-09-21 11:55 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"NokiaOviSuite2"="c:\program files (x86)\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe" [2011-09-01 966712]
"AVMUSBFernanschluss"="c:\users\user\AppData\Local\Apps\2.0\BGOLNQ84.ECQ\KEXOTY7Z.9ZQ\frit..tion_8488884cfbcefd60_0002.0002_8541bf1f4a1c673d\AVMAutoStart.exe" [2011-09-23 147456]
"Copernic Desktop Search - Home"="c:\program files (x86)\Copernic Desktop Search - Home\DesktopSearchService.exe" [2012-07-23 1651200]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"NokiaMServer"="c:\program files (x86)\Common Files\Nokia\MPlatform\NokiaMServer" [X]
"AMD AVT"="start AMD Accelerated Video Transcoding device initialization" [X]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2012-08-09 348664]
"TrueImageMonitor.exe"="c:\program files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe" [2011-12-16 5992064]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"JMB36X IDE Setup"="c:\windows\RaidTool\xInsIDE.exe" [2010-09-07 43608]
"ASUS AiChargerPlus Execute"="c:\program files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe" [2010-11-08 465536]
"AdobeCS5.5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" [2011-01-12 1523360]
"AdobeCS6ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" [2012-03-09 1073312]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-06-11 641704]
.
c:\users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OpenOffice.org 3.3.lnk - c:\program files (x86)\OpenOffice.org 3\program\quickstart.exe [2010-12-13 1198592]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
.
R2 AODDriver4.1;AODDriver4.1;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2012-03-05 53888]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-09-07 676936]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-16 250056]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-09-07 25928]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-09-12 114144]
R3 RRNetCap;RRNetCap Service;c:\windows\system32\DRIVERS\rrnetcap.sys [2011-12-20 37480]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R4 syncagentsrv;Acronis Sync Agent Service;c:\program files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe [2011-12-16 5891048]
R4 Virtual CDAudio Service;Virtual CDAudio Service;c:\program files (x86)\RapidSolution\AudialsOne 4\VCDWriter\64\VCDAudioService.exe [2010-11-16 178552]
S0 AiChargerPlus;ASUS Charger Plus Driver;c:\windows\system32\DRIVERS\AiChargerPlus.sys [2010-11-08 14464]
S0 amd_sata;amd_sata;c:\windows\system32\DRIVERS\amd_sata.sys [2011-03-04 78976]
S0 amd_xata;amd_xata;c:\windows\system32\DRIVERS\amd_xata.sys [2011-03-04 38528]
S0 fltsrv;Acronis Storage Filter Management;c:\windows\system32\DRIVERS\fltsrv.sys [2012-02-21 133728]
S0 vididr;Acronis Virtual Disk;c:\windows\system32\DRIVERS\vididr.sys [2012-02-21 211040]
S0 vidsflt61;Acronis Disk Storage Filter (61);c:\windows\system32\DRIVERS\vsflt61.sys [2012-02-21 142944]
S1 AsUpIO;AsUpIO;SysWow64\drivers\AsUpIO.sys [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [2011-09-16 27760]
S2 afcdpsrv;Acronis Nonstop Backup-Dienst;c:\program files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [2012-02-21 3483600]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2012-06-11 239616]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2012-06-11 361984]
S2 AntiVirSchedulerService;Avira Scheduler;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2012-05-08 86224]
S2 AODDriver4.01;AODDriver4.01;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2012-03-05 53888]
S2 asComSvc;ASUS Com Service;c:\program files (x86)\ASUS\AXSP\1.00.13\atkexComSvc.exe [2010-11-03 918144]
S2 asHmComSvc;ASUS HM Com Service;c:\program files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe [2010-12-02 915584]
S2 AsSysCtrlService;ASUS System Control Service;c:\program files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe [2010-10-21 586880]
S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-09-07 399432]
S2 nlsX86cc;Nalpeiron Licensing Service;c:\windows\SysWOW64\nlssrv32.exe [2012-01-31 66560]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe [2012-05-29 2143072]
S3 afcdp;afcdp;c:\windows\system32\DRIVERS\afcdp.sys [2012-02-21 367200]
S3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys [2010-02-18 46136]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2012-06-11 10248192]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2012-06-11 367616]
S3 asmthub3;ASMedia USB3 Hub Service;c:\windows\system32\DRIVERS\asmthub3.sys [2011-02-24 126952]
S3 asmtxhci;ASMEDIA XHCI Service;c:\windows\system32\DRIVERS\asmtxhci.sys [2011-02-24 389608]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [2012-02-23 95760]
S3 avmaudio;AVM Audio;c:\windows\system32\DRIVERS\avmaudio.sys [2011-09-23 116096]
S3 RRNetCapMP;RRNetCapMP;c:\windows\system32\DRIVERS\rrnetcap.sys [2011-12-20 37480]
S3 rsvcdwdr;rsvcdwdr;c:\windows\system32\DRIVERS\rsvcdwdr.sys [2010-11-16 41576]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-06-10 539240]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys [2012-02-09 11856]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys [2010-12-16 47232]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{A8D647C8-65AC-409F-B7B2-3C0FEE1A32F2}]
2010-02-16 17:02 114688 ----a-w- c:\program files (x86)\PixiePack Codec Pack\InstallerHelper.exe
.
Inhalt des "geplante Tasks" Ordners
.
2012-09-20 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-03 16:50]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-11-19 11613288]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2012-04-04 446392]
"Acronis Scheduler2 Service"="c:\program files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe" [2011-08-20 403616]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: DhcpNameServer = 192.168.178.1
FF - ProfilePath - c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\bk7znfkr.default\
FF - user.js: yahoo.homepage.dontask - true
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
ShellIconOverlayIdentifiers- - (no file)
ShellIconOverlayIdentifiers- - (no file)
ShellIconOverlayIdentifiers- - (no file)
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_271_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_271_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe
c:\program files (x86)\ASUS\AI Suite II\AsRoutineController.exe
c:\program files (x86)\ASUS\AI Suite II\DIGI+ VRM\VRMHelp.exe
c:\program files (x86)\ASUS\AI Suite II\TurboV EVO\TurboVHelp.exe
c:\program files (x86)\ASUS\AI Suite II\EPU\EPUHelp.exe
c:\program files (x86)\ASUS\AI Suite II\AI Suite II.exe
c:\program files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2012-09-20 15:50:48 - PC wurde neu gestartet
ComboFix-quarantined-files.txt 2012-09-20 13:50
.
Vor Suchlauf: 9 Verzeichnis(se), 74.276.319.232 Bytes frei
Nach Suchlauf: 12 Verzeichnis(se), 73.800.712.192 Bytes frei
.
- - End Of File - - 5AE056A9C67F545E5EB446E42B48F181
|
|
20.09.2012, 19:49
| #22 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | 'JS/RunForest.B' eingefangen Bitte nun Logs mit GMER und OSAM erstellen und posten. GMER stürzt häufiger ab, wenn das Tool auch beim 2. Mal nicht will, lass es einfach weg und führ nur OSAM aus - die Online-Abfrage durch OSAM bitte überspringen. Bei OSAM bitte darauf auch achten, dass Du das Log auch als *.log und nicht *.html oder so abspeicherst. Hinweis: Zum Entpacken von OSAM bitte WinRAR oder 7zip verwenden! Stell auch unbedingt den Virenscanner ab, besonders der Scanner von McAfee meldet oft einen Fehalarm in OSAM! Downloade dir bitte  aswMBR.exe und speichere die Datei auf deinem Desktop.
Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none). Noch ein Hinweis: Sollte aswMBR abstürzen und es kommt eine Meldung wie "aswMBR.exe funktioniert nicht mehr, dann mach Folgendes: Starte aswMBR neu, wähle unten links im Drop-Down-Menü (unten links im Fenster von aswMBR) bei "AV scan" (none) aus und klick nochmal auf den Scan-Button.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
20.09.2012, 21:00
| #23 |
| | 'JS/RunForest.B' eingefangen Hallo! mit GMER gab es Probleme. Wenn ich es ausführen wollte,gab es die Nachricht die Datei könne nicht gefunden werden!??? Hier also die Logs von Osam und asw.... OSAM Logfile: Code:
ATTFilter Report of OSAM: Autorun Manager v5.0.11926.0 hxxp://www.online-solutions.ru/en/ Saved at 21:30:33 on 20.09.2012 OS: Windows 7 Service Pack 1 (Build 7601), 64-bit Default Browser: Mozilla Corporation Firefox 15.0.1 Scanner Settings [x] Rootkits detection (hidden registry) [x] Rootkits detection (hidden files) [x] Retrieve files information [x] Check Microsoft signatures Filters [ ] Trusted entries [ ] Empty entries [x] Hidden registry entries (rootkit activity) [x] Exclusively opened files [x] Not found files [x] Files without detailed information [x] Existing files [ ] Non-startable services [ ] Non-startable drivers [x] Active entries [x] Disabled entries [Common] -----( %SystemRoot%\Tasks )----- "Adobe Flash Player Updater.job" - "Adobe Systems Incorporated" - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [Drivers] -----( HKLM\SYSTEM\CurrentControlSet\Services )----- "Acronis Storage Filter Management" (fltsrv) - "Acronis" - C:\Windows\System32\DRIVERS\fltsrv.sys "afcdp" (afcdp) - "Acronis" - C:\Windows\System32\DRIVERS\afcdp.sys "AODDriver4.01" (AODDriver4.01) - "Advanced Micro Devices" - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys "AODDriver4.1" (AODDriver4.1) - "Advanced Micro Devices" - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys "AsIO" (AsIO) - ? - C:\Windows\SysWow64\drivers\AsIO.sys (File found, but it contains no detailed information) "AsUpIO" (AsUpIO) - ? - C:\Windows\SysWow64\drivers\AsUpIO.sys (File found, but it contains no detailed information) "ASUS Charger Plus Driver" (AiChargerPlus) - "ASUSTek Computer Inc." - C:\Windows\System32\DRIVERS\AiChargerPlus.sys "avgntflt" (avgntflt) - "Avira GmbH" - C:\Windows\System32\DRIVERS\avgntflt.sys "avipbb" (avipbb) - "Avira GmbH" - C:\Windows\System32\DRIVERS\avipbb.sys "avkmgr" (avkmgr) - "Avira GmbH" - C:\Windows\System32\DRIVERS\avkmgr.sys "MBAMProtector" (MBAMProtector) - "Malwarebytes Corporation" - C:\Windows\system32\drivers\mbam.sys "RRNetCap Service" (RRNetCap) - "RapidSolution Software AG" - C:\Windows\System32\DRIVERS\rrnetcap.sys "RRNetCapMP" (RRNetCapMP) - "RapidSolution Software AG" - C:\Windows\System32\DRIVERS\rrnetcap.sys "SANDRA" (SANDRA) - "SiSoftware" - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2011.SP5\WNt500x64\Sandra.sys "TuneUpUtilitiesDrv" (TuneUpUtilitiesDrv) - "TuneUp Software" - C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys [Explorer] -----( HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components )----- {A8D647C8-65AC-409F-B7B2-3C0FEE1A32F2} "PixiePack Codec Pack 1.1.1200.0" - ? - C:\Program Files (x86)\PixiePack Codec Pack\InstallerHelper.exe -----( HKLM\Software\Classes\Folder\shellex\ColumnHandlers )----- {16148659-720A-457d-850B-2DBD87BB129D} "AudibleShlExt Class" - "Audible, Inc." - C:\Program Files (x86)\Audible\Bin\AudibleExt.dll {C52AF81D-F7A0-4AAB-8E87-F80A60CCD396} "{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}" - ? - C:\Program Files (x86)\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )----- {23170F69-40C1-278A-1000-000100020000} "7-Zip Shell Extension" - "Igor Pavlov" - C:\Program Files (x86)\7-Zip\7-zip.dll {C539A15B-3AF9-4c92-B771-50CB78F5C751} "Acronis Secure Zone" - "Acronis" - C:\Program Files (x86)\Acronis\TrueImageHome\tishell.dll {C539A15A-3AF9-4c92-B771-50CB78F5C751} "Acronis True Image Shell Context Menu Extension" - "Acronis" - C:\Program Files (x86)\Acronis\TrueImageHome\tishell.dll {16148659-720A-457d-850B-2DBD87BB129D} "AudibleShlExt Class" - "Audible, Inc." - C:\Program Files (x86)\Audible\Bin\AudibleExt.dll {5E2121EE-0300-11D4-8D3B-444553540000} "Catalyst Context Menu extension" - ? - (File not found | COM-object registry key not found) {C52AF81D-F7A0-4AAB-8E87-F80A60CCD396} "OpenOffice.org Column Handler" - ? - C:\Program Files (x86)\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll {087B3AE3-E237-4467-B8DB-5A38AB959AC9} "OpenOffice.org Infotip Handler" - ? - C:\Program Files (x86)\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll {AE424E85-F6DF-4910-A6A9-438797986431} "OpenOffice.org Property Handler" - ? - C:\Program Files (x86)\OpenOffice.org 3\Basis\program\shlxthdl\propertyhdl.dll {63542C48-9552-494A-84F7-73AA6A7C99C1} "OpenOffice.org Property Sheet Handler" - ? - C:\Program Files (x86)\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll {3B092F0C-7696-40E3-A80F-68D74DA84210} "OpenOffice.org Thumbnail Viewer" - ? - C:\Program Files (x86)\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll {4838CD50-7E5D-4811-9B17-C47A85539F28} "TuneUp Disk Space Explorer Shell Extension" - "TuneUp Software" - C:\Program Files (x86)\TuneUp Utilities 2012\DseShExt-x86.dll {4858E7D9-8E12-45a3-B6A3-1CD128C9D403} "TuneUp Shredder Shell Extension" - "TuneUp Software" - C:\Program Files (x86)\TuneUp Utilities 2012\SDShelEx-win32.dll [Internet Explorer] -----( HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser )----- ITBar7Height "ITBar7Height" - ? - (File not found | COM-object registry key not found) <binary data> "ITBar7Layout" - ? - (File not found | COM-object registry key not found) -----( HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units )----- {8AD9C840-044E-11D1-B3E9-00805F499D93} "Java Plug-in 1.6.0_33" - "Sun Microsystems, Inc." - C:\Program Files (x86)\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} "Java Plug-in 1.6.0_33" - "Sun Microsystems, Inc." - C:\Program Files (x86)\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} "Java Plug-in 1.6.0_33" - "Sun Microsystems, Inc." - C:\Program Files (x86)\Java\jre6\bin\npjpi160_33.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects )----- {DBC80044-A445-435b-BC74-9C25C1C588A9} "Java(tm) Plug-In 2 SSV Helper" - "Sun Microsystems, Inc." - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} "Java(tm) Plug-In SSV Helper" - "Sun Microsystems, Inc." - C:\Program Files (x86)\Java\jre6\bin\ssv.dll [Logon] -----( %APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup )----- "desktop.ini" - ? - C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini "OpenOffice.org 3.3.lnk" - ? - C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe (Shortcut exists | File found, but it contains no detailed information | File exists) -----( %AllUsersProfile%\Microsoft\Windows\Start Menu\Programs\Startup )----- "desktop.ini" - ? - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini -----( HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run )----- "AVMUSBFernanschluss" - "AVM Berlin" - "C:\Users\user\AppData\Local\Apps\2.0\98AZBA2V.TBK\61V2N0YY.268\frit..tion_8488884cfbcefd60_0002.0002_8541bf1f4a1c673d\AVMAutoStart.exe" "Copernic Desktop Search - Home" - "Copernic Inc." - "C:\Program Files (x86)\Copernic Desktop Search - Home\DesktopSearchService.exe" /tray "NokiaOviSuite2" - "Nokia" - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe -tray -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Run )----- "AdobeCS5.5ServiceManager" - "Adobe Systems Incorporated" - "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin "AdobeCS6ServiceManager" - "Adobe Systems Incorporated" - "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin "ASUS AiChargerPlus Execute" - "ASUSTek Computer Inc." - C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe "avgnt" - "Avira Operations GmbH & Co. KG" - "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min "JMB36X IDE Setup" - ? - C:\Windows\RaidTool\xInsIDE.exe (File found, but it contains no detailed information) "NokiaMServer" - "Nokia" - C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup "StartCCC" - "Advanced Micro Devices, Inc." - "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun "SwitchBoard" - "Adobe Systems Incorporated" - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe "TrueImageMonitor.exe" - "Acronis" - "C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe" [Print Monitors] -----( HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors )----- "PDFCreator" - ? - C:\Windows\system32\pdfcmnnt.dll (File found, but it contains no detailed information) [Services] -----( HKLM\SYSTEM\CurrentControlSet\Services )----- "@%ProgramFiles%\Windows Defender\MsMpRes.dll,-103" (WinDefend) - ? - C:\Program Files (x86)\Windows Defender\mpsvc.dll (File not found) "@%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101" (WMPNetworkSvc) - ? - "C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe" (File not found) "@%SystemRoot%\System32\uxtuneup.dll,-4096" (UxTuneUp) - "TuneUp Software" - C:\Windows\System32\uxtuneup.dll "Acronis Nonstop Backup-Dienst" (afcdpsrv) - "Acronis" - C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe "Adobe Flash Player Update Service" (AdobeFlashPlayerUpdateSvc) - "Adobe Systems Incorporated" - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe "AMD FUEL Service" (AMD FUEL Service) - "Advanced Micro Devices, Inc." - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe "ASUS Com Service" (asComSvc) - ? - C:\Program Files (x86)\ASUS\AXSP\1.00.13\atkexComSvc.exe (File found, but it contains no detailed information) "ASUS HM Com Service" (asHmComSvc) - ? - C:\Program Files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe (File found, but it contains no detailed information) "ASUS System Control Service" (AsSysCtrlService) - ? - C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe (File found, but it contains no detailed information) "Avira Realtime Protection" (AntiVirService) - "Avira Operations GmbH & Co. KG" - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe "Avira Scheduler" (AntiVirSchedulerService) - "Avira Operations GmbH & Co. KG" - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe "MBAMScheduler" (MBAMScheduler) - "Malwarebytes Corporation" - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe "MBAMService" (MBAMService) - "Malwarebytes Corporation" - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe "Microsoft .NET Framework NGEN v4.0.30319_X64" (clr_optimization_v4.0.30319_64) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe "Microsoft .NET Framework NGEN v4.0.30319_X86" (clr_optimization_v4.0.30319_32) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe "Mozilla Maintenance Service" (MozillaMaintenance) - "Mozilla Foundation" - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe "Nalpeiron Licensing Service" (nlsX86cc) - "Nalpeiron Ltd." - C:\Windows\SysWOW64\nlssrv32.exe "SwitchBoard" (SwitchBoard) - "Adobe Systems Incorporated" - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe "TuneUp Utilities Service" (TuneUp.UtilitiesSvc) - "TuneUp Software" - C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe ===[ Logfile end ]=========================================[ Logfile end ]=== If You have questions or want to get some help, You can visit hxxp://forum.online-solutions.ru[/CODE] Code:
ATTFilter aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-09-20 21:42:29
-----------------------------
21:42:29.657 OS Version: Windows x64 6.1.7601 Service Pack 1
21:42:29.657 Number of processors: 6 586 0xA00
21:42:29.657 ComputerName: USER-PC UserName: user
21:42:29.844 Initialize success
21:43:40.387 AVAST engine defs: 12092000
21:44:03.507 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000075
21:44:03.522 Disk 0 Vendor: Corsair_ 1.3_ Size: 114473MB BusType: 11
21:44:03.522 Disk 1 \Device\Harddisk1\DR1 -> \Device\00000076
21:44:03.538 Disk 1 Vendor: WDC_WD10 05.0 Size: 953869MB BusType: 11
21:44:03.538 Disk 2 \Device\Harddisk2\DR2 -> \Device\00000077
21:44:03.553 Disk 2 Vendor: ST2000DL CC32 Size: 1907729MB BusType: 11
21:44:03.553 Disk 0 MBR read successfully
21:44:03.569 Disk 0 MBR scan
21:44:03.569 Disk 0 Windows 7 default MBR code
21:44:03.569 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
21:44:03.569 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 114371 MB offset 206848
21:44:03.585 Disk 0 scanning C:\Windows\system32\drivers
21:44:06.096 Service scanning
21:44:12.523 Modules scanning
21:44:12.539 Disk 0 trace - called modules:
21:44:12.555 ntoskrnl.exe fltsrv.sys tdrpman.sys CLASSPNP.SYS disk.sys vsflt61.sys amd_xata.sys storport.sys hal.dll amd_sata.sys
21:44:12.570 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8007d65060]
21:44:12.570 3 CLASSPNP.SYS[fffff88001b4a43f] -> nt!IofCallDriver -> [0xfffffa8007c63aa0]
21:44:12.586 5 vsflt61.sys[fffff88000f8a0fd] -> nt!IofCallDriver -> [0xfffffa8006e31ac0]
21:44:12.586 7 amd_xata.sys[fffff880011888f7] -> nt!IofCallDriver -> \Device\00000075[0xfffffa8006e273d0]
21:44:12.757 AVAST engine scan C:\Windows
21:44:13.491 AVAST engine scan C:\Windows\system32
21:45:14.393 AVAST engine scan C:\Windows\system32\drivers
21:45:17.419 AVAST engine scan C:\Users\user
21:45:30.414 AVAST engine scan C:\ProgramData
21:45:40.695 Scan finished successfully
21:46:06.840 Disk 0 MBR has been saved successfully to "C:\Users\user\Desktop\MBR.dat"
21:46:06.856 The log file has been saved successfully to "C:\Users\user\Desktop\aswMBR.txt"
aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-09-20 21:48:30
-----------------------------
21:48:30.766 OS Version: Windows x64 6.1.7601 Service Pack 1
21:48:30.766 Number of processors: 6 586 0xA00
21:48:30.766 ComputerName: USER-PC UserName: user
21:48:31.047 Initialize success
21:48:37.069 AVAST engine defs: 12092000
21:48:42.373 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000075
21:48:42.373 Disk 0 Vendor: Corsair_ 1.3_ Size: 114473MB BusType: 11
21:48:42.388 Disk 1 \Device\Harddisk1\DR1 -> \Device\00000076
21:48:42.388 Disk 1 Vendor: WDC_WD10 05.0 Size: 953869MB BusType: 11
21:48:42.388 Disk 2 \Device\Harddisk2\DR2 -> \Device\00000077
21:48:42.388 Disk 2 Vendor: ST2000DL CC32 Size: 1907729MB BusType: 11
21:48:42.419 Disk 0 MBR read successfully
21:48:42.419 Disk 0 MBR scan
21:48:42.419 Disk 0 Windows 7 default MBR code
21:48:42.435 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
21:48:42.435 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 114371 MB offset 206848
21:48:42.466 Disk 0 scanning C:\Windows\system32\drivers
21:48:48.223 Service scanning
21:48:54.697 Modules scanning
21:48:54.712 Disk 0 trace - called modules:
21:48:54.728 ntoskrnl.exe fltsrv.sys tdrpman.sys CLASSPNP.SYS disk.sys vsflt61.sys amd_xata.sys storport.sys hal.dll amd_sata.sys
21:48:54.743 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8007d65060]
21:48:54.743 3 CLASSPNP.SYS[fffff88001b4a43f] -> nt!IofCallDriver -> [0xfffffa8007c63aa0]
21:48:54.759 5 vsflt61.sys[fffff88000f8a0fd] -> nt!IofCallDriver -> [0xfffffa8006e31ac0]
21:48:54.759 7 amd_xata.sys[fffff880011888f7] -> nt!IofCallDriver -> \Device\00000075[0xfffffa8006e273d0]
21:48:55.055 AVAST engine scan C:\Windows
21:48:57.115 AVAST engine scan C:\Windows\system32
21:50:21.542 AVAST engine scan C:\Windows\system32\drivers
21:50:24.834 AVAST engine scan C:\Users\user
21:50:34.802 AVAST engine scan C:\ProgramData
21:50:45.784 Scan finished successfully
21:51:22.523 Disk 0 MBR has been saved successfully to "C:\Users\user\Desktop\MBR.dat"
21:51:22.523 The log file has been saved successfully to "C:\Users\user\Desktop\aswMBR.txt"
|
|
21.09.2012, 12:58
| #24 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | 'JS/RunForest.B' eingefangen Ist schon ok mit GMER, das läuft nicht immer Sieht ok aus. Wir sollten fast durch sein. Mach bitte zur Kontrolle Vollscans mit Malwarebytes und SUPERAntiSpyware und poste die Logs. Denk dran beide Tools zu updaten vor dem Scan!!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
21.09.2012, 16:14
| #25 |
| | 'JS/RunForest.B' eingefangen O.k. hier erst mal Malwarebite: Code:
ATTFilter Malwarebytes Anti-Malware 1.65.0.1400 www.malwarebytes.org Datenbank Version: v2012.09.21.06 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 user :: USER-PC [Administrator] 21.09.2012 16:17:17 mbam-log-2012-09-21 (16-17-17).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|) Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 416359 Laufzeit: 21 Minute(n), 10 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) Code:
ATTFilter SUPERAntiSpyware Scan Log
hxxp://www.superantispyware.com
Generated 09/21/2012 at 06:34 PM
Application Version : 5.5.1016
Core Rules Database Version : 9267
Trace Rules Database Version: 7079
Scan type : Complete Scan
Total Scan Time : 01:08:15
Operating System Information
Windows 7 Professional 64-bit, Service Pack 1 (Build 6.01.7601)
UAC On - Administrator
Memory items scanned : 780
Memory threats detected : 0
Registry items scanned : 65572
Registry threats detected : 0
File items scanned : 186512
File threats detected : 354
Adware.Tracking Cookie
C:\Users\user\AppData\Roaming\Microsoft\Windows\Cookies\IYLKR8UJ.txt [ /fastclick.net ]
C:\Users\user\AppData\Roaming\Microsoft\Windows\Cookies\D3G0PR2Y.txt [ /ad.adc-serv.net ]
C:\Users\user\AppData\Roaming\Microsoft\Windows\Cookies\PD4VMKUC.txt [ /apmebf.com ]
C:\Users\user\AppData\Roaming\Microsoft\Windows\Cookies\1U7XUDJC.txt [ /www.usenext.de ]
C:\Users\user\AppData\Roaming\Microsoft\Windows\Cookies\F9WD5KE2.txt [ /atdmt.com ]
C:\Users\user\AppData\Roaming\Microsoft\Windows\Cookies\R3T21WXJ.txt [ /forum.usenext.de ]
C:\Users\user\AppData\Roaming\Microsoft\Windows\Cookies\6780X56R.txt [ /usenext.de ]
C:\Users\user\AppData\Roaming\Microsoft\Windows\Cookies\92B5Y2YZ.txt [ /mediaplex.com ]
C:\USERS\USER\AppData\Roaming\Microsoft\Windows\Cookies\Low\OSNK0G6O.txt [ Cookie:user@www.usenext.de/ ]
C:\USERS\USER\AppData\Roaming\Microsoft\Windows\Cookies\Low\NLVO15NM.txt [ Cookie:user@usenext.de/ ]
C:\USERS\USER\Cookies\IYLKR8UJ.txt [ Cookie:user@fastclick.net/ ]
C:\USERS\USER\Cookies\PD4VMKUC.txt [ Cookie:user@apmebf.com/ ]
C:\USERS\USER\Cookies\1U7XUDJC.txt [ Cookie:user@www.usenext.de/ ]
C:\USERS\USER\Cookies\F9WD5KE2.txt [ Cookie:user@atdmt.com/ ]
C:\USERS\USER\Cookies\R3T21WXJ.txt [ Cookie:user@forum.usenext.de/ ]
C:\USERS\USER\Cookies\6780X56R.txt [ Cookie:user@usenext.de/ ]
.amazon-adsystem.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.amazon-adsystem.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.imrworldwide.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.imrworldwide.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.eyewonder.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.atdmt.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.ru4.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.apmebf.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.mediaplex.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.fastclick.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.dealtime.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.specificclick.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.im.banner.t-online.de [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.ru4.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
eas.apm.emediate.eu [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
eas.apm.emediate.eu [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.liveperson.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
tracking.dc-storm.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
tracking.dc-storm.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.xiti.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.a.revenuemax.de [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
fl01.ct2.comclick.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
wstat.wibiya.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
advertising.superweb.de [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.getclicky.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.static.getclicky.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.liveperson.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.estat.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.fotoalben-discount.de [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.fotoalben-discount.de [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.discountdruck.de [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.discountdruck.de [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.farheap.122.2o7.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.liveperson.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.adbrite.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.cewecolor.112.2o7.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
emediate.apmmedia.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.advertising.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.advertising.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.liveperson.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
dc.tremormedia.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.ad.adnet.de [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.wlw.122.2o7.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.tracking.quisma.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
tracking.quisma.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.blogs.ulrich-media.ch [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.blogs.ulrich-media.ch [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.liveperson.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
tracking.klicktel.de [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
tracking.klicktel.de [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.apmebf.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
eas.apm.emediate.eu [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
eas.apm.emediate.eu [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
tracking.quisma.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.americanexpress.122.2o7.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
tracking.quisma.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
adserver.lowcostdomains.de [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
counter.hitslink.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.questionmarket.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
nl.sitestat.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
nl.sitestat.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.blau.122.2o7.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.e-2dj6wjl4sidpaco.stats.esomniture.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.paypal.112.2o7.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.elitepartner.de [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.elitepartner.de [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.elitepartner.de [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
tracking.dc-storm.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.zedo.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
in.getclicky.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.e-2dj6wdl4skajwco.stats.esomniture.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.questionmarket.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
track.zalando.de [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.doubleclick.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
s2.trafficmaxx.de [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
stat.dealtime.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.e-2dj6wjk4gkcjabp.stats.esomniture.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.e-2dj6wdmyaocjcaq.stats.esomniture.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.atdmt.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.atdmt.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
www.zanox-affiliate.de [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
adserver.gb4.motorpresse.de [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.sportdiscount.biz [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.sportdiscount.biz [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
adserver.yopi.de [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
adserver.yopi.de [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.atdmt.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.c.atdmt.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.c.atdmt.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
tracking.dc-storm.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.e-2dj6aelicgdpefp.stats.esomniture.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.webstats4u.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.ero-advertising.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.247realmedia.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.zedo.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.zedo.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
delivery.atkmedia.de [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
tracking.campz.de [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
adserv.chirurgie-portal.de [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.e-2dj6whlyuic5wgo.stats.esomniture.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.4stats.de [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.4stats.de [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
adserver.adreactor.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
adx.chip.de [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
aka-cdn-ns.adtech.de [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
servestats.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.statcounter.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.kontera.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.at.atwola.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
fl01.ct2.comclick.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.accounts.google.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.accounts.google.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.accounts.google.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.accounts.google.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.accounts.google.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.accounts.google.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.libri.112.2o7.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
server.adform.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
server.adform.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.usenext.de [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.usenext.de [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.ad.adnet.de [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
www.zanox-affiliate.de [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.advertising.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.advertising.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.tracking.quisma.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.zanox.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.zanox-affiliate.de [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.ad.adnet.de [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.ad.adnet.de [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
track.adform.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.horyzon-media.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.horyzon-media.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.horyzon-media.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.adxpose.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
teufel-media.de [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
banner.testberichte.de [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
banner.testberichte.de [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
clicks.pangora.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
clicks.pangora.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
statse.webtrendslive.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.deutschepostag.112.2o7.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.mediaevent.de [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.mediaevent.de [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.unister-adservices.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.traffictrack.de [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.im.banner.t-online.de [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.adviva.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.overture.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
track.adform.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.adform.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.mediaplex.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.im.banner.t-online.de [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
eas4.emediate.eu [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
aimfar.solution.weborama.fr [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.weborama.fr [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.weborama.fr [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.weboramapublishertrackinguk2.solution.weborama.fr [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.weboramapublishertrackinguk2.solution.weborama.fr [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.eyewonder.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
tracking.sim-technik.de [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
ad4.adfarm1.adition.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.fastclick.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.im.banner.t-online.de [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.zanox-affiliate.de [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
adfarm1.adition.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.im.banner.t-online.de [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
track.effiliation.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
track.effiliation.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
track.effiliation.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
track.effiliation.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
track.effiliation.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
track.effiliation.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
tomtailor.dyntracker.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.mediaplex.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.stats.paypal.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
accounts.google.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
ad.zanox.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.zanox.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.tracking.quisma.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
ad2.adfarm1.adition.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.adbrite.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.lucidmedia.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.advertising.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
www.usenext.de [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
www.usenext.de [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
www.usenext.de [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
www.usenext.de [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
www.usenext.de [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
www.usenext.de [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.www.usenext.de [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.www.usenext.de [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
ad3.adfarm1.adition.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.guj.122.2o7.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.tracking.quisma.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.bs.serving-sys.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.bs.serving-sys.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.mediaplex.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
adx2.chip.de [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.tracker.vinsight.de [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
adx.chip.de [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
adx.chip.de [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
eas.apm.emediate.eu [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.im.banner.t-online.de [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.doubleclick.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.yieldmanager.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.tribalfusion.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.clickfuse.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
ad.zanox.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.unister-adservices.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
ad1.adfarm1.adition.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.clickfuse.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.clickfuse.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.im.banner.t-online.de [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.im.banner.t-online.de [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.im.banner.t-online.de [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
ww251.smartadserver.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
eas.apm.emediate.eu [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
.doubleclick.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BK7ZNFKR.DEFAULT\COOKIES.SQLITE ]
Das Programm habe ich aber noch nicht entfernt. Grüße..... |
|
21.09.2012, 20:57
| #26 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | 'JS/RunForest.B' eingefangen Sieht ok aus, da wurden nur Cookies gefunden. Cookies sind keine Schädlinge direkt, aber es besteht die Gefahr der missbräuchlichen Verwendung (eindeutige Wiedererkennung zB für gezielte Werbung o.ä. => HTTP-Cookie ) Wegen Cookies und anderer Dinge im Web: Um die Pest von vornherein zu blocken (also TrackingCookies, Werbebanner etc.) müsstest du dir mal sowas wie MVPS Hosts File anschauen => Blocking Unwanted Parasites with a Hosts File - sinnvollerweise solltest du alle 4 Wochen mal bei MVPS nachsehen, ob er eine neue Hosts Datei herausgebracht hat. Ansonsten gibt es noch gute Cookiemanager, Erweiterungen für den Firefox zB wäre da CookieCuller http://filepony.de/download-cookie_culler/ Wenn du aber damit leben kannst, dich bei jeder Browsersession überall neu einzuloggen (zB Facebook, Ebay, GMX, oder auch Trojaner-Board) dann stell den Browser einfach so ein, dass einfach alles beim Beenden des Browser inkl. Cookies gelöscht wird. Ich halte es so, dass ich zum "wilden Surfen" den Opera-Browser oder Chromium unter meinem Linux verwende. Mein Hauptbrowser (Firefox) speichert nur die Cookies von den Sites die ich auch will, alles andere lehne ich manuell ab (der FF fragt mich immer) - die anderen Browser nehmen alles an Cookies zwar an, aber spätestens beim nächsten Start von Opera oder Chromium sind keine Cookies mehr da. Ist dein System nun wieder in Ordnung oder gibt's noch andere Funde oder Probleme?
__________________ Logfiles bitte immer in CODE-Tags posten |
|
21.09.2012, 21:44
| #27 |
| | 'JS/RunForest.B' eingefangen Also was immer noch nicht funktioniert ist das windows update. nachdem etwa 15% installiert sind fährt der PC einfach herunter. Also klappt es dann mit der Konfiguration natürlich auch nicht. Die Windows Problembehandlung hat daran nichts geändert. Das ist das eine. Das andere ist mehr eine Frage. Was mache ich mit den ganzen Programmen,die ich im Laufe dieses Prozesses hier installiert habe? Und:Sind die "Schädlinge" jetzt eigentlich gelöscht oder noch irgendwo in Quarantäne? Was ist mit diesem Defogger? ist ja vielleicht ganz ohne irgendeine Auswirkung,aber irgendwas haben "wir" da ja abgestellt.----siehe Anleitung für alle Hilfesuchenden-. kann ich da wieder auf -enable- klicken? Geändert von Finder7 (21.09.2012 um 21:52 Uhr) |
|
22.09.2012, 16:34
| #28 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | 'JS/RunForest.B' eingefangen Versuch mal die wichtigsten Windows-Updates als Paket von winfuture runterzuladen und installieren => WinFuture Windows 7 SP1 Update Pack 64-Bit 2.16 (Voll) Download - WinFuture.de
__________________ Logfiles bitte immer in CODE-Tags posten |
|
22.09.2012, 20:45
| #29 |
| | 'JS/RunForest.B' eingefangen Hab ich gemacht. Nur,vor diesem Befall konnte ich ganz normal Updates installieren,und jetzt geht es nicht mehr,auch nach diesem winfuture Paket nicht. Was ist mit meinen anderen Fragen? |
|
23.09.2012, 16:04
| #30 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | 'JS/RunForest.B' eingefangen Erstmal sollten wir die Probleme mit dem Update beheben, dann werden die anderen Punkte geklärt! Probier mal das hier => Was ist das Systemupdate-Vorbereitungstool?
__________________ Logfiles bitte immer in CODE-Tags posten |
|
| Themen zu 'JS/RunForest.B' eingefangen |
| abgebrochen, absender, adware/yontoo.e.1, anderen, angemeldet, anhang, antivir, appdata, avira, befallen, brauch, cache, eingefangen, file, firefox, gen, leute, link, mail, mozilla, nichts, programme, temp, trojaner, virus, wirklich |
Linear-Darstellung
