| |
| |||||||
Log-Analyse und Auswertung: PopUp rechts unten, Weiterleitung von LinksWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
03.09.2012, 18:35
| #16 |
| /// Winkelfunktion /// TB-Süch-Tiger™   |  PopUp rechts unten, Weiterleitung von Links Mach einen OTL-Fix, beende alle evtl. geöffneten Programme, auch Virenscanner deaktivieren (!), starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!) Code:
ATTFilter :OTL
FF - user.js - File not found
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4 - HKLM..\Run: [] File not found
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadminx.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{0447a4a0-565e-11e1-8859-88532e430566}\Shell - "" = AutoRun
O33 - MountPoints2\{0447a4a0-565e-11e1-8859-88532e430566}\Shell\AutoRun\command - "" = F:\autorun.exe
:Files
ipconfig /flushdns /c
:Commands
[purity]
[emptytemp]
[emptyflash]
[resethosts]
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet. Die mit diesem Script gefixten Einträge, Dateien und Ordner werden zur Sicherheit nicht vollständig gelöscht, es wird eine Sicherheitskopie auf der Systempartition im Ordner "_OTL" erstellt. Hinweis: Das obige Script ist nur für diesen einen User in dieser Situtation erstellt worden. Es ist auf keinen anderen Rechner portierbar und darf nicht anderweitig verwandt werden, da es das System nachhaltig schädigen kann!
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
04.09.2012, 04:48
| #17 |
 | PopUp rechts unten, Weiterleitung von Links Hier das Log:
__________________Code:
ATTFilter All processes killed
========== OTL ==========
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
Registry value HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktop deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktopChanges deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoControlPanel deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0447a4a0-565e-11e1-8859-88532e430566}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0447a4a0-565e-11e1-8859-88532e430566}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0447a4a0-565e-11e1-8859-88532e430566}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0447a4a0-565e-11e1-8859-88532e430566}\ not found.
File F:\autorun.exe not found.
========== FILES ==========
< ipconfig /flushdns /c >
Windows-IP-Konfiguration
Der DNS-Aufl”sungscache wurde geleert.
C:\Users\martinh\Desktop\cmd.bat deleted successfully.
C:\Users\martinh\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Classic .NET AppPool
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 56466 bytes
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 56466 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: DefaultAppPool
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 56466 bytes
User: GHV
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 56475 bytes
User: HHV_83
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 56466 bytes
User: hirsch
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 56466 bytes
User: martinh
->Temp folder emptied: 315079521 bytes
->Temporary Internet Files folder emptied: 91927848 bytes
->Java cache emptied: 1463 bytes
->FireFox cache emptied: 210732567 bytes
->Google Chrome cache emptied: 65381820 bytes
->Apple Safari cache emptied: 51093504 bytes
->Opera cache emptied: 50486233 bytes
->Flash cache emptied: 82199 bytes
User: Public
User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 852690570 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50434 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 1.562,00 mb
[EMPTYFLASH]
User: All Users
User: Classic .NET AppPool
->Flash cache emptied: 0 bytes
User: Default
->Flash cache emptied: 0 bytes
User: Default User
->Flash cache emptied: 0 bytes
User: DefaultAppPool
->Flash cache emptied: 0 bytes
User: GHV
->Flash cache emptied: 0 bytes
User: HHV_83
->Flash cache emptied: 0 bytes
User: hirsch
->Flash cache emptied: 0 bytes
User: martinh
->Flash cache emptied: 0 bytes
User: Public
User: UpdatusUser
Total Flash Files Cleaned = 0,00 mb
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
OTL by OldTimer - Version 3.2.59.1 log created on 09042012_053713
Files\Folders moved on Reboot...
C:\Users\martinh\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
PendingFileRenameOperations files...
Registry entries deleted on Reboot...
Auf jeden Fall jetzt schon mal vielen Dank. Wo finde ich den Link zur "Kaffeekasse" ? |
|
04.09.2012, 14:53
| #18 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | PopUp rechts unten, Weiterleitung von Links Link zur
__________________ -Kasse siehe Signatur  Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten Anleitung und Downloadlink hier => http://www.trojaner-board.de/82358-t...entfernen.html Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm! Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet, Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten. Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition (meistens Laufwerk C nach, da speichert der TDSS-Killer seine Logs.Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten! 
__________________ |
|
04.09.2012, 16:17
| #19 |
| | PopUp rechts unten, Weiterleitung von Links Hier nun der Report Code:
ATTFilter 17:11:32.0338 10320 TDSS rootkit removing tool 2.8.8.0 Aug 24 2012 13:27:48
17:11:32.0419 10320 ============================================================
17:11:32.0419 10320 Current date / time: 2012/09/04 17:11:32.0419
17:11:32.0419 10320 SystemInfo:
17:11:32.0419 10320
17:11:32.0419 10320 OS Version: 6.1.7601 ServicePack: 1.0
17:11:32.0419 10320 Product type: Workstation
17:11:32.0419 10320 ComputerName: MARTINH-NB
17:11:32.0419 10320 UserName: martinh
17:11:32.0419 10320 Windows directory: C:\Windows
17:11:32.0419 10320 System windows directory: C:\Windows
17:11:32.0419 10320 Running under WOW64
17:11:32.0420 10320 Processor architecture: Intel x64
17:11:32.0420 10320 Number of processors: 8
17:11:32.0420 10320 Page size: 0x1000
17:11:32.0420 10320 Boot type: Normal boot
17:11:32.0420 10320 ============================================================
17:11:32.0877 10320 Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:11:32.0886 10320 ============================================================
17:11:32.0886 10320 \Device\Harddisk0\DR0:
17:11:32.0887 10320 MBR partitions:
17:11:32.0887 10320 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x34000, BlocksNum 0x2710000
17:11:32.0887 10320 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x2744000, BlocksNum 0x2BB7F6F0
17:11:32.0908 10320 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x2E2C4000, BlocksNum 0x249F0000
17:11:32.0908 10320 ============================================================
17:11:32.0936 10320 C: <-> \Device\Harddisk0\DR0\Partition2
17:11:32.0984 10320 E: <-> \Device\Harddisk0\DR0\Partition3
17:11:32.0984 10320 ============================================================
17:11:32.0984 10320 Initialize success
17:11:32.0984 10320 ============================================================
17:11:59.0863 6924 ============================================================
17:11:59.0863 6924 Scan started
17:11:59.0863 6924 Mode: Manual; SigCheck; TDLFS;
17:11:59.0863 6924 ============================================================
17:12:00.0076 6924 ================ Scan system memory ========================
17:12:00.0076 6924 System memory - ok
17:12:00.0077 6924 ================ Scan services =============================
17:12:00.0188 6924 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
17:12:00.0307 6924 1394ohci - ok
17:12:00.0407 6924 [ B33CF4DE909A5B30F526D82053A63C8E ] ABBYY.Licensing.FineReader.Sprint.9.0 C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
17:12:00.0440 6924 ABBYY.Licensing.FineReader.Sprint.9.0 - ok
17:12:00.0480 6924 [ E0065CBF1A25C015C218457D2CD522B9 ] Acceler C:\Windows\system32\DRIVERS\Accelern.sys
17:12:00.0503 6924 Acceler - ok
17:12:00.0562 6924 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
17:12:00.0606 6924 ACPI - ok
17:12:00.0624 6924 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
17:12:00.0717 6924 AcpiPmi - ok
17:12:00.0805 6924 [ 3E1A788749D74E4227FFBC3EB8E19F72 ] AcrSch2Svc C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
17:12:00.0835 6924 AcrSch2Svc - ok
17:12:00.0946 6924 [ A9D3B95E8466BD58EEB8A1154654E162 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
17:12:00.0959 6924 AdobeFlashPlayerUpdateSvc - ok
17:12:00.0991 6924 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
17:12:01.0009 6924 adp94xx - ok
17:12:01.0028 6924 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
17:12:01.0043 6924 adpahci - ok
17:12:01.0064 6924 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
17:12:01.0077 6924 adpu320 - ok
17:12:01.0119 6924 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
17:12:01.0194 6924 AeLookupSvc - ok
17:12:01.0245 6924 [ D1E343BC00136CE03C4D403194D06A80 ] AERTFilters C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
17:12:01.0253 6924 AERTFilters - ok
17:12:01.0290 6924 [ B794DD8ACC5CC76177156463DAB4BEBB ] afcdp C:\Windows\system32\DRIVERS\afcdp.sys
17:12:01.0305 6924 afcdp - ok
17:12:01.0378 6924 [ A07F038B7A28C439ACCDA9CC46EB999F ] afcdpsrv C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
17:12:01.0428 6924 afcdpsrv - ok
17:12:01.0488 6924 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
17:12:01.0569 6924 AFD - ok
17:12:01.0582 6924 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
17:12:01.0592 6924 agp440 - ok
17:12:01.0606 6924 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
17:12:01.0681 6924 ALG - ok
17:12:01.0702 6924 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
17:12:01.0712 6924 aliide - ok
17:12:01.0715 6924 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
17:12:01.0725 6924 amdide - ok
17:12:01.0730 6924 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
17:12:01.0762 6924 AmdK8 - ok
17:12:01.0779 6924 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
17:12:01.0793 6924 AmdPPM - ok
17:12:01.0824 6924 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
17:12:01.0835 6924 amdsata - ok
17:12:01.0850 6924 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
17:12:01.0863 6924 amdsbs - ok
17:12:01.0874 6924 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
17:12:01.0883 6924 amdxata - ok
17:12:01.0919 6924 [ 7D9E301AB3247765702D0B65E2E47E50 ] AMPPAL C:\Windows\system32\DRIVERS\AMPPAL.sys
17:12:01.0984 6924 AMPPAL - ok
17:12:01.0993 6924 [ 7D9E301AB3247765702D0B65E2E47E50 ] AMPPALP C:\Windows\system32\DRIVERS\amppal.sys
17:12:02.0005 6924 AMPPALP - ok
17:12:02.0068 6924 [ 864C632B999BE1237A3DC46736E71F27 ] AMPPALR3 C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
17:12:02.0101 6924 AMPPALR3 - ok
17:12:02.0163 6924 [ 59D01FA91962C9C1E9B4022B2D3B46DB ] AppHostSvc C:\Windows\system32\inetsrv\apphostsvc.dll
17:12:02.0231 6924 AppHostSvc - ok
17:12:02.0243 6924 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
17:12:02.0384 6924 AppID - ok
17:12:02.0417 6924 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
17:12:02.0487 6924 AppIDSvc - ok
17:12:02.0502 6924 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
17:12:02.0577 6924 Appinfo - ok
17:12:02.0588 6924 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
17:12:02.0599 6924 arc - ok
17:12:02.0616 6924 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
17:12:02.0628 6924 arcsas - ok
17:12:02.0759 6924 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
17:12:02.0786 6924 aspnet_state - ok
17:12:02.0820 6924 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
17:12:02.0860 6924 AsyncMac - ok
17:12:02.0912 6924 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
17:12:02.0943 6924 atapi - ok
17:12:03.0090 6924 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
17:12:03.0177 6924 AudioEndpointBuilder - ok
17:12:03.0190 6924 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
17:12:03.0225 6924 AudioSrv - ok
17:12:03.0246 6924 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
17:12:03.0432 6924 AxInstSV - ok
17:12:03.0479 6924 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
17:12:03.0531 6924 b06bdrv - ok
17:12:03.0558 6924 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
17:12:03.0595 6924 b57nd60a - ok
17:12:03.0611 6924 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
17:12:03.0667 6924 BDESVC - ok
17:12:03.0714 6924 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
17:12:03.0778 6924 Beep - ok
17:12:03.0802 6924 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
17:12:03.0851 6924 BFE - ok
17:12:03.0903 6924 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
17:12:03.0987 6924 BITS - ok
17:12:04.0001 6924 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
17:12:04.0023 6924 blbdrive - ok
17:12:04.0084 6924 [ 5FF7B9916A10E8E69E7C0D16F0B4787A ] Bluetooth Device Monitor C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
17:12:04.0118 6924 Bluetooth Device Monitor ( UnsignedFile.Multi.Generic ) - warning
17:12:04.0118 6924 Bluetooth Device Monitor - detected UnsignedFile.Multi.Generic (1)
17:12:04.0174 6924 [ E43D73CAF1023976EFBA1D0F0E69E271 ] Bluetooth Media Service C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
17:12:04.0195 6924 Bluetooth Media Service ( UnsignedFile.Multi.Generic ) - warning
17:12:04.0195 6924 Bluetooth Media Service - detected UnsignedFile.Multi.Generic (1)
17:12:04.0216 6924 [ 20427929646784A482DF34EF8C4FED23 ] Bluetooth OBEX Service C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
17:12:04.0229 6924 Bluetooth OBEX Service ( UnsignedFile.Multi.Generic ) - warning
17:12:04.0229 6924 Bluetooth OBEX Service - detected UnsignedFile.Multi.Generic (1)
17:12:04.0273 6924 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
17:12:04.0305 6924 Bonjour Service - ok
17:12:04.0339 6924 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
17:12:04.0401 6924 bowser - ok
17:12:04.0429 6924 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
17:12:04.0482 6924 BrFiltLo - ok
17:12:04.0501 6924 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
17:12:04.0529 6924 BrFiltUp - ok
17:12:04.0562 6924 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
17:12:04.0602 6924 Browser - ok
17:12:04.0612 6924 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
17:12:04.0658 6924 Brserid - ok
17:12:04.0672 6924 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
17:12:04.0721 6924 BrSerWdm - ok
17:12:04.0736 6924 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
17:12:04.0751 6924 BrUsbMdm - ok
17:12:04.0753 6924 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
17:12:04.0778 6924 BrUsbSer - ok
17:12:04.0901 6924 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
17:12:04.0952 6924 BthEnum - ok
17:12:04.0962 6924 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
17:12:04.0989 6924 BTHMODEM - ok
17:12:05.0017 6924 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
17:12:05.0047 6924 BthPan - ok
17:12:05.0112 6924 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
17:12:05.0152 6924 BTHPORT - ok
17:12:05.0171 6924 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
17:12:05.0208 6924 bthserv - ok
17:12:05.0226 6924 [ 9E2AF97302B9F4BF97E952A865EB31AE ] BTHSSecurityMgr C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
17:12:05.0235 6924 BTHSSecurityMgr - ok
17:12:05.0271 6924 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
17:12:05.0298 6924 BTHUSB - ok
17:12:05.0328 6924 [ 274E47BD9C1367BDBFA9DF10C2E6C544 ] btmaudio C:\Windows\system32\drivers\btmaud.sys
17:12:05.0366 6924 btmaudio - ok
17:12:05.0391 6924 [ 75EAB5AAF6E9F83739249CE60B4B9C39 ] btmaux C:\Windows\system32\DRIVERS\btmaux.sys
17:12:05.0422 6924 btmaux - ok
17:12:05.0444 6924 [ 0B1CC2221DC5990E4557A78CE9AFAD4F ] btmhsf C:\Windows\system32\DRIVERS\btmhsf.sys
17:12:05.0472 6924 btmhsf - ok
17:12:05.0502 6924 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
17:12:05.0553 6924 cdfs - ok
17:12:05.0561 6924 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
17:12:05.0574 6924 cdrom - ok
17:12:05.0582 6924 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
17:12:05.0612 6924 CertPropSvc - ok
17:12:05.0649 6924 [ 274CE03459896006F7A5069266E0469E ] cfwids C:\Windows\system32\drivers\cfwids.sys
17:12:05.0660 6924 cfwids - ok
17:12:05.0670 6924 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
17:12:05.0692 6924 circlass - ok
17:12:05.0711 6924 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
17:12:05.0726 6924 CLFS - ok
17:12:05.0807 6924 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:12:05.0817 6924 clr_optimization_v2.0.50727_32 - ok
17:12:05.0844 6924 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
17:12:05.0855 6924 clr_optimization_v2.0.50727_64 - ok
17:12:05.0885 6924 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:12:05.0937 6924 clr_optimization_v4.0.30319_32 - ok
17:12:05.0961 6924 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
17:12:05.0986 6924 clr_optimization_v4.0.30319_64 - ok
17:12:05.0989 6924 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
17:12:06.0024 6924 CmBatt - ok
17:12:06.0037 6924 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
17:12:06.0051 6924 cmdide - ok
17:12:06.0095 6924 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
17:12:06.0128 6924 CNG - ok
17:12:06.0139 6924 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
17:12:06.0150 6924 Compbatt - ok
17:12:06.0161 6924 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
17:12:06.0177 6924 CompositeBus - ok
17:12:06.0179 6924 COMSysApp - ok
17:12:06.0190 6924 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
17:12:06.0200 6924 crcdisk - ok
17:12:06.0232 6924 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\Windows\system32\cryptsvc.dll
17:12:06.0289 6924 CryptSvc - ok
17:12:06.0322 6924 [ BC3D4F90978CD7C8EABD1BAF3BF7873A ] CtClsFlt C:\Windows\system32\DRIVERS\CtClsFlt.sys
17:12:06.0359 6924 CtClsFlt - ok
17:12:06.0389 6924 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
17:12:06.0442 6924 DcomLaunch - ok
17:12:06.0466 6924 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
17:12:06.0513 6924 defragsvc - ok
17:12:06.0544 6924 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
17:12:06.0583 6924 DfsC - ok
17:12:06.0630 6924 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
17:12:06.0677 6924 Dhcp - ok
17:12:06.0690 6924 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
17:12:06.0731 6924 discache - ok
17:12:06.0750 6924 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
17:12:06.0761 6924 Disk - ok
17:12:06.0780 6924 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
17:12:06.0815 6924 Dnscache - ok
17:12:06.0827 6924 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
17:12:06.0874 6924 dot3svc - ok
17:12:06.0886 6924 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
17:12:06.0937 6924 DPS - ok
17:12:06.0966 6924 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
17:12:06.0990 6924 drmkaud - ok
17:12:07.0032 6924 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
17:12:07.0053 6924 DXGKrnl - ok
17:12:07.0063 6924 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
17:12:07.0107 6924 EapHost - ok
17:12:07.0162 6924 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
17:12:07.0243 6924 ebdrv - ok
17:12:07.0262 6924 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
17:12:07.0278 6924 EFS - ok
17:12:07.0315 6924 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
17:12:07.0365 6924 ehRecvr - ok
17:12:07.0371 6924 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
17:12:07.0388 6924 ehSched - ok
17:12:07.0406 6924 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
17:12:07.0427 6924 elxstor - ok
17:12:07.0460 6924 [ ABDD5AD016AFFD34AD40E944CE94BF59 ] EpsonBidirectionalService C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe
17:12:07.0474 6924 EpsonBidirectionalService ( UnsignedFile.Multi.Generic ) - warning
17:12:07.0474 6924 EpsonBidirectionalService - detected UnsignedFile.Multi.Generic (1)
17:12:07.0489 6924 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
17:12:07.0511 6924 ErrDev - ok
17:12:07.0542 6924 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
17:12:07.0600 6924 EventSystem - ok
17:12:07.0673 6924 [ E3A96D5AE6E5C7B5472011BA77353368 ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe
17:12:07.0700 6924 EvtEng - ok
17:12:07.0718 6924 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
17:12:07.0751 6924 exfat - ok
17:12:07.0782 6924 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
17:12:07.0831 6924 fastfat - ok
17:12:07.0860 6924 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
17:12:07.0902 6924 Fax - ok
17:12:07.0935 6924 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
17:12:07.0955 6924 fdc - ok
17:12:07.0966 6924 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
17:12:07.0996 6924 fdPHost - ok
17:12:08.0002 6924 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
17:12:08.0048 6924 FDResPub - ok
17:12:08.0066 6924 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
17:12:08.0076 6924 FileInfo - ok
17:12:08.0088 6924 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
17:12:08.0141 6924 Filetrace - ok
17:12:08.0158 6924 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
17:12:08.0169 6924 flpydisk - ok
17:12:08.0180 6924 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
17:12:08.0194 6924 FltMgr - ok
17:12:08.0242 6924 [ E94E042BC24BB301767A8125D529B705 ] fltsrv C:\Windows\system32\DRIVERS\fltsrv.sys
17:12:08.0267 6924 fltsrv - ok
17:12:08.0311 6924 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
17:12:08.0366 6924 FontCache - ok
17:12:08.0397 6924 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
17:12:08.0406 6924 FontCache3.0.0.0 - ok
17:12:08.0409 6924 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
17:12:08.0421 6924 FsDepends - ok
17:12:08.0443 6924 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
17:12:08.0453 6924 Fs_Rec - ok
17:12:08.0478 6924 [ FA169871D8FADCC6539C4E8726610286 ] FTDIBUS C:\Windows\system32\drivers\ftdibus.sys
17:12:08.0488 6924 FTDIBUS - ok
17:12:08.0501 6924 [ 24237091348D1EFB5635A1CF9649E311 ] FTSER2K C:\Windows\system32\drivers\ftser2k.sys
17:12:08.0511 6924 FTSER2K - ok
17:12:08.0524 6924 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
17:12:08.0539 6924 fvevol - ok
17:12:08.0550 6924 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
17:12:08.0563 6924 gagp30kx - ok
17:12:08.0587 6924 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
17:12:08.0631 6924 gpsvc - ok
17:12:08.0673 6924 [ 1E45972C783B4E5D287DC20AB847B6DB ] GtDetectSc C:\Program Files\o2 Surfstick Speed\GlobeTrotter Connect\GtDetectSc.exe
17:12:08.0687 6924 GtDetectSc ( UnsignedFile.Multi.Generic ) - warning
17:12:08.0687 6924 GtDetectSc - detected UnsignedFile.Multi.Generic (1)
17:12:08.0718 6924 [ 96441919FCBF65BB9B39B714E3133046 ] GTUHSBUS C:\Windows\system32\DRIVERS\gtuhsbus.sys
17:12:08.0764 6924 GTUHSBUS - ok
17:12:08.0799 6924 [ 24C95A3850A1441DE9FC84CA800BAB1D ] GTUHSNDISIPXP C:\Windows\system32\DRIVERS\gtuhs51.sys
17:12:08.0835 6924 GTUHSNDISIPXP - ok
17:12:08.0864 6924 [ 9D4CD66AB0914F50145220CF620BF746 ] GTUHSOMS C:\Windows\system32\DRIVERS\gtuhsoms.sys
17:12:08.0884 6924 GTUHSOMS - ok
17:12:08.0937 6924 [ 254C2C1052729B925EC76CEC74E87EDA ] GTUHSSER C:\Windows\system32\DRIVERS\gtuhsser.sys
17:12:08.0963 6924 GTUHSSER - ok
17:12:09.0014 6924 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:12:09.0025 6924 gupdate - ok
17:12:09.0031 6924 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:12:09.0041 6924 gupdatem - ok
17:12:09.0052 6924 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
17:12:09.0097 6924 hcw85cir - ok
17:12:09.0124 6924 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
17:12:09.0153 6924 HDAudBus - ok
17:12:09.0163 6924 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
17:12:09.0183 6924 HidBatt - ok
17:12:09.0195 6924 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
17:12:09.0217 6924 HidBth - ok
17:12:09.0228 6924 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
17:12:09.0243 6924 HidIr - ok
17:12:09.0269 6924 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
17:12:09.0310 6924 hidserv - ok
17:12:09.0324 6924 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
17:12:09.0337 6924 HidUsb - ok
17:12:09.0357 6924 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
17:12:09.0404 6924 hkmsvc - ok
17:12:09.0418 6924 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
17:12:09.0444 6924 HomeGroupListener - ok
17:12:09.0462 6924 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
17:12:09.0487 6924 HomeGroupProvider - ok
17:12:09.0501 6924 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
17:12:09.0514 6924 HpSAMD - ok
17:12:09.0545 6924 [ F47CEC45FB85791D4AB237563AD0FA8F ] HTCAND64 C:\Windows\system32\Drivers\ANDROIDUSB.sys
17:12:09.0570 6924 HTCAND64 - ok
17:12:09.0609 6924 [ B8B1B284362E1D8135112573395D5DA5 ] htcnprot C:\Windows\system32\DRIVERS\htcnprot.sys
17:12:09.0622 6924 htcnprot - ok
17:12:09.0651 6924 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
17:12:09.0716 6924 HTTP - ok
17:12:09.0729 6924 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
17:12:09.0739 6924 hwpolicy - ok
17:12:09.0753 6924 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
17:12:09.0767 6924 i8042prt - ok
17:12:09.0792 6924 [ D469B77687E12FE43E344806740B624D ] iaStor C:\Windows\system32\drivers\iaStor.sys
17:12:09.0808 6924 iaStor - ok
17:12:09.0827 6924 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
17:12:09.0844 6924 iaStorV - ok
17:12:09.0852 6924 [ 8A4EC1C3F10385181B1066120C610AE5 ] iBtFltCoex C:\Windows\system32\DRIVERS\iBtFltCoex.sys
17:12:09.0873 6924 iBtFltCoex - ok
17:12:09.0916 6924 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
17:12:09.0942 6924 idsvc - ok
17:12:10.0108 6924 [ 795C99DC4F574C97C03D0BB39CF099EE ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
17:12:10.0356 6924 igfx - ok
17:12:10.0365 6924 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
17:12:10.0376 6924 iirsp - ok
17:12:10.0402 6924 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
17:12:10.0457 6924 IKEEXT - ok
17:12:10.0495 6924 [ DD587A55390ED2295BCE6D36AD567DA9 ] Impcd C:\Windows\system32\drivers\Impcd.sys
17:12:10.0553 6924 Impcd - ok
17:12:10.0636 6924 [ 8FED6428FDE53D7F4C105095F22524BE ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
17:12:10.0685 6924 IntcAzAudAddService - ok
17:12:10.0713 6924 [ FC727061C0F47C8059E88E05D5C8E381 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
17:12:10.0739 6924 IntcDAud - ok
17:12:10.0760 6924 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
17:12:10.0770 6924 intelide - ok
17:12:10.0792 6924 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
17:12:10.0831 6924 intelppm - ok
17:12:10.0847 6924 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
17:12:10.0880 6924 IPBusEnum - ok
17:12:10.0889 6924 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:12:10.0919 6924 IpFilterDriver - ok
17:12:10.0938 6924 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
17:12:10.0986 6924 iphlpsvc - ok
17:12:11.0017 6924 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
17:12:11.0043 6924 IPMIDRV - ok
17:12:11.0053 6924 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
17:12:11.0088 6924 IPNAT - ok
17:12:11.0103 6924 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
17:12:11.0130 6924 IRENUM - ok
17:12:11.0143 6924 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
17:12:11.0153 6924 isapnp - ok
17:12:11.0162 6924 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
17:12:11.0177 6924 iScsiPrt - ok
17:12:11.0226 6924 [ E56417C56B6A7316B6F527C890A1860D ] JMCR C:\Windows\system32\DRIVERS\jmcr.sys
17:12:11.0263 6924 JMCR - ok
17:12:11.0295 6924 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
17:12:11.0323 6924 kbdclass - ok
17:12:11.0328 6924 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
17:12:11.0364 6924 kbdhid - ok
17:12:11.0373 6924 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
17:12:11.0407 6924 KeyIso - ok
17:12:11.0430 6924 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
17:12:11.0442 6924 KSecDD - ok
17:12:11.0454 6924 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
17:12:11.0466 6924 KSecPkg - ok
17:12:11.0494 6924 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
17:12:11.0533 6924 ksthunk - ok
17:12:11.0561 6924 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
17:12:11.0610 6924 KtmRm - ok
17:12:11.0639 6924 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
17:12:11.0671 6924 LanmanServer - ok
17:12:11.0687 6924 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
17:12:11.0718 6924 LanmanWorkstation - ok
17:12:11.0741 6924 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
17:12:11.0788 6924 lltdio - ok
17:12:11.0816 6924 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
17:12:11.0857 6924 lltdsvc - ok
17:12:11.0873 6924 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
17:12:11.0913 6924 lmhosts - ok
17:12:11.0949 6924 [ 7F32D4C47A50E7223491E8FB9359907D ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
17:12:11.0966 6924 LMS - ok
17:12:11.0983 6924 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
17:12:11.0994 6924 LSI_FC - ok
17:12:12.0002 6924 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
17:12:12.0014 6924 LSI_SAS - ok
17:12:12.0026 6924 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
17:12:12.0038 6924 LSI_SAS2 - ok
17:12:12.0049 6924 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
17:12:12.0061 6924 LSI_SCSI - ok
17:12:12.0130 6924 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
17:12:12.0184 6924 luafv - ok
17:12:12.0218 6924 [ 23488767CB18FC3FF39E3AF1DB3FB02C ] massfilter C:\Windows\system32\drivers\massfilter.sys
17:12:12.0236 6924 massfilter - ok
17:12:12.0381 6924 [ DC8490812A3B72811AE534F423B4C206 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
17:12:12.0394 6924 MBAMProtector - ok
17:12:12.0446 6924 [ 43683E970F008C93C9429EF428147A54 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
17:12:12.0465 6924 MBAMService - ok
17:12:12.0530 6924 [ B6BD99C3E23507A732C474CAA620C0D7 ] McAWFwk c:\PROGRA~1\mcafee\msc\mcawfwk.exe
17:12:12.0574 6924 McAWFwk - ok
17:12:12.0658 6924 [ ACB01BF1A905356AB7F978C7FE852209 ] McMPFSvc C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
17:12:12.0701 6924 McMPFSvc - ok
17:12:12.0714 6924 [ ACB01BF1A905356AB7F978C7FE852209 ] mcmscsvc C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
17:12:12.0728 6924 mcmscsvc - ok
17:12:12.0733 6924 [ ACB01BF1A905356AB7F978C7FE852209 ] McNaiAnn C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
17:12:12.0747 6924 McNaiAnn - ok
17:12:12.0752 6924 [ ACB01BF1A905356AB7F978C7FE852209 ] McNASvc C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
17:12:12.0766 6924 McNASvc - ok
17:12:12.0802 6924 [ 44D0DA102FA7A1BE22FD7499E80DCF9B ] McODS C:\Program Files\mcafee\VirusScan\mcods.exe
17:12:12.0833 6924 McODS - ok
17:12:12.0838 6924 [ ACB01BF1A905356AB7F978C7FE852209 ] McOobeSv C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
17:12:12.0852 6924 McOobeSv - ok
17:12:12.0857 6924 [ ACB01BF1A905356AB7F978C7FE852209 ] McProxy C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
17:12:12.0871 6924 McProxy - ok
17:12:12.0901 6924 [ E998E3B12101288D716558466CBF6AE1 ] McShield C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
17:12:12.0929 6924 McShield - ok
17:12:12.0954 6924 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
17:12:12.0999 6924 Mcx2Svc - ok
17:12:13.0025 6924 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
17:12:13.0036 6924 megasas - ok
17:12:13.0051 6924 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
17:12:13.0066 6924 MegaSR - ok
17:12:13.0081 6924 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
17:12:13.0092 6924 MEIx64 - ok
17:12:13.0123 6924 [ 01884CB7655C8908B43FF5E364FE6FD2 ] mfeapfk C:\Windows\system32\drivers\mfeapfk.sys
17:12:13.0155 6924 mfeapfk - ok
17:12:13.0187 6924 [ DAB9A9CDFB04E4D68924492AA043019D ] mfeavfk C:\Windows\system32\drivers\mfeavfk.sys
17:12:13.0217 6924 mfeavfk - ok
17:12:13.0257 6924 mfeavfk01 - ok
17:12:13.0299 6924 [ B26782C3D6045B4464017D7926877560 ] mfefire C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
17:12:13.0334 6924 mfefire - ok
17:12:13.0356 6924 [ CE9A3680675C0907ADE16404CA967B49 ] mfefirek C:\Windows\system32\drivers\mfefirek.sys
17:12:13.0374 6924 mfefirek - ok
17:12:13.0424 6924 [ 60CF67458DD29CD17E77F2327B1A9A54 ] mfehidk C:\Windows\system32\drivers\mfehidk.sys
17:12:13.0464 6924 mfehidk - ok
17:12:13.0475 6924 [ A8129CFB919347F8533C934B365E9202 ] mfenlfk C:\Windows\system32\DRIVERS\mfenlfk.sys
17:12:13.0487 6924 mfenlfk - ok
17:12:13.0519 6924 [ 5041FA2BD2B3A2693B015771BFBF6DCA ] mferkdet C:\Windows\system32\drivers\mferkdet.sys
17:12:13.0532 6924 mferkdet - ok
17:12:13.0557 6924 [ 723A5EB6CEF7F408C3D0F15A82A6BFF8 ] mfevtp C:\Windows\system32\mfevtps.exe
17:12:13.0571 6924 mfevtp - ok
17:12:13.0591 6924 [ 919C56DB14A0E1E2AB6DA5D2821DC26E ] mfewfpk C:\Windows\system32\drivers\mfewfpk.sys
17:12:13.0607 6924 mfewfpk - ok
17:12:13.0632 6924 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
17:12:13.0663 6924 MMCSS - ok
17:12:13.0678 6924 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
17:12:13.0719 6924 Modem - ok
17:12:13.0746 6924 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
17:12:13.0775 6924 monitor - ok
17:12:13.0792 6924 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
17:12:13.0802 6924 mouclass - ok
17:12:13.0811 6924 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
17:12:13.0823 6924 mouhid - ok
17:12:13.0834 6924 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
17:12:13.0845 6924 mountmgr - ok
17:12:13.0930 6924 [ E8D79312373F254DC13F3965BDB3D521 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
17:12:13.0962 6924 MozillaMaintenance - ok
17:12:13.0974 6924 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
17:12:13.0987 6924 mpio - ok
17:12:13.0999 6924 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
17:12:14.0029 6924 mpsdrv - ok
17:12:14.0052 6924 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
17:12:14.0104 6924 MpsSvc - ok
17:12:14.0120 6924 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
17:12:14.0164 6924 MRxDAV - ok
17:12:14.0191 6924 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
17:12:14.0239 6924 mrxsmb - ok
17:12:14.0265 6924 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:12:14.0304 6924 mrxsmb10 - ok
17:12:14.0342 6924 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:12:14.0379 6924 mrxsmb20 - ok
17:12:14.0403 6924 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
17:12:14.0422 6924 msahci - ok
17:12:14.0438 6924 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
17:12:14.0452 6924 msdsm - ok
17:12:14.0465 6924 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
17:12:14.0481 6924 MSDTC - ok
17:12:14.0586 6924 [ 8B6BE9A0C37A741F8A7EC604D6DCE9A7 ] MsDtsServer C:\Program Files (x86)\Microsoft SQL Server\90\DTS\Binn\MsDtsSrvr.exe
17:12:14.0621 6924 MsDtsServer - ok
17:12:14.0651 6924 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
17:12:14.0703 6924 Msfs - ok
17:12:14.0799 6924 [ 64149160CCBAE488D61ABE3F46E8A95F ] msftesql C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\msftesql.exe
17:12:14.0829 6924 msftesql - ok
17:12:14.0846 6924 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
17:12:14.0890 6924 mshidkmdf - ok
17:12:14.0906 6924 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
17:12:14.0916 6924 msisadrv - ok
17:12:14.0938 6924 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
17:12:14.0970 6924 MSiSCSI - ok
17:12:14.0973 6924 msiserver - ok
17:12:14.0988 6924 [ ACB01BF1A905356AB7F978C7FE852209 ] MSK80Service C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
17:12:15.0002 6924 MSK80Service - ok
17:12:15.0017 6924 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
17:12:15.0061 6924 MSKSSRV - ok
17:12:15.0072 6924 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
17:12:15.0114 6924 MSPCLOCK - ok
17:12:15.0124 6924 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
17:12:15.0167 6924 MSPQM - ok
17:12:15.0185 6924 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
17:12:15.0201 6924 MsRPC - ok
17:12:15.0212 6924 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
17:12:15.0222 6924 mssmbios - ok
17:12:15.0272 6924 MSSQL$SQLEXPRESS - ok
17:12:15.0285 6924 MSSQLSERVER - ok
17:12:15.0317 6924 [ ADAF062116B4E6D96E44D26486A87AF6 ] MSSQLServerADHelper C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqladhlp90.exe
17:12:15.0326 6924 MSSQLServerADHelper - ok
17:12:15.0386 6924 [ 7A2A8C975356858EB38466A6B1592E8D ] MSSQLServerADHelper100 C:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE
17:12:15.0396 6924 MSSQLServerADHelper100 - ok
17:12:15.0604 6924 [ 0D85A542737CB25314CAF92AF896DD0D ] MSSQLServerOLAPService C:\Program Files (x86)\Microsoft SQL Server\MSSQL.2\OLAP\bin\msmdsrv.exe
17:12:15.0785 6924 MSSQLServerOLAPService - ok
17:12:15.0802 6924 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
17:12:15.0840 6924 MSTEE - ok
17:12:15.0851 6924 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
17:12:15.0862 6924 MTConfig - ok
17:12:15.0873 6924 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
17:12:15.0884 6924 Mup - ok
17:12:15.0958 6924 [ 8F57DB74BF5407A4CDA6C8B005DC8DD0 ] MyWiFiDHCPDNS C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
17:12:15.0997 6924 MyWiFiDHCPDNS - ok
17:12:16.0022 6924 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
17:12:16.0057 6924 napagent - ok
17:12:16.0089 6924 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
17:12:16.0136 6924 NativeWifiP - ok
17:12:16.0210 6924 [ 934BB0D23A25C8C136570800A5A149B6 ] NAUpdate C:\Program Files (x86)\Nero\Update\NASvc.exe
17:12:16.0272 6924 NAUpdate - ok
17:12:16.0325 6924 [ C38B8AE57F78915905064A9A24DC1586 ] NDIS C:\Windows\system32\drivers\ndis.sys
17:12:16.0372 6924 NDIS - ok
17:12:16.0382 6924 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
17:12:16.0411 6924 NdisCap - ok
17:12:16.0419 6924 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
17:12:16.0448 6924 NdisTapi - ok
17:12:16.0460 6924 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
17:12:16.0488 6924 Ndisuio - ok
17:12:16.0502 6924 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
17:12:16.0544 6924 NdisWan - ok
17:12:16.0559 6924 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
17:12:16.0611 6924 NDProxy - ok
17:12:16.0623 6924 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
17:12:16.0667 6924 NetBIOS - ok
17:12:16.0689 6924 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
17:12:16.0720 6924 NetBT - ok
17:12:16.0728 6924 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
17:12:16.0739 6924 Netlogon - ok
17:12:16.0765 6924 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
17:12:16.0827 6924 Netman - ok
17:12:16.0849 6924 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:12:16.0887 6924 NetMsmqActivator - ok
17:12:16.0908 6924 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:12:16.0917 6924 NetPipeActivator - ok
17:12:16.0938 6924 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
17:12:16.0974 6924 netprofm - ok
17:12:16.0977 6924 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:12:16.0987 6924 NetTcpActivator - ok
17:12:16.0990 6924 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:12:16.0999 6924 NetTcpPortSharing - ok
17:12:17.0126 6924 [ 50AD7F7040C22BB7CAA59A0880875A21 ] NETwNs64 C:\Windows\system32\DRIVERS\NETwNs64.sys
17:12:17.0315 6924 NETwNs64 - ok
17:12:17.0334 6924 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
17:12:17.0345 6924 nfrd960 - ok
17:12:17.0364 6924 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
17:12:17.0412 6924 NlaSvc - ok
17:12:17.0494 6924 [ B9B72FAAAA41D59B73B88FE3DD737ED1 ] NOBU C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe
17:12:17.0534 6924 NOBU - ok
17:12:17.0547 6924 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
17:12:17.0578 6924 Npfs - ok
17:12:17.0587 6924 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
17:12:17.0628 6924 nsi - ok
17:12:17.0644 6924 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
17:12:17.0674 6924 nsiproxy - ok
17:12:17.0726 6924 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
17:12:17.0772 6924 Ntfs - ok
17:12:17.0784 6924 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
17:12:17.0827 6924 Null - ok
17:12:17.0849 6924 [ 0EBC9D13CD96C15B1B18D8678A609E4B ] nusb3hub C:\Windows\system32\DRIVERS\nusb3hub.sys
17:12:17.0865 6924 nusb3hub - ok
17:12:17.0899 6924 [ 7BDEC000D56D485021D9C1E63C2F81CA ] nusb3xhc C:\Windows\system32\DRIVERS\nusb3xhc.sys
17:12:17.0931 6924 nusb3xhc - ok
17:12:17.0973 6924 [ F2662FDC20518EE8A8EED4F61BA42349 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
17:12:17.0988 6924 NVHDA - ok
17:12:18.0170 6924 [ 573B0941A37AEBEE96085D56A103F57B ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
17:12:18.0333 6924 nvlddmkm - ok
17:12:18.0364 6924 [ 43AF7EBEAC2AB623468E32CADDCB61A4 ] nvpciflt C:\Windows\system32\DRIVERS\nvpciflt.sys
17:12:18.0376 6924 nvpciflt - ok
17:12:18.0385 6924 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
17:12:18.0398 6924 nvraid - ok
17:12:18.0408 6924 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
17:12:18.0421 6924 nvstor - ok
17:12:18.0437 6924 [ 9E01B716C8085F7ADB1CDC10103CEEF8 ] NvStUSB C:\Windows\system32\drivers\nvstusb.sys
17:12:18.0450 6924 NvStUSB - ok
17:12:18.0489 6924 [ C500760572C6059918FB0C960967695B ] NVSvc C:\Windows\system32\nvvsvc.exe
17:12:18.0513 6924 NVSvc - ok
17:12:18.0571 6924 [ F28169A7ADF7B41809CF92D369E744F0 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
17:12:18.0605 6924 nvUpdatusService - ok
17:12:18.0617 6924 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
17:12:18.0630 6924 nv_agp - ok
17:12:18.0671 6924 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
17:12:18.0721 6924 ohci1394 - ok
17:12:18.0757 6924 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
17:12:18.0769 6924 ose - ok
17:12:18.0867 6924 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
17:12:19.0006 6924 osppsvc - ok
17:12:19.0032 6924 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
17:12:19.0071 6924 p2pimsvc - ok
17:12:19.0083 6924 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
17:12:19.0101 6924 p2psvc - ok
17:12:19.0114 6924 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
17:12:19.0134 6924 Parport - ok
17:12:19.0163 6924 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
17:12:19.0174 6924 partmgr - ok
17:12:19.0225 6924 [ AFADA8B97BE3C9398DC6C770409C3544 ] PassThru Service C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
17:12:19.0229 6924 PassThru Service ( UnsignedFile.Multi.Generic ) - warning
17:12:19.0229 6924 PassThru Service - detected UnsignedFile.Multi.Generic (1)
17:12:19.0240 6924 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
17:12:19.0267 6924 PcaSvc - ok
17:12:19.0284 6924 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
17:12:19.0297 6924 pci - ok
17:12:19.0309 6924 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
17:12:19.0320 6924 pciide - ok
17:12:19.0334 6924 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
17:12:19.0347 6924 pcmcia - ok
17:12:19.0357 6924 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
17:12:19.0367 6924 pcw - ok
17:12:19.0384 6924 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
17:12:19.0436 6924 PEAUTH - ok
17:12:19.0507 6924 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
17:12:19.0542 6924 PerfHost - ok
17:12:19.0572 6924 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
17:12:19.0644 6924 pla - ok
17:12:19.0671 6924 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
17:12:19.0721 6924 PlugPlay - ok
17:12:19.0730 6924 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
17:12:19.0764 6924 PNRPAutoReg - ok
17:12:19.0791 6924 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
17:12:19.0805 6924 PNRPsvc - ok
17:12:19.0831 6924 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
17:12:19.0893 6924 PolicyAgent - ok
17:12:19.0920 6924 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
17:12:19.0978 6924 Power - ok
17:12:20.0003 6924 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
17:12:20.0047 6924 PptpMiniport - ok
17:12:20.0074 6924 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
17:12:20.0112 6924 Processor - ok
17:12:20.0133 6924 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
17:12:20.0175 6924 ProfSvc - ok
17:12:20.0178 6924 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
17:12:20.0189 6924 ProtectedStorage - ok
17:12:20.0222 6924 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
17:12:20.0294 6924 Psched - ok
17:12:20.0323 6924 [ 87B04878A6D59D6C79251DC960C674C1 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
17:12:20.0335 6924 PxHlpa64 - ok
17:12:20.0354 6924 [ 0928BD20273625622722FE1DE5BBDE57 ] qicflt C:\Windows\system32\DRIVERS\qicflt.sys
17:12:20.0365 6924 qicflt - ok
17:12:20.0399 6924 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
17:12:20.0445 6924 ql2300 - ok
17:12:20.0455 6924 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
17:12:20.0467 6924 ql40xx - ok
17:12:20.0488 6924 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
17:12:20.0507 6924 QWAVE - ok
17:12:20.0517 6924 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
17:12:20.0533 6924 QWAVEdrv - ok
17:12:20.0542 6924 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
17:12:20.0572 6924 RasAcd - ok
17:12:20.0593 6924 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
17:12:20.0623 6924 RasAgileVpn - ok
17:12:20.0636 6924 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
17:12:20.0682 6924 RasAuto - ok
17:12:20.0705 6924 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
17:12:20.0743 6924 Rasl2tp - ok
17:12:20.0759 6924 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
17:12:20.0794 6924 RasMan - ok
17:12:20.0819 6924 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
17:12:20.0862 6924 RasPppoe - ok
17:12:20.0874 6924 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
17:12:20.0922 6924 RasSstp - ok
17:12:20.0952 6924 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
17:12:20.0986 6924 rdbss - ok
17:12:20.0995 6924 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
17:12:21.0021 6924 rdpbus - ok
17:12:21.0036 6924 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
17:12:21.0065 6924 RDPCDD - ok
17:12:21.0068 6924 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
17:12:21.0110 6924 RDPENCDD - ok
17:12:21.0124 6924 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
17:12:21.0153 6924 RDPREFMP - ok
17:12:21.0182 6924 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
17:12:21.0219 6924 RDPWD - ok
17:12:21.0258 6924 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
17:12:21.0286 6924 rdyboost - ok
17:12:21.0373 6924 [ FD11C1287D38A46FB72353E14D50089C ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
17:12:21.0409 6924 RegSrvc - ok
17:12:21.0427 6924 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
17:12:21.0457 6924 RemoteAccess - ok
17:12:21.0465 6924 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
17:12:21.0509 6924 RemoteRegistry - ok
17:12:21.0532 6924 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
17:12:21.0548 6924 RFCOMM - ok
17:12:21.0653 6924 [ 3C957189B31C34D3AD21967B12B6AED7 ] RoxMediaDB12OEM C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe
17:12:21.0744 6924 RoxMediaDB12OEM - ok
17:12:21.0766 6924 [ 2B73088CC2CA757A172B425C9398E5BC ] RoxWatch12 C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe
17:12:21.0780 6924 RoxWatch12 - ok
17:12:21.0790 6924 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
17:12:21.0865 6924 RpcEptMapper - ok
17:12:21.0891 6924 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
17:12:21.0925 6924 RpcLocator - ok
17:12:21.0947 6924 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
17:12:21.0982 6924 RpcSs - ok
17:12:22.0016 6924 [ CD553B8633466A6D1C115812F2619F1F ] RsFx0103 C:\Windows\system32\DRIVERS\RsFx0103.sys
17:12:22.0030 6924 RsFx0103 - ok
17:12:22.0063 6924 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
17:12:22.0095 6924 rspndr - ok
17:12:22.0112 6924 [ ED5873F7DFB2F96D37F13322211B6BDC ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
17:12:22.0128 6924 RTL8167 - ok
17:12:22.0137 6924 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
17:12:22.0148 6924 SamSs - ok
17:12:22.0162 6924 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
17:12:22.0173 6924 sbp2port - ok
17:12:22.0192 6924 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
17:12:22.0235 6924 SCardSvr - ok
17:12:22.0251 6924 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
17:12:22.0312 6924 scfilter - ok
17:12:22.0342 6924 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
17:12:22.0390 6924 Schedule - ok
17:12:22.0406 6924 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
17:12:22.0435 6924 SCPolicySvc - ok
17:12:22.0474 6924 [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
17:12:22.0514 6924 sdbus - ok
17:12:22.0534 6924 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
17:12:22.0560 6924 SDRSVC - ok
17:12:22.0594 6924 [ 331E7BDE228914574FC9AE6CD520DAFA ] SeaPort C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
17:12:22.0631 6924 SeaPort - ok
17:12:22.0665 6924 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
17:12:22.0732 6924 secdrv - ok
17:12:22.0749 6924 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
17:12:22.0779 6924 seclogon - ok
17:12:22.0787 6924 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
17:12:22.0849 6924 SENS - ok
17:12:22.0851 6924 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
17:12:22.0877 6924 SensrSvc - ok
17:12:22.0903 6924 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
17:12:22.0937 6924 Serenum - ok
17:12:22.0946 6924 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys
17:12:22.0960 6924 Serial - ok
17:12:22.0970 6924 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
17:12:22.0983 6924 sermouse - ok
17:12:22.0997 6924 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
17:12:23.0039 6924 SessionEnv - ok
17:12:23.0055 6924 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\DRIVERS\sffdisk.sys
17:12:23.0069 6924 sffdisk - ok
17:12:23.0081 6924 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
17:12:23.0096 6924 sffp_mmc - ok
17:12:23.0104 6924 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\DRIVERS\sffp_sd.sys
17:12:23.0128 6924 sffp_sd - ok
17:12:23.0141 6924 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
17:12:23.0154 6924 sfloppy - ok
17:12:23.0227 6924 [ 74EC60E20516AAA573BE74F31175270F ] SftService C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
17:12:23.0256 6924 SftService - ok
17:12:23.0341 6924 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
17:12:23.0407 6924 SharedAccess - ok
17:12:23.0423 6924 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
17:12:23.0458 6924 ShellHWDetection - ok
17:12:23.0480 6924 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
17:12:23.0491 6924 SiSRaid2 - ok
17:12:23.0507 6924 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
17:12:23.0519 6924 SiSRaid4 - ok
17:12:23.0536 6924 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
17:12:23.0601 6924 Smb - ok
17:12:23.0630 6924 [ BBFB94699C8C265A6AF5FD51BDE26DFC ] snapman C:\Windows\system32\DRIVERS\snapman.sys
17:12:23.0647 6924 snapman - ok
17:12:23.0672 6924 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
17:12:23.0713 6924 SNMPTRAP - ok
17:12:23.0727 6924 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
17:12:23.0736 6924 spldr - ok
17:12:23.0777 6924 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
17:12:23.0816 6924 Spooler - ok
17:12:23.0864 6924 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
17:12:23.0972 6924 sppsvc - ok
17:12:23.0979 6924 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
17:12:24.0009 6924 sppuinotify - ok
17:12:24.0101 6924 [ 12E6D95CDE974B131DEFAA44BAB8B056 ] SQLAgent$SQLEXPRESS C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE
17:12:24.0137 6924 SQLAgent$SQLEXPRESS - ok
17:12:24.0205 6924 [ B54B48F6D92423440C264E91225C5FF1 ] SQLBrowser C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
17:12:24.0233 6924 SQLBrowser - ok
17:12:24.0290 6924 [ 7847EF1DB2E289BE82CBC70CF4D98FF8 ] SQLSERVERAGENT C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\SQLAGENT90.EXE
17:12:24.0316 6924 SQLSERVERAGENT - ok
17:12:24.0339 6924 [ 6D65985945B03CA59B67D0B73702FC7B ] SQLWriter C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
17:12:24.0368 6924 SQLWriter - ok
17:12:24.0416 6924 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
17:12:24.0468 6924 srv - ok
17:12:24.0499 6924 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
17:12:24.0530 6924 srv2 - ok
17:12:24.0559 6924 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
17:12:24.0572 6924 srvnet - ok
17:12:24.0589 6924 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
17:12:24.0623 6924 SSDPSRV - ok
17:12:24.0633 6924 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
17:12:24.0664 6924 SstpSvc - ok
17:12:24.0685 6924 [ 92E7F6666633D2DD91D527503DAA7BE0 ] stdcfltn C:\Windows\system32\DRIVERS\stdcfltn.sys
17:12:24.0695 6924 stdcfltn - ok
17:12:24.0746 6924 [ 0683504BBB3FFC0A73D9D217B63DD0E0 ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
17:12:24.0771 6924 Stereo Service - ok
17:12:24.0794 6924 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
17:12:24.0804 6924 stexstor - ok
17:12:24.0832 6924 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
17:12:24.0867 6924 stisvc - ok
17:12:24.0906 6924 [ 7731F46EC0D687A931CBA063E8F90EF0 ] stllssvr C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
17:12:24.0930 6924 stllssvr - ok
17:12:24.0958 6924 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
17:12:24.0968 6924 swenum - ok
17:12:25.0059 6924 [ F577910A133A592234EBAAD3F3AFA258 ] SwitchBoard C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
17:12:25.0110 6924 SwitchBoard ( UnsignedFile.Multi.Generic ) - warning
17:12:25.0110 6924 SwitchBoard - detected UnsignedFile.Multi.Generic (1)
17:12:25.0135 6924 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
17:12:25.0220 6924 swprv - ok
17:12:25.0347 6924 [ 6ECA1DCBE9A944239E3F01E0ADE6440A ] syncagentsrv C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
17:12:25.0420 6924 syncagentsrv - ok
17:12:25.0462 6924 [ B0C7D4DCF4800DF2F2145B500D0161E8 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
17:12:25.0503 6924 SynTP - ok
17:12:25.0538 6924 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
17:12:25.0620 6924 SysMain - ok
17:12:25.0647 6924 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
17:12:25.0665 6924 TabletInputService - ok
17:12:25.0711 6924 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
17:12:25.0759 6924 TapiSrv - ok
17:12:25.0771 6924 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
17:12:25.0803 6924 TBS - ok
17:12:25.0869 6924 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
17:12:25.0946 6924 Tcpip - ok
17:12:25.0974 6924 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
17:12:26.0006 6924 TCPIP6 - ok
17:12:26.0047 6924 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
17:12:26.0121 6924 tcpipreg - ok
17:12:26.0136 6924 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
17:12:26.0171 6924 TDPIPE - ok
17:12:26.0252 6924 [ 9C1A823D4E729C965167B6E71E984296 ] tdrpman C:\Windows\system32\DRIVERS\tdrpman.sys
17:12:26.0287 6924 tdrpman - ok
17:12:26.0320 6924 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
17:12:26.0364 6924 TDTCP - ok
17:12:26.0381 6924 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
17:12:26.0411 6924 tdx - ok
17:12:26.0424 6924 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
17:12:26.0434 6924 TermDD - ok
17:12:26.0448 6924 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
17:12:26.0499 6924 TermService - ok
17:12:26.0502 6924 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
17:12:26.0518 6924 Themes - ok
17:12:26.0540 6924 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
17:12:26.0572 6924 THREADORDER - ok
17:12:26.0595 6924 [ 990447334615A0DB84F620E1426DCFE0 ] timounter C:\Windows\system32\DRIVERS\timntr.sys
17:12:26.0624 6924 timounter - ok
17:12:26.0638 6924 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
17:12:26.0683 6924 TrkWks - ok
17:12:26.0727 6924 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
17:12:26.0789 6924 TrustedInstaller - ok
17:12:26.0801 6924 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
17:12:26.0842 6924 tssecsrv - ok
17:12:26.0858 6924 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
17:12:26.0881 6924 TsUsbFlt - ok
17:12:26.0896 6924 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
17:12:26.0908 6924 TsUsbGD - ok
17:12:26.0924 6924 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
17:12:26.0965 6924 tunnel - ok
17:12:26.0976 6924 [ FD24F98D2898BE093FE926604BE7DB99 ] TurboB C:\Windows\system32\DRIVERS\TurboB.sys
17:12:26.0987 6924 TurboB - ok
17:12:27.0041 6924 [ 600B406A04D90F577FEA8A88D7379F08 ] TurboBoost C:\Program Files\Intel\TurboBoost\TurboBoost.exe
17:12:27.0051 6924 TurboBoost - ok
17:12:27.0060 6924 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
17:12:27.0072 6924 uagp35 - ok
17:12:27.0110 6924 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
17:12:27.0173 6924 udfs - ok
17:12:27.0230 6924 [ 30B78A6296127B7A793CF42CA61B29B0 ] UI Assistant Service C:\Program Files (x86)\Join Air\AssistantServices.exe
17:12:27.0255 6924 UI Assistant Service - ok
17:12:27.0271 6924 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
17:12:27.0296 6924 UI0Detect - ok
17:12:27.0308 6924 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
17:12:27.0319 6924 uliagpkx - ok
17:12:27.0328 6924 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
17:12:27.0350 6924 umbus - ok
17:12:27.0367 6924 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
17:12:27.0388 6924 UmPass - ok
17:12:27.0484 6924 [ 2C16648A12999AE69A9EBF41974B0BA2 ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
17:12:27.0530 6924 UNS - ok
17:12:27.0547 6924 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
17:12:27.0591 6924 upnphost - ok
17:12:27.0610 6924 [ 19AD7990C0B67E48DAC5B26F99628223 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
17:12:27.0668 6924 usbccgp - ok
17:12:27.0689 6924 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
17:12:27.0705 6924 usbcir - ok
17:12:27.0719 6924 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
17:12:27.0744 6924 usbehci - ok
17:12:27.0776 6924 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
17:12:27.0822 6924 usbhub - ok
17:12:27.0841 6924 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
17:12:27.0878 6924 usbohci - ok
17:12:27.0890 6924 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\drivers\usbprint.sys
17:12:27.0912 6924 usbprint - ok
17:12:27.0926 6924 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
17:12:27.0975 6924 USBSTOR - ok
17:12:27.0994 6924 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
17:12:28.0018 6924 usbuhci - ok
17:12:28.0033 6924 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
17:12:28.0060 6924 usbvideo - ok
17:12:28.0073 6924 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
17:12:28.0115 6924 UxSms - ok
17:12:28.0128 6924 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
17:12:28.0140 6924 VaultSvc - ok
17:12:28.0146 6924 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
17:12:28.0156 6924 vdrvroot - ok
17:12:28.0168 6924 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
17:12:28.0216 6924 vds - ok
17:12:28.0228 6924 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
17:12:28.0243 6924 vga - ok
17:12:28.0252 6924 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
17:12:28.0283 6924 VgaSave - ok
17:12:28.0298 6924 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
17:12:28.0312 6924 vhdmp - ok
17:12:28.0322 6924 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
17:12:28.0332 6924 viaide - ok
17:12:28.0358 6924 [ EE12FAFFDD1FB13BE0D6EF67CB0D1617 ] vididr C:\Windows\system32\DRIVERS\vididr.sys
17:12:28.0393 6924 vididr - ok
17:12:28.0413 6924 [ 2DFD1EB9DE564460003DE1605A275E8D ] vidsflt61 C:\Windows\system32\DRIVERS\vsflt61.sys
17:12:28.0426 6924 vidsflt61 - ok
17:12:28.0436 6924 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
17:12:28.0447 6924 volmgr - ok
17:12:28.0460 6924 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
17:12:28.0476 6924 volmgrx - ok
17:12:28.0488 6924 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
17:12:28.0504 6924 volsnap - ok
17:12:28.0526 6924 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
17:12:28.0539 6924 vsmraid - ok
17:12:28.0591 6924 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
17:12:28.0668 6924 VSS - ok
17:12:28.0687 6924 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
17:12:28.0715 6924 vwifibus - ok
17:12:28.0731 6924 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
17:12:28.0747 6924 vwififlt - ok
17:12:28.0757 6924 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
17:12:28.0773 6924 vwifimp - ok
17:12:28.0787 6924 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
17:12:28.0823 6924 W32Time - ok
17:12:28.0896 6924 [ B32009DB1972E7F2C227499289C4384A ] W3SVC C:\Windows\system32\inetsrv\iisw3adm.dll
17:12:28.0938 6924 W3SVC - ok
17:12:28.0951 6924 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
17:12:28.0963 6924 WacomPen - ok
17:12:28.0977 6924 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
17:12:29.0038 6924 WANARP - ok
17:12:29.0041 6924 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
17:12:29.0069 6924 Wanarpv6 - ok
17:12:29.0091 6924 [ B32009DB1972E7F2C227499289C4384A ] WAS C:\Windows\system32\inetsrv\iisw3adm.dll
17:12:29.0105 6924 WAS - ok
17:12:29.0129 6924 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
17:12:29.0203 6924 wbengine - ok
17:12:29.0212 6924 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
17:12:29.0232 6924 WbioSrvc - ok
17:12:29.0248 6924 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
17:12:29.0276 6924 wcncsvc - ok
17:12:29.0288 6924 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
17:12:29.0323 6924 WcsPlugInService - ok
17:12:29.0333 6924 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
17:12:29.0343 6924 Wd - ok
17:12:29.0361 6924 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
17:12:29.0382 6924 Wdf01000 - ok
17:12:29.0398 6924 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
17:12:29.0502 6924 WdiServiceHost - ok
17:12:29.0505 6924 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
17:12:29.0521 6924 WdiSystemHost - ok
17:12:29.0534 6924 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
17:12:29.0566 6924 WebClient - ok
17:12:29.0584 6924 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
17:12:29.0631 6924 Wecsvc - ok
17:12:29.0650 6924 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
17:12:29.0697 6924 wercplsupport - ok
17:12:29.0717 6924 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
17:12:29.0748 6924 WerSvc - ok
17:12:29.0760 6924 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
17:12:29.0789 6924 WfpLwf - ok
17:12:29.0830 6924 [ B14EF15BD757FA488F9C970EEE9C0D35 ] WimFltr C:\Windows\system32\DRIVERS\wimfltr.sys
17:12:29.0862 6924 WimFltr - ok
17:12:29.0874 6924 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
17:12:29.0884 6924 WIMMount - ok
17:12:29.0909 6924 WinDefend - ok
17:12:29.0935 6924 WinHttpAutoProxySvc - ok
17:12:30.0003 6924 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
17:12:30.0061 6924 Winmgmt - ok
17:12:30.0123 6924 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
17:12:30.0194 6924 WinRM - ok
17:12:30.0246 6924 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
17:12:30.0307 6924 Wlansvc - ok
17:12:30.0339 6924 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
17:12:30.0349 6924 wlcrasvc - ok
17:12:30.0427 6924 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
17:12:30.0465 6924 wlidsvc - ok
17:12:30.0471 6924 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
17:12:30.0494 6924 WmiAcpi - ok
17:12:30.0513 6924 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
17:12:30.0528 6924 wmiApSrv - ok
17:12:30.0534 6924 WMPNetworkSvc - ok
17:12:30.0566 6924 [ B5BD872122A2CE82D196ABF2D5D8D80A ] WMSVC C:\Windows\system32\inetsrv\wmsvc.exe
17:12:30.0607 6924 WMSVC - ok
17:12:30.0615 6924 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
17:12:30.0636 6924 WPCSvc - ok
17:12:30.0648 6924 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
17:12:30.0663 6924 WPDBusEnum - ok
17:12:30.0698 6924 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
17:12:30.0728 6924 ws2ifsl - ok
17:12:30.0735 6924 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
17:12:30.0761 6924 wscsvc - ok
17:12:30.0764 6924 WSearch - ok
17:12:30.0829 6924 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
17:12:30.0911 6924 wuauserv - ok
17:12:30.0922 6924 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
17:12:30.0984 6924 WudfPf - ok
17:12:31.0003 6924 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
17:12:31.0049 6924 WUDFRd - ok
17:12:31.0065 6924 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
17:12:31.0095 6924 wudfsvc - ok
17:12:31.0105 6924 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
17:12:31.0139 6924 WwanSvc - ok
17:12:31.0185 6924 [ FF5A03A65B68DB7E02A12880399D40D4 ] ZTEusbmdm6k C:\Windows\system32\DRIVERS\ZTEusbmdm6k.sys
17:12:31.0235 6924 ZTEusbmdm6k - ok
17:12:31.0247 6924 [ FF5A03A65B68DB7E02A12880399D40D4 ] ZTEusbnmea C:\Windows\system32\DRIVERS\ZTEusbnmea.sys
17:12:31.0258 6924 ZTEusbnmea - ok
17:12:31.0270 6924 [ FF5A03A65B68DB7E02A12880399D40D4 ] ZTEusbser6k C:\Windows\system32\DRIVERS\ZTEusbser6k.sys
17:12:31.0281 6924 ZTEusbser6k - ok
17:12:31.0302 6924 ================ Scan global ===============================
17:12:31.0334 6924 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
17:12:31.0350 6924 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
17:12:31.0357 6924 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
17:12:31.0374 6924 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
17:12:31.0400 6924 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
17:12:31.0409 6924 [Global] - ok
17:12:31.0410 6924 ================ Scan MBR ==================================
17:12:31.0424 6924 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
17:12:31.0797 6924 \Device\Harddisk0\DR0 - ok
17:12:31.0798 6924 ================ Scan VBR ==================================
17:12:31.0802 6924 [ AA770D09DD7B8F709D05C0661C35163A ] \Device\Harddisk0\DR0\Partition1
17:12:31.0805 6924 \Device\Harddisk0\DR0\Partition1 - ok
17:12:31.0830 6924 [ 366EEE7971EBB79F5562314C85148A0E ] \Device\Harddisk0\DR0\Partition2
17:12:31.0832 6924 \Device\Harddisk0\DR0\Partition2 - ok
17:12:31.0856 6924 [ B42A23CB2A33C92BB51252C18D8570E1 ] \Device\Harddisk0\DR0\Partition3
17:12:31.0858 6924 \Device\Harddisk0\DR0\Partition3 - ok
17:12:31.0858 6924 ============================================================
17:12:31.0858 6924 Scan finished
17:12:31.0858 6924 ============================================================
17:12:31.0865 11672 Detected object count: 7
17:12:31.0865 11672 Actual detected object count: 7
17:13:11.0397 11672 Bluetooth Device Monitor ( UnsignedFile.Multi.Generic ) - skipped by user
17:13:11.0397 11672 Bluetooth Device Monitor ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:13:11.0398 11672 Bluetooth Media Service ( UnsignedFile.Multi.Generic ) - skipped by user
17:13:11.0398 11672 Bluetooth Media Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:13:11.0399 11672 Bluetooth OBEX Service ( UnsignedFile.Multi.Generic ) - skipped by user
17:13:11.0399 11672 Bluetooth OBEX Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:13:11.0400 11672 EpsonBidirectionalService ( UnsignedFile.Multi.Generic ) - skipped by user
17:13:11.0400 11672 EpsonBidirectionalService ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:13:11.0401 11672 GtDetectSc ( UnsignedFile.Multi.Generic ) - skipped by user
17:13:11.0401 11672 GtDetectSc ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:13:11.0402 11672 PassThru Service ( UnsignedFile.Multi.Generic ) - skipped by user
17:13:11.0402 11672 PassThru Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:13:11.0403 11672 SwitchBoard ( UnsignedFile.Multi.Generic ) - skipped by user
17:13:11.0403 11672 SwitchBoard ( UnsignedFile.Multi.Generic ) - User select action: Skip
|
|
04.09.2012, 18:51
| #20 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | PopUp rechts unten, Weiterleitung von Links Dann bitte jetzt CF ausführen: ComboFix Ein Leitfaden und Tutorium zur Nutzung von ComboFix
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat! Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie Zitat:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
05.09.2012, 17:05
| #21 |
| | PopUp rechts unten, Weiterleitung von Links hier das Ergebnis von ComboFix Combofix Logfile: Code:
ATTFilter ComboFix 12-09-05.01 - martinh 05.09.2012 17:04:26.1.8 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.8086.5771 [GMT 2:00]
ausgeführt von:: c:\users\martinh\Desktop\ComboFix.exe
AV: McAfee Anti-Virus und Anti-Spyware *Disabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}
FW: McAfee Firewall *Enabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}
SP: McAfee Anti-Virus und Anti-Spyware *Disabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Neuer Wiederherstellungspunkt wurde erstellt
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\PCDr\6032\AddOnDownloaded\07439fd5-7039-4014-b635-5bf088a1465b.dll
c:\programdata\PCDr\6032\AddOnDownloaded\0d461521-7dbf-4cec-a29e-936c88cdf8c9.dll
c:\programdata\PCDr\6032\AddOnDownloaded\0d85b53c-d766-4bf0-8940-17b534910268.dll
c:\programdata\PCDr\6032\AddOnDownloaded\100c3865-0c76-461b-b2fd-042d6d5fa7f6.dll
c:\programdata\PCDr\6032\AddOnDownloaded\140239b3-d59a-46fa-b856-17682a46cb44.dll
c:\programdata\PCDr\6032\AddOnDownloaded\16837627-a839-41c5-a88f-3a0335128383.dll
c:\programdata\PCDr\6032\AddOnDownloaded\16ab6978-b6b5-41fa-81a1-8bffc55a69b9.dll
c:\programdata\PCDr\6032\AddOnDownloaded\173c4dd2-e93c-4725-b006-db1d8f465192.dll
c:\programdata\PCDr\6032\AddOnDownloaded\1e0aaf9a-9947-4a7b-b1ae-8a89919438ed.dll
c:\programdata\PCDr\6032\AddOnDownloaded\246b20c1-8ea9-4148-a34e-d03c8a1d5a76.dll
c:\programdata\PCDr\6032\AddOnDownloaded\263d6ac9-4f87-466c-947c-bd9af71d7035.dll
c:\programdata\PCDr\6032\AddOnDownloaded\27e5bc9a-105f-4d7f-8352-e6ef1c8933dd.dll
c:\programdata\PCDr\6032\AddOnDownloaded\2ee79d71-badc-46b4-b731-42b15f3cd1c3.dll
c:\programdata\PCDr\6032\AddOnDownloaded\3410f47b-5e8c-47c6-bf2c-234af4121d4c.dll
c:\programdata\PCDr\6032\AddOnDownloaded\378deb7f-049e-4a5e-83b2-5381dcd9e928.dll
c:\programdata\PCDr\6032\AddOnDownloaded\3972fea3-214c-4935-a7d1-96bf66115683.dll
c:\programdata\PCDr\6032\AddOnDownloaded\3a79f062-8f3e-464f-9815-2c45840494ee.dll
c:\programdata\PCDr\6032\AddOnDownloaded\3b1c7acd-5e3e-4459-ab98-5109117e2341.dll
c:\programdata\PCDr\6032\AddOnDownloaded\3e4c86d5-a5c1-4c3f-8fc7-6258992b16c5.dll
c:\programdata\PCDr\6032\AddOnDownloaded\4546f2bc-b9d9-4667-abe7-b0bacc90279e.dll
c:\programdata\PCDr\6032\AddOnDownloaded\4804ced5-915b-48a3-a465-b8a5e02714bf.dll
c:\programdata\PCDr\6032\AddOnDownloaded\4818e109-9489-4cd8-9044-44defd8ec187.dll
c:\programdata\PCDr\6032\AddOnDownloaded\493f295d-1a46-46f6-926c-63b474cedab4.dll
c:\programdata\PCDr\6032\AddOnDownloaded\5e1c102f-bfde-420c-87c0-64fe851888e5.dll
c:\programdata\PCDr\6032\AddOnDownloaded\62d1f0b0-bc9a-4f6c-bad7-93b19a91276a.dll
c:\programdata\PCDr\6032\AddOnDownloaded\67c3d4fe-b638-467a-9fe2-c5813ade3330.dll
c:\programdata\PCDr\6032\AddOnDownloaded\6820b110-e483-4f1e-9b48-438f7916f078.dll
c:\programdata\PCDr\6032\AddOnDownloaded\6928cebe-dc61-4564-a488-e19724a8de68.dll
c:\programdata\PCDr\6032\AddOnDownloaded\6b5978fa-48d7-4309-a523-7e157768c0d8.dll
c:\programdata\PCDr\6032\AddOnDownloaded\6f4fb483-ce30-493a-8cb4-3e530ab1be5b.dll
c:\programdata\PCDr\6032\AddOnDownloaded\7014e871-cc3b-4dec-b82b-bc70222b40ed.dll
c:\programdata\PCDr\6032\AddOnDownloaded\739db3eb-d3cd-4c86-a6ea-01a49984fa3b.dll
c:\programdata\PCDr\6032\AddOnDownloaded\7bd83798-7a02-4f50-83a2-b91cabcbd1f9.dll
c:\programdata\PCDr\6032\AddOnDownloaded\7dbfef1a-6148-4748-a1b3-71627763a45a.dll
c:\programdata\PCDr\6032\AddOnDownloaded\813755dc-2229-47a2-b85b-19d0aaa641c9.dll
c:\programdata\PCDr\6032\AddOnDownloaded\872965c7-08b7-47fc-a74c-ff167590b71a.dll
c:\programdata\PCDr\6032\AddOnDownloaded\8a6735b1-c078-4648-9416-b6bb29ec3dc1.dll
c:\programdata\PCDr\6032\AddOnDownloaded\8d357f17-07ad-4392-ba06-fb67564c98cd.dll
c:\programdata\PCDr\6032\AddOnDownloaded\934f6059-2d35-4bd9-a130-a17cb5563507.dll
c:\programdata\PCDr\6032\AddOnDownloaded\9ad10df8-6662-488d-9a0f-1fab1ee3403d.dll
c:\programdata\PCDr\6032\AddOnDownloaded\9f8591c3-5048-42f7-9553-387b30449f54.dll
c:\programdata\PCDr\6032\AddOnDownloaded\a2192d8a-3d73-4ff7-be9b-02134f41db63.dll
c:\programdata\PCDr\6032\AddOnDownloaded\a4930af9-016c-4915-a740-a3364e7618aa.dll
c:\programdata\PCDr\6032\AddOnDownloaded\a61f44a8-21a3-4c4a-a04b-993dfb73bf96.dll
c:\programdata\PCDr\6032\AddOnDownloaded\a9de0c84-9a7c-4638-9653-13aa8cf56e80.dll
c:\programdata\PCDr\6032\AddOnDownloaded\ac96894a-064b-4c44-a457-9d5aaee7032a.dll
c:\programdata\PCDr\6032\AddOnDownloaded\adb45b82-004f-4eed-bd54-d60d7eda1ff5.dll
c:\programdata\PCDr\6032\AddOnDownloaded\ae67b364-b69e-471e-b177-2459120b84d4.dll
c:\programdata\PCDr\6032\AddOnDownloaded\b2152f30-7380-4987-8fcf-e4c06952615d.dll
c:\programdata\PCDr\6032\AddOnDownloaded\b2ed8d53-41ce-48e6-b4ac-8b8e5e1a4fdf.dll
c:\programdata\PCDr\6032\AddOnDownloaded\b4cc2a4a-87f5-49cd-935c-18f1a80e65b7.dll
c:\programdata\PCDr\6032\AddOnDownloaded\b9ce760f-6209-48f2-a4a3-695324591c45.dll
c:\programdata\PCDr\6032\AddOnDownloaded\bbfa36b0-30b0-4e36-8d8c-69df1d87626b.dll
c:\programdata\PCDr\6032\AddOnDownloaded\bc6fc708-5b6b-4a72-b336-09b3089baa7a.dll
c:\programdata\PCDr\6032\AddOnDownloaded\bf647bd7-dfb5-4746-a6b4-b7c2fdbbf3b1.dll
c:\programdata\PCDr\6032\AddOnDownloaded\c2690c4c-81f4-4565-a861-643c7af1fa90.dll
c:\programdata\PCDr\6032\AddOnDownloaded\c4211805-b43b-471d-81af-4e0589f8607b.dll
c:\programdata\PCDr\6032\AddOnDownloaded\cdda52ec-6ccd-425a-8c72-b7bbdc8b3acd.dll
c:\programdata\PCDr\6032\AddOnDownloaded\d1f4dc82-bc4c-4916-b37c-3ab9c30ae468.dll
c:\programdata\PCDr\6032\AddOnDownloaded\d34c0cf7-889f-43dd-9283-b2b6f442aae3.dll
c:\programdata\PCDr\6032\AddOnDownloaded\daf30858-49d8-434b-b4b1-068b5dc9267c.dll
c:\programdata\PCDr\6032\AddOnDownloaded\ddb9fe5d-525c-4d5d-ac37-0bd10f2864f8.dll
c:\programdata\PCDr\6032\AddOnDownloaded\e45cd45a-4d7c-4802-881f-74582b847e5c.dll
c:\programdata\PCDr\6032\AddOnDownloaded\e86f11dd-8b83-43cc-899e-f935ce0a1ea0.dll
c:\programdata\PCDr\6032\AddOnDownloaded\e9bb45d9-5a2b-47e8-9c48-168276d422cc.dll
c:\programdata\PCDr\6032\AddOnDownloaded\eb1a169a-7868-4b2c-ae46-52b55b4db151.dll
c:\programdata\PCDr\6032\AddOnDownloaded\ef78c3e8-1d94-4219-8070-7617e119bba4.dll
c:\programdata\PCDr\6032\AddOnDownloaded\f06c5597-1a85-4d1f-ac16-a6fdd2a6bedc.dll
c:\programdata\PCDr\6032\AddOnDownloaded\f80d4ad1-1fad-43b5-b6f3-347848b5ddd5.dll
c:\programdata\PCDr\6032\AddOnDownloaded\f9dc840b-c6f7-42a5-acec-50cc7a2827fd.dll
c:\programdata\Roaming
.
.
((((((((((((((((((((((( Dateien erstellt von 2012-08-05 bis 2012-09-05 ))))))))))))))))))))))))))))))
.
.
2012-09-05 15:24 . 2012-09-05 15:24 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2012-09-05 15:24 . 2012-09-05 15:24 -------- d-----w- c:\users\hirsch\AppData\Local\temp
2012-09-05 15:24 . 2012-09-05 15:24 -------- d-----w- c:\users\HHV_83\AppData\Local\temp
2012-09-05 15:24 . 2012-09-05 15:24 -------- d-----w- c:\users\GHV\AppData\Local\temp
2012-09-05 15:24 . 2012-09-05 15:24 -------- d-----w- c:\users\DefaultAppPool\AppData\Local\temp
2012-09-05 15:24 . 2012-09-05 15:24 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-09-05 15:24 . 2012-09-05 15:24 -------- d-----w- c:\users\Classic .NET AppPool\AppData\Local\temp
2012-09-04 03:37 . 2012-09-04 03:37 -------- d-----w- C:\_OTL
2012-08-30 05:48 . 2012-08-30 05:48 73696 ----a-w- c:\program files (x86)\Mozilla Firefox\breakpadinjector.dll
2012-08-23 07:08 . 2012-08-23 07:08 -------- d-----w- c:\programdata\PC-Doctor for Windows
2012-08-18 14:04 . 2012-08-18 14:04 -------- d-----w- c:\program files (x86)\ESET
2012-08-15 16:05 . 2012-07-06 20:07 552960 ----a-w- c:\windows\system32\drivers\bthport.sys
2012-08-15 06:25 . 2012-05-05 08:36 503808 ----a-w- c:\windows\system32\srcore.dll
2012-08-15 06:25 . 2012-05-05 07:46 43008 ----a-w- c:\windows\SysWow64\srclient.dll
2012-08-15 06:25 . 2012-02-11 06:43 751104 ----a-w- c:\windows\system32\win32spl.dll
2012-08-15 06:25 . 2012-02-11 06:36 559104 ----a-w- c:\windows\system32\spoolsv.exe
2012-08-15 06:25 . 2012-02-11 06:36 67072 ----a-w- c:\windows\splwow64.exe
2012-08-15 06:25 . 2012-02-11 05:43 492032 ----a-w- c:\windows\SysWow64\win32spl.dll
2012-08-15 06:25 . 2012-07-04 22:16 73216 ----a-w- c:\windows\system32\netapi32.dll
2012-08-15 06:25 . 2012-07-04 22:13 59392 ----a-w- c:\windows\system32\browcli.dll
2012-08-15 06:25 . 2012-07-04 22:13 136704 ----a-w- c:\windows\system32\browser.dll
2012-08-15 06:25 . 2012-07-04 21:14 41984 ----a-w- c:\windows\SysWow64\browcli.dll
2012-08-15 06:25 . 2012-07-18 18:15 3148800 ----a-w- c:\windows\system32\win32k.sys
2012-08-15 06:25 . 2012-05-14 05:26 956928 ----a-w- c:\windows\system32\localspl.dll
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-08-15 16:01 . 2011-12-04 07:57 62134624 ----a-w- c:\windows\system32\MRT.exe
2012-08-15 07:45 . 2012-04-11 05:54 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-08-15 07:45 . 2011-10-12 13:32 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-07-03 11:46 . 2012-07-30 16:16 24904 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-06-25 14:04 . 2012-06-25 14:04 1394248 ----a-w- c:\windows\SysWow64\msxml4.dll
2012-06-22 12:02 . 2010-06-24 09:33 19736 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2012-06-09 05:43 . 2012-07-11 08:44 14172672 ----a-w- c:\windows\system32\shell32.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" [2010-11-16 35736]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"Dell Webcam Central"="c:\program files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" [2011-04-13 503942]
"Dell DataSafe Online"="c:\program files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe" [2010-08-26 1117528]
"mcui_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2012-03-21 1675160]
"RoxWatchTray"="c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe" [2010-11-25 240112]
"Desktop Disc Tool"="c:\program files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe" [2010-11-17 514544]
"Microsoft Default Manager"="c:\program files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" [2010-05-10 439568]
"NeroLauncher"="c:\program files (x86)\Nero\SyncUP\NeroLauncher.exe" [2012-02-06 66872]
"AccuWeatherWidget"="c:\program files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe" [2011-05-30 885760]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-11-01 59240]
"FUFAXRCV"="c:\program files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe" [2011-03-08 495616]
"FUFAXSTM"="c:\program files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe" [2011-03-08 856064]
"EEventManager"="c:\program files (x86)\Epson Software\Event Manager\EEventManager.exe" [2010-10-12 979328]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS5.5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" [2011-01-12 1523360]
"Adobe Acrobat Speed Launcher"="c:\program files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe" [2012-01-03 36760]
"Acrobat Assistant 8.0"="c:\program files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe" [2012-01-03 815512]
"TrueImageMonitor.exe"="c:\program files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe" [2011-12-16 5992064]
"UIExec"="c:\program files (x86)\Join Air\UIExec.exe" [2010-04-27 138072]
"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-07-03 462920]
.
c:\users\martinh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
HyperSnap 7.lnk - c:\program files (x86)\HyperSnap 7\HprSnap7.exe [2012-5-9 3252736]
Überwachungstool für die Intel® Turbo-Boost-Technik 2.0.lnk - c:\program files\Intel\TurboBoost\SignalIslandUi.exe [2010-11-29 204288]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
o2 Verbindungsmanager.lnk - c:\program files\o2 Surfstick Speed\GlobeTrotter Connect\o2 Verbindungsmanager.exe [2009-1-27 1435648]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe [2011-05-19 995392]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Google Update-Dienst (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-03-12 136176]
R2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-04-22 2009704]
R2 RoxWatch12;Roxio Hard Drive Watcher 12;c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe [2010-11-25 219632]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-15 250056]
R3 AMPPALP;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Protokoll;c:\windows\system32\DRIVERS\amppal.sys [2011-08-08 299008]
R3 Bluetooth Media Service;Bluetooth Media Service;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe [2011-05-19 1335360]
R3 GTUHSBUS;GT UHS BUS;c:\windows\system32\DRIVERS\gtuhsbus.sys [2008-12-08 85504]
R3 GTUHSNDISIPXP;GT UHS IP NDIS;c:\windows\system32\DRIVERS\gtuhs51.sys [2008-12-08 124928]
R3 GTUHSOMS;GT UHS OMS;c:\windows\system32\DRIVERS\gtuhsoms.sys [2008-12-08 29184]
R3 GTUHSSER;GT UHS SER;c:\windows\system32\DRIVERS\gtuhsser.sys [2008-12-08 10624]
R3 gupdatem;Google Update-Dienst (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-03-12 136176]
R3 HTCAND64;HTC Device Driver;c:\windows\system32\Drivers\ANDROIDUSB.sys [2009-11-02 33736]
R3 htcnprot;HTC NDIS Protocol Driver;c:\windows\system32\DRIVERS\htcnprot.sys [2010-06-25 36928]
R3 Impcd;Impcd;c:\windows\system32\drivers\Impcd.sys [2010-02-27 158976]
R3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys [2010-12-15 174168]
R3 massfilter;Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter.sys [2010-01-05 11776]
R3 McAWFwk;McAfee Activation Service;c:\progra~1\mcafee\msc\mcawfwk.exe [2010-08-30 220528]
R3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [2012-02-22 100912]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-08-30 114144]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [2011-07-28 340240]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [2011-03-04 174184]
R3 NvStUSB;NVIDIA Stereoscopic 3D USB driver;c:\windows\system32\drivers\nvstusb.sys [2010-12-12 121960]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 RoxMediaDB12OEM;RoxMediaDB12OEM;c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [2010-11-25 1116656]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
R3 WMSVC;Webverwaltungsdienst;c:\windows\system32\inetsrv\wmsvc.exe [2009-07-14 10752]
R4 McOobeSv;McAfee OOBE Service;c:\program files\Common Files\mcafee\McSvcHost\McSvHost.exe [2011-01-27 249936]
R4 MSSQLServerADHelper100;SQL Server Hilfsdienst für Active Directory;c:\program files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2009-03-31 61976]
R4 RsFx0103;RsFx0103 Driver;c:\windows\system32\DRIVERS\RsFx0103.sys [2009-03-30 311656]
R4 SQLAgent$SQLEXPRESS;SQL Server-Agent (SQLEXPRESS);c:\program files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2009-03-30 427880]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S0 fltsrv;Acronis Storage Filter Management;c:\windows\system32\DRIVERS\fltsrv.sys [2012-02-16 133728]
S0 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys [2012-02-22 289664]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys [2011-04-22 25960]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2010-03-19 55856]
S0 stdcfltn;Disk Class Filter Driver for Accelerometer;c:\windows\system32\DRIVERS\stdcfltn.sys [2010-08-20 21616]
S0 vididr;Acronis Virtual Disk;c:\windows\system32\DRIVERS\vididr.sys [2012-02-16 211040]
S0 vidsflt61;Acronis Disk Storage Filter (61);c:\windows\system32\DRIVERS\vsflt61.sys [2012-02-16 142944]
S1 mfenlfk;McAfee NDIS Light Filter;c:\windows\system32\DRIVERS\mfenlfk.sys [2012-02-22 75936]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
S2 ABBYY.Licensing.FineReader.Sprint.9.0;ABBYY FineReader 9.0 Sprint Licensing Service;c:\program files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [2009-05-14 759048]
S2 AERTFilters;Andrea RT Filters Service;c:\program files\Realtek\Audio\HDA\AERTSr64.exe [2009-11-18 98208]
S2 afcdpsrv;Acronis Nonstop Backup-Dienst;c:\program files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [2012-02-16 3483600]
S2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Service;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe [2011-08-08 1166848]
S2 Bluetooth Device Monitor;Bluetooth Device Monitor;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe [2011-05-19 921664]
S2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) 3.0 + High Speed Security Service;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2011-06-03 134928]
S2 GtDetectSc;GtDetectSc;c:\program files\o2 Surfstick Speed\GlobeTrotter Connect\GtDetectSc.exe [2008-05-08 314880]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-07-03 655944]
S2 McMPFSvc;McAfee Personal Firewall Service;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-01-27 249936]
S2 McNaiAnn;McAfee VirusScan Announcer;c:\program files\Common Files\mcafee\McSvcHost\McSvHost.exe [2011-01-27 249936]
S2 mfefire;McAfee Firewall Core Service;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe [2012-03-20 210584]
S2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe [2012-03-20 162192]
S2 MsDtsServer;SQL Server Integration Services;c:\program files (x86)\Microsoft SQL Server\90\DTS\Binn\MsDtsSrvr.exe [2005-10-14 199384]
S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe [2011-11-25 687400]
S2 NOBU;Dell DataSafe Online;c:\program files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe SERVICE [x]
S2 PassThru Service;Internet Pass-Through Service;c:\program files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [2012-03-23 87040]
S2 SftService;SoftThinks Agent Service;c:\program files (x86)\Dell DataSafe Local Backup\sftservice.EXE [2011-08-18 1692480]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-04-21 378472]
S2 syncagentsrv;Acronis Sync Agent Service;c:\program files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe [2011-12-16 5891048]
S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys [2010-11-29 16120]
S2 UI Assistant Service;UI Assistant Service;c:\program files (x86)\Join Air\AssistantServices.exe [2010-04-27 247152]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-12-20 2656280]
S3 Acceler;Accelerometer Service;c:\windows\system32\DRIVERS\Accelern.sys [2010-12-13 27760]
S3 afcdp;afcdp;c:\windows\system32\DRIVERS\afcdp.sys [2012-02-16 367200]
S3 AMPPAL;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed - Virtueller Adapter;c:\windows\system32\DRIVERS\AMPPAL.sys [2011-08-08 299008]
S3 btmaudio;Intel Bluetooth Audio Service;c:\windows\system32\drivers\btmaud.sys [2011-05-19 51712]
S3 btmaux;Intel Bluetooth Auxiliary Service;c:\windows\system32\DRIVERS\btmaux.sys [2011-05-19 53248]
S3 btmhsf;btmhsf;c:\windows\system32\DRIVERS\btmhsf.sys [2011-07-19 282624]
S3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [2012-02-22 65264]
S3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\DRIVERS\CtClsFlt.sys [2011-01-20 176096]
S3 iBtFltCoex;iBtFltCoex;c:\windows\system32\DRIVERS\iBtFltCoex.sys [2011-07-19 59904]
S3 IntcDAud;Intel(R) Display-Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2010-10-15 317440]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-07-03 24904]
S3 MEIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2010-10-20 56344]
S3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [2012-02-22 487296]
S3 NETwNs64;___ Intel(R) Wireless WiFi Link der Serie 5000 Adaptertreiber für Windows 7 64-Bit;c:\windows\system32\DRIVERS\NETwNs64.sys [2011-08-04 8604672]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [2011-02-10 82432]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [2011-02-10 181760]
S3 qicflt;upper Device Filter Driver;c:\windows\system32\DRIVERS\qicflt.sys [2010-07-13 29288]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-02-17 428136]
S3 TurboBoost;Intel(R) Turbo Boost Technology Monitor 2.0;c:\program files\Intel\TurboBoost\TurboBoost.exe [2010-11-29 149504]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*Deregistered* - mfeavfk01
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
iissvcs REG_MULTI_SZ w3svc was
apphost REG_MULTI_SZ apphostsvc
.
Inhalt des "geplante Tasks" Ordners
.
2012-09-05 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-11 07:45]
.
2012-09-05 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-03-12 12:00]
.
2012-09-05 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-03-12 12:00]
.
2012-09-05 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-922914623-1579024045-3891080990-1001Core.job
- c:\users\martinh\AppData\Local\Google\Update\GoogleUpdate.exe [2012-08-06 12:32]
.
2012-09-05 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-922914623-1579024045-3891080990-1001UA.job
- c:\users\martinh\AppData\Local\Google\Update\GoogleUpdate.exe [2012-08-06 12:32]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2011-02-18 6611048]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2011-01-18 2188904]
"NVHotkey"="c:\windows\system32\nvHotkey.dll" [2011-04-22 312936]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-03-30 167960]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-03-30 391704]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-03-30 418840]
"FreeFallProtection"="c:\program files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe" [2010-12-17 686704]
"BTMTrayAgent"="c:\program files (x86)\Intel\Bluetooth\btmshell.dll" [2011-05-19 10365952]
"IntelPAN"="c:\program files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" [2011-07-28 1935120]
"QuickSet"="c:\program files\Dell\QuickSet\QuickSet.exe" [2011-01-25 4479648]
"IntelTBRunOnce"="wscript.exe" [2009-07-14 168960]
"DellStage"="c:\program files (x86)\Dell Stage\Dell Stage\stage_primary.exe" [2011-05-30 2055816]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2011-03-30 499608]
"Acronis Scheduler2 Service"="c:\program files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe" [2011-12-16 403616]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x1
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: An OneNote s&enden - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: Free YouTube Download - c:\users\martinh\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm
IE: Free YouTube to MP3 Converter - c:\users\martinh\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: Nach Microsoft E&xcel exportieren - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.2.1
FF - ProfilePath - c:\users\martinh\AppData\Roaming\Mozilla\Firefox\Profiles\ykzypf94.default\
FF - prefs.js: browser.search.defaulturl -
FF - prefs.js: browser.startup.homepage - hxxp://www.psd-tutorials.de/
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
ShellIconOverlayIdentifiers- - (no file)
ShellIconOverlayIdentifiers- - (no file)
ShellIconOverlayIdentifiers- - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
HKLM-Run-Stage Remote - c:\program files (x86)\Dell\Stage Remote\StageRemote.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\msftesql]
"ImagePath"="\"c:\program files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\msftesql.exe\" -s:MSSQL.1 -f:MSSQLSERVER"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_271_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_271_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2012-09-05 17:57:37
ComboFix-quarantined-files.txt 2012-09-05 15:57
.
Vor Suchlauf: 14 Verzeichnis(se), 294.896.209.920 Bytes frei
Nach Suchlauf: 17 Verzeichnis(se), 294.520.205.312 Bytes frei
.
- - End Of File - - 6F9208BAD8634A71394F21B6ABD5996B
|
|
06.09.2012, 12:22
| #22 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | PopUp rechts unten, Weiterleitung von Links Bitte nun Logs mit GMER und OSAM erstellen und posten. GMER stürzt häufiger ab, wenn das Tool auch beim 2. Mal nicht will, lass es einfach weg und führ nur OSAM aus - die Online-Abfrage durch OSAM bitte überspringen. Bei OSAM bitte darauf auch achten, dass Du das Log auch als *.log und nicht *.html oder so abspeicherst. Hinweis: Zum Entpacken von OSAM bitte WinRAR oder 7zip verwenden! Stell auch unbedingt den Virenscanner ab, besonders der Scanner von McAfee meldet oft einen Fehalarm in OSAM! Downloade dir bitte  aswMBR.exe und speichere die Datei auf deinem Desktop.
Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none). Noch ein Hinweis: Sollte aswMBR abstürzen und es kommt eine Meldung wie "aswMBR.exe funktioniert nicht mehr, dann mach Folgendes: Starte aswMBR neu, wähle unten links im Drop-Down-Menü (unten links im Fenster von aswMBR) bei "AV scan" (none) aus und klick nochmal auf den Scan-Button.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
06.09.2012, 14:14
| #23 |
| | PopUp rechts unten, Weiterleitung von Links Hier zunächst die gmer.log GMER Logfile: Code:
ATTFilter GMER 1.0.15.15641 - hxxp://www.gmer.net
Rootkit scan 2012-09-06 14:43:49
Windows 6.1.7601 Service Pack 1
Running: vjigxeoy.exe
---- Registry - GMER 1.0.15 ----
Reg HKLM\SYSTEM\ControlSet001\services\BTHPORT\Parameters\Keys\88532e430566 (not active ControlSet)
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\88532e430566
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\88532e430566@902155abd7e8 0xCE 0x1E 0x59 0xED ...
Reg HKLM\SYSTEM\ControlSet003\services\BTHPORT\Parameters\Keys\88532e430566 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\services\BTHPORT\Parameters\Keys\88532e430566@902155abd7e8 0xCE 0x1E 0x59 0xED ...
---- EOF - GMER 1.0.15 ----
Nun die osam.log OSAM Logfile: Code:
ATTFilter Report of OSAM: Autorun Manager v5.0.11926.0 hxxp://www.online-solutions.ru/en/ Saved at 14:55:10 on 06.09.2012 OS: Windows 7 Home Premium Edition Service Pack 1 (Build 7601), 64-bit Default Browser: Mozilla Corporation Firefox 15.0 Scanner Settings [x] Rootkits detection (hidden registry) [x] Rootkits detection (hidden files) [x] Retrieve files information [x] Check Microsoft signatures Filters [ ] Trusted entries [ ] Empty entries [x] Hidden registry entries (rootkit activity) [x] Exclusively opened files [x] Not found files [x] Files without detailed information [x] Existing files [ ] Non-startable services [ ] Non-startable drivers [x] Active entries [x] Disabled entries [Common] -----( %SystemRoot%\Tasks )----- "GoogleUpdateTaskMachineCore.job" - "Google Inc." - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe "GoogleUpdateTaskMachineUA.job" - "Google Inc." - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe "GoogleUpdateTaskUserS-1-5-21-922914623-1579024045-3891080990-1001Core.job" - "Google Inc." - C:\Users\martinh\AppData\Local\Google\Update\GoogleUpdate.exe "GoogleUpdateTaskUserS-1-5-21-922914623-1579024045-3891080990-1001UA.job" - "Google Inc." - C:\Users\martinh\AppData\Local\Google\Update\GoogleUpdate.exe "Adobe Flash Player Updater.job" - "Adobe Systems Incorporated" - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [Control Panel Objects] -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Control Panel\Cpls )----- "mlcfg32.cpl" - "Microsoft Corporation" - C:\PROGRA~2\MICROS~1\Office14\MLCFG32.CPL [Drivers] -----( HKLM\SYSTEM\CurrentControlSet\Services )----- "Acronis Storage Filter Management" (fltsrv) - "Acronis" - C:\Windows\System32\DRIVERS\fltsrv.sys "afcdp" (afcdp) - "Acronis" - C:\Windows\System32\DRIVERS\afcdp.sys "catchme" (catchme) - ? - C:\ComboFix\catchme.sys (File not found) "MBAMProtector" (MBAMProtector) - "Malwarebytes Corporation" - C:\Windows\system32\drivers\mbam.sys "McAfee Inc." (mfeavfk01) - ? - C:\Windows\system32\drivers\mfeavfk01.sys (File not found) "WimFltr" (WimFltr) - "Microsoft Corporation" - C:\Windows\System32\DRIVERS\wimfltr.sys [Explorer] -----( HKLM\Software\Classes\Folder\shellex\ColumnHandlers )----- {F9DB5320-233E-11D1-9F84-707F02C10627} "PDF Shell Extension" - "Adobe Systems, Inc." - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll -----( HKLM\Software\Classes\Protocols\Filter )----- {3EF5086B-5478-4598-A054-786C45D75692} "McInternetProtocolRoot Class" - "McAfee, Inc." - c:\progra~2\mcafee\msc\mcsniepl.dll {807573E5-5146-11D5-A672-00B0D022E945} "Microsoft Office InfoPath XML Mime Filter" - "Microsoft Corporation" - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL -----( HKLM\Software\Classes\Protocols\Handler )----- {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} "Album Download IE Asynchronous Pluggable Protocol Interface" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll {32505114-5902-49B2-880A-1F7738E5A384} "Data Page Plugable Protocal mso-offdap11 Handler" - "Microsoft Corporation" - C:\PROGRA~2\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL {314111c7-a502-11d2-bbca-00c04f8ec294} "HxProtocol Class" - "Microsoft Corporation" - C:\Program Files (x86)\Common Files\Microsoft Shared\Help\hxds.dll {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} "IEProtocolHandler Class" - "Skype Technologies" - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL {828030A1-22C1-4009-854F-8E305202313F} "livecall" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll {828030A1-22C1-4009-854F-8E305202313F} "msnim" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll {91774881-D725-4E58-B298-07617B9B86A8} "Skype IE add-on Pluggable Protocol" - "Skype Technologies S.A." - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll {03C514A3-1EFB-4856-9F99-10D7BE1653C0} "Windows Live Mail HTML Asynchronous Pluggable Protocol Handler" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )----- {D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802} "Acrobat Elements Context Menu" - "Adobe Systems Inc." - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat Elements\ContextMenu.dll {C539A15B-3AF9-4c92-B771-50CB78F5C751} "Acronis Secure Zone" - "Acronis" - C:\Program Files (x86)\Acronis\TrueImageHome\tishell.dll {C539A15A-3AF9-4c92-B771-50CB78F5C751} "Acronis True Image Shell Context Menu Extension" - "Acronis" - C:\Program Files (x86)\Acronis\TrueImageHome\tishell.dll {D66DC78C-4F61-447F-942B-3FB6980118CF} "CInfoTipShellExt Class" - "Microsoft Corporation" - C:\Program Files (x86)\Microsoft Office\Office14\VISSHE.DLL {506F4668-F13E-4AA1-BB04-B43203AB3CC0} "ImageExtractorShellExt Class" - "Microsoft Corporation" - C:\Program Files (x86)\Microsoft Office\Office14\VISSHE.DLL {42042206-2D85-11D3-8CFF-005004838597} "Microsoft Office HTML Icon Handler" - "Microsoft Corporation" - C:\Program Files (x86)\Microsoft Office\Office14\msohevi.dll {993BE281-6695-4BA5-8A2A-7AACBFAAB69E} "Microsoft Office Metadata Handler" - "Microsoft Corporation" - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\msoshext.dll {C41662BB-1FA0-4CE0-8DC5-9B7F8279FF97} "Microsoft Office Thumbnail Handler" - "Microsoft Corporation" - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\msoshext.dll {0875DCB6-C686-4243-9432-ADCCF0B9F2D7} "Microsoft OneNote Namespace Extension for Windows Desktop Search" - "Microsoft Corporation" - C:\Program Files (x86)\Microsoft Office\Office14\ONFILTER.DLL {00020D75-0000-0000-C000-000000000046} "Microsoft Outlook" - "Microsoft Corporation" - C:\PROGRA~2\MICROS~1\Office14\MLSHEXT.DLL {0006F045-0000-0000-C000-000000000046} "Outlook File Icon Extension" - "Microsoft Corporation" - C:\Program Files (x86)\Microsoft Office\Office14\OLKFSTUB.DLL {2BE99FD4-A181-4996-BFA9-58C5FFD11F6C} "Windows Live Photo Gallery Autoplay Drop Target" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe {00F30F64-AC33-42F5-8FD1-5DC2D3FDE06C} "Windows Live Photo Gallery Editor Drop Target" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe {00F3712A-CA79-45B4-9E4D-D7891E7F8B9D} "Windows Live Photo Gallery Editor Shim" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\PhotoViewerShim.dll {00F30F90-3E96-453B-AFCD-D71989ECC2C7} "Windows Live Photo Gallery Viewer Autoplay Shim" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\PhotoViewerShim.dll {00F33137-EE26-412F-8D71-F84E4C2C6625} "Windows Live Photo Gallery Viewer Autoplay Shim" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\PhotoViewerShim.dll {00F374B7-B390-4884-B372-2FC349F2172B} "Windows Live Photo Gallery Viewer Drop Target" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe {00F346CB-35A4-465B-8B8F-65A29DBAB1F6} "Windows Live Photo Gallery Viewer Shim" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\PhotoViewerShim.dll {0563DB41-F538-4B37-A92D-4659049B7766} "WLMD Message Handler" - ? - (File not found | COM-object registry key not found) {06A2568A-CED6-4187-BB20-400B8C02BE5A} "{06A2568A-CED6-4187-BB20-400B8C02BE5A}" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoAcquireWizard.exe [Internet Explorer] -----( HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser )----- ITBar7Height "ITBar7Height" - ? - (File not found | COM-object registry key not found) ITBar7Height64 "ITBar7Height64" - ? - (File not found | COM-object registry key not found) <binary data> "ITBar7Layout64" - ? - (File not found | COM-object registry key not found) -----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions )----- {5F7B1267-94A9-47F5-98DB-E99415F33AEC} "@C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll {48E73304-E1D6-4330-914C-F5F514E3486C} "An OneNote senden" - "Microsoft Corporation" - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll {898EA8C8-E7FF-479B-8935-AEC46303B9E5} "Skype add-on for Internet Explorer" - "Skype Technologies S.A." - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll {FFFDC614-B694-4AE6-AB38-5D6374584B52} "Verknüpfte &OneNote-Notizen" - "Microsoft Corporation" - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll -----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar )----- <binary data> "@C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll,-100" - "Microsoft Corporation" - C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll <binary data> "Adobe PDF" - "Adobe Systems Incorporated" - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects )----- {AE7CD045-E861-484f-8273-0445EE161910} "Adobe PDF Conversion Toolbar Helper" - "Adobe Systems Incorporated" - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll {18DF081C-E8AD-4283-A596-FA578C2EBDC3} "Adobe PDF Link Helper" - "Adobe Systems Incorporated" - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll {d2ce3e00-f94a-4740-988e-03dc2f38c34f} "Bing Bar BHO" - "Microsoft Corporation" - C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll {DBC80044-A445-435b-BC74-9C25C1C588A9} "Java(tm) Plug-In 2 SSV Helper" - "Sun Microsystems, Inc." - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll {27B4851A-3207-45A2-B947-BE8AFE6163AB} "McAfee Phishing Filter" - ? - c:\progra~1\mcafee\msk\mskapbho.dll {B4F3A835-0E21-4959-BA22-42B3008E02FF} "Office Document Cache Handler" - "Microsoft Corporation" - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL {7DB2D5A0-7241-4E79-B68D-6309F01C5231} "scriptproxy" - "McAfee, Inc." - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20120627151525.dll {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} "Search Helper" - "Microsoft Corporation" - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} "Skype add-on for Internet Explorer" - "Skype Technologies S.A." - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll {F4971EE7-DAA0-4053-9964-665D8EE6A077} "SmartSelect Class" - "Adobe Systems Incorporated" - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll {9030D464-4C02-4ABF-8ECC-5164760863C6} "Windows Live ID-Anmelde-Hilfsprogramm" - "Microsoft Corp." - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [LSA Providers] -----( HKLM\SYSTEM\CurrentControlSet\Control\Lsa )----- "Security Packages" - "Microsoft Corp." - C:\Windows\system32\livessp.dll [Logon] -----( %APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup )----- "desktop.ini" - ? - C:\Users\martinh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini "HyperSnap 7.lnk" - "Hyperionics Technology LLC" - C:\Program Files (x86)\HyperSnap 7\HprSnap7.exe (Shortcut exists | File exists) "Überwachungstool für die Intel® Turbo-Boost-Technik 2.0.lnk" - ? - C:\Users\martinh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Überwachungstool für die Intel® Turbo-Boost-Technik 2.0.lnk (Shortcut exists | File not found) -----( %AllUsersProfile%\Microsoft\Windows\Start Menu\Programs\Startup )----- "desktop.ini" - ? - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini "o2 Verbindungsmanager.lnk" - ? - C:\Program Files (x86)\o2 Surfstick Speed\GlobeTrotter Connect\o2 Verbindungsmanager.exe (Shortcut exists | File not found) -----( HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server\Wds\rdpwd )----- "StartupPrograms" - ? - rdpclip (File not found) -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Run )----- "AccuWeatherWidget" - ? - "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\start.umj" --startup "Acrobat Assistant 8.0" - "Adobe Systems Inc." - "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe" "Adobe Acrobat Speed Launcher" - "Adobe Systems Incorporated" - "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe" "Adobe ARM" - "Adobe Systems Incorporated" - "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "Adobe Reader Speed Launcher" - "Adobe Systems Incorporated" - "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" "AdobeCS5.5ServiceManager" - "Adobe Systems Incorporated" - "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin "APSDaemon" - "Apple Inc." - "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" "Dell DataSafe Online" - "Dell, Inc." - C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe "Dell Webcam Central" - "Creative Technology Ltd" - "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2 "Desktop Disc Tool" - ? - "C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe" "EEventManager" - "SEIKO EPSON CORPORATION" - "C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe" "FUFAXRCV" - "SEIKO EPSON CORPORATION" - "C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe" "FUFAXSTM" - "SEIKO EPSON CORPORATION" - "C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe" "Malwarebytes' Anti-Malware" - "Malwarebytes Corporation" - "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray "mcui_exe" - "McAfee, Inc." - "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey "Microsoft Default Manager" - "Microsoft Corporation" - "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume "NeroLauncher" - ? - C:\Program Files (x86)\Nero\SyncUP\NeroLauncher.exe 900 (File found, but it contains no detailed information) "RoxWatchTray" - "Sonic Solutions" - "C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe" "SwitchBoard" - "Adobe Systems Incorporated" - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe "TrueImageMonitor.exe" - "Acronis" - "C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe" "UIExec" - ? - "C:\Program Files (x86)\Join Air\UIExec.exe" (File found, but it contains no detailed information) [Print Monitors] -----( HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors )----- "Adobe PDF Port Monitor" - "Adobe Systems Inc" - C:\Windows\system32\AdobePDF.dll "EpsonNet Print Port" - "SEIKO EPSON CORPORATION" - C:\Windows\system32\enppmon.dll [Services] -----( HKLM\SYSTEM\CurrentControlSet\Services )----- "@%ProgramFiles%\Windows Defender\MsMpRes.dll,-103" (WinDefend) - ? - C:\Program Files (x86)\Windows Defender\mpsvc.dll (File not found) "@%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101" (WMPNetworkSvc) - ? - "C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe" (File not found) "@C:\Program Files (x86)\Nero\Update\NASvc.exe,-200" (NAUpdate) - "Nero AG" - C:\Program Files (x86)\Nero\Update\NASvc.exe "ABBYY FineReader 9.0 Sprint Licensing Service" (ABBYY.Licensing.FineReader.Sprint.9.0) - "ABBYY" - C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe "Acronis Nonstop Backup-Dienst" (afcdpsrv) - "Acronis" - C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe "Acronis Scheduler2 Service" (AcrSch2Svc) - "Acronis" - C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe "Acronis Sync Agent Service" (syncagentsrv) - "Acronis" - C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe "Adobe Flash Player Update Service" (AdobeFlashPlayerUpdateSvc) - "Adobe Systems Incorporated" - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe "ASP.NET State Service" (aspnet_state) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe "Bluetooth Device Monitor" (Bluetooth Device Monitor) - "Intel Corporation" - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe "Bluetooth Media Service" (Bluetooth Media Service) - "Intel Corporation" - C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe "Bluetooth OBEX Service" (Bluetooth OBEX Service) - "Intel Corporation" - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe "Dell DataSafe Online" (NOBU) - "Dell, Inc." - C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe "Dienst "Bonjour"" (Bonjour Service) - "Apple Inc." - C:\Program Files\Bonjour\mDNSResponder.exe "EpsonBidirectionalService" (EpsonBidirectionalService) - "SEIKO EPSON CORPORATION" - C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe "Google Update-Dienst (gupdate)" (gupdate) - "Google Inc." - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe "Google Update-Dienst (gupdatem)" (gupdatem) - "Google Inc." - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe "GtDetectSc" (GtDetectSc) - "OptionNV" - C:\Program Files\o2 Surfstick Speed\GlobeTrotter Connect\GtDetectSc.exe "Intel(R) Centrino(R) Wireless Bluetooth(R) 3.0 + High Speed Security Service" (BTHSSecurityMgr) - "Intel(R) Corporation" - C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe "Intel(R) Management and Security Application Local Management Service" (LMS) - "Intel Corporation" - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe "Intel(R) Management and Security Application User Notification Service" (UNS) - "Intel Corporation" - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe "Intel(R) PROSet/Wireless Event Log" (EvtEng) - "Intel(R) Corporation" - C:\Program Files\Intel\WiFi\bin\EvtEng.exe "Intel(R) PROSet/Wireless Registry Service" (RegSrvc) - "Intel(R) Corporation" - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe "Intel(R) Turbo Boost Technology Monitor 2.0" (TurboBoost) - "Intel(R) Corporation" - C:\Program Files\Intel\TurboBoost\TurboBoost.exe "Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Service" (AMPPALR3) - "Intel Corporation" - C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe "Internet Pass-Through Service" (PassThru Service) - ? - C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe "MBAMService" (MBAMService) - "Malwarebytes Corporation" - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe "McAfee Activation Service" (McAWFwk) - "McAfee, Inc." - c:\PROGRA~1\mcafee\msc\mcawfwk.exe "McAfee Anti-Spam Service" (MSK80Service) - "McAfee, Inc." - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe "McAfee Firewall Core Service" (mfefire) - "McAfee, Inc." - C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe "McAfee McShield" (McShield) - "McAfee, Inc." - C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe "McAfee Network Agent" (McNASvc) - "McAfee, Inc." - C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe "McAfee Personal Firewall Service" (McMPFSvc) - "McAfee, Inc." - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe "McAfee Proxy Service" (McProxy) - "McAfee, Inc." - C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe "McAfee Scanner" (McODS) - "McAfee, Inc." - C:\Program Files\mcafee\VirusScan\mcods.exe "McAfee Services" (mcmscsvc) - "McAfee, Inc." - C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe "McAfee Validation Trust Protection Service" (mfevtp) - "McAfee, Inc." - C:\Windows\system32\mfevtps.exe "McAfee VirusScan Announcer" (McNaiAnn) - "McAfee, Inc." - C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe "Microsoft .NET Framework NGEN v4.0.30319_X64" (clr_optimization_v4.0.30319_64) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe "Microsoft .NET Framework NGEN v4.0.30319_X86" (clr_optimization_v4.0.30319_32) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe "Mozilla Maintenance Service" (MozillaMaintenance) - "Mozilla Foundation" - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe "NVIDIA Driver Helper Service" (NVSvc) - "NVIDIA Corporation" - C:\Windows\system32\nvvsvc.exe "NVIDIA Stereoscopic 3D Driver Service" (Stereo Service) - "NVIDIA Corporation" - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe "NVIDIA Update Service Daemon" (nvUpdatusService) - "NVIDIA Corporation" - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe "Office Source Engine" (ose) - "Microsoft Corporation" - C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE "Office Software Protection Platform" (osppsvc) - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE "Roxio Hard Drive Watcher 12" (RoxWatch12) - "Sonic Solutions" - C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe "RoxMediaDB12OEM" (RoxMediaDB12OEM) - "Sonic Solutions" - C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe "SeaPort" (SeaPort) - "Microsoft Corporation" - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe "SoftThinks Agent Service" (SftService) - "SoftThinks SAS" - C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE "SQL Server (MSSQLSERVER)" (MSSQLSERVER) - "Microsoft Corporation" - C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe "SQL Server (SQLEXPRESS)" (MSSQL$SQLEXPRESS) - "Microsoft Corporation" - C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe "SQL Server Analysis Services (MSSQLSERVER)" (MSSQLServerOLAPService) - "Microsoft Corporation" - C:\Program Files (x86)\Microsoft SQL Server\MSSQL.2\OLAP\bin\msmdsrv.exe "SQL Server Integration Services" (MsDtsServer) - "Microsoft Corporation" - C:\Program Files (x86)\Microsoft SQL Server\90\DTS\Binn\MsDtsSrvr.exe "SQL Server VSS Writer" (SQLWriter) - "Microsoft Corporation" - C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe "SQL Server-Agent (MSSQLSERVER)" (SQLSERVERAGENT) - "Microsoft Corporation" - C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\SQLAGENT90.EXE "SQL Server-Volltextsuche (MSSQLSERVER)" (msftesql) - "Microsoft Corporation" - C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\msftesql.exe "stllssvr" (stllssvr) - "MicroVision Development, Inc." - C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe "SwitchBoard" (SwitchBoard) - "Adobe Systems Incorporated" - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe "UI Assistant Service" (UI Assistant Service) - ? - C:\Program Files (x86)\Join Air\AssistantServices.exe (File found, but it contains no detailed information) "Windows Live ID Sign-in Assistant" (wlidsvc) - "Microsoft Corp." - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE "Wireless PAN DHCP Server" (MyWiFiDHCPDNS) - ? - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [Winsock Providers] -----( HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries )----- "mdnsNSP" - "Apple Inc." - C:\Program Files (x86)\Bonjour\mdnsNSP.dll "WindowsLive Local NSP" - "Microsoft Corp." - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL "WindowsLive NSP" - "Microsoft Corp." - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL ===[ Logfile end ]=========================================[ Logfile end ]=== If You have questions or want to get some help, You can visit hxxp://forum.online-solutions.ru [/CODE] und jetzt die aswMBR.txt (gescanned mit AV scan = none, da Abbruch) Code:
ATTFilter aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-09-06 15:07:28
-----------------------------
15:07:28.684 OS Version: Windows x64 6.1.7601 Service Pack 1
15:07:28.684 Number of processors: 8 586 0x2A07
15:07:28.684 ComputerName: MARTINH-NB UserName: martinh
15:07:29.807 Initialize success
15:07:35.298 AVAST engine defs: 12090600
15:07:44.019 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
15:07:44.035 Disk 0 Vendor: WDC_WD75 01.0 Size: 715404MB BusType: 3
15:07:44.050 Disk 0 MBR read successfully
15:07:44.050 Disk 0 MBR scan
15:07:44.050 Disk 0 Windows VISTA default MBR code
15:07:44.050 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 101 MB offset 63
15:07:44.066 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 20000 MB offset 212992
15:07:44.066 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 358142 MB offset 41172992
15:07:44.066 Disk 0 Partition - 00 0F Extended LBA 337156 MB offset 774649856
15:07:44.097 Disk 0 Partition 4 00 07 HPFS/NTFS NTFS 300000 MB offset 774651904
15:07:44.113 Disk 0 scanning C:\Windows\system32\drivers
15:07:54.346 Service scanning
15:08:19.213 Modules scanning
15:08:19.228 Disk 0 trace - called modules:
15:08:19.259 ntoskrnl.exe fltsrv.sys tdrpman.sys CLASSPNP.SYS disk.sys vsflt61.sys stdcfltn.sys ACPI.sys iaStor.sys hal.dll
15:08:19.275 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8009711060]
15:08:19.275 3 CLASSPNP.SYS[fffff88001c7443f] -> nt!IofCallDriver -> [0xfffffa8009558a60]
15:08:19.291 5 vsflt61.sys[fffff88000f930fd] -> nt!IofCallDriver -> [0xfffffa8009557af0]
15:08:19.291 7 stdcfltn.sys[fffff88001df4c52] -> nt!IofCallDriver -> [0xfffffa8007b43630]
15:08:19.291 9 ACPI.sys[fffff88000ee27a1] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8007b4a050]
15:08:19.306 Scan finished successfully
15:09:26.776 Disk 0 MBR has been saved successfully to "C:\Users\martinh\Desktop\MBR.dat"
15:09:26.776 The log file has been saved successfully to "C:\Users\martinh\Desktop\aswMBR.txt"
|
|
06.09.2012, 15:38
| #24 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | PopUp rechts unten, Weiterleitung von Links Sieht ok aus. Wir sollten fast durch sein. Mach bitte zur Kontrolle Vollscans mit Malwarebytes und SUPERAntiSpyware und poste die Logs. Denk dran beide Tools zu updaten vor dem Scan!!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
07.09.2012, 14:14
| #25 |
| | PopUp rechts unten, Weiterleitung von Links Malwarebytes: Code:
ATTFilter Malwarebytes Anti-Malware 1.62.0.1300 www.malwarebytes.org Datenbank Version: v2012.09.07.04 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 martinh :: MARTINH-NB [Administrator] Schutz: Aktiviert 07.09.2012 07:28:52 mbam-log-2012-09-07 (07-28-52).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|E:\|) Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 761066 Laufzeit: 3 Stunde(n), 2 Minute(n), 49 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) Code:
ATTFilter SUPERAntiSpyware Scan Log
hxxp://www.superantispyware.com
Generated 09/07/2012 at 01:40 PM
Application Version : 5.5.1012
Core Rules Database Version : 9188
Trace Rules Database Version: 7000
Scan type : Complete Scan
Total Scan Time : 02:22:13
Operating System Information
Windows 7 Home Premium 64-bit, Service Pack 1 (Build 6.01.7601)
UAC On - Administrator
Memory items scanned : 844
Memory threats detected : 0
Registry items scanned : 74248
Registry threats detected : 0
File items scanned : 413210
File threats detected : 362
Adware.Tracking Cookie
C:\Users\martinh\AppData\Roaming\Microsoft\Windows\Cookies\G5C5AZVM.txt [ /audiag.112.2o7.net ]
C:\Users\martinh\AppData\Roaming\Microsoft\Windows\Cookies\LIT8EHNM.txt [ /2o7.net ]
C:\Users\martinh\AppData\Roaming\Microsoft\Windows\Cookies\HR3DOORJ.txt [ /atdmt.com ]
C:\Users\martinh\AppData\Roaming\Microsoft\Windows\Cookies\1E10ULJ7.txt [ /imrworldwide.com ]
C:\Users\martinh\AppData\Roaming\Microsoft\Windows\Cookies\QVQPMPRP.txt [ /statse.webtrendslive.com ]
C:\Users\martinh\AppData\Roaming\Microsoft\Windows\Cookies\AKFLIZ1E.txt [ /perf.overture.com ]
C:\Users\martinh\AppData\Roaming\Microsoft\Windows\Cookies\4PUTEOA9.txt [ /doubleclick.net ]
C:\Users\martinh\AppData\Roaming\Microsoft\Windows\Cookies\DTWOHUYI.txt [ /ad.yieldmanager.com ]
C:\Users\martinh\AppData\Roaming\Microsoft\Windows\Cookies\BZI3U2JH.txt [ /c.atdmt.com ]
C:\USERS\MARTINH\AppData\Roaming\Microsoft\Windows\Cookies\Low\9FJX588A.txt [ Cookie:martinh@yieldmanager.net/ ]
C:\USERS\MARTINH\AppData\Roaming\Microsoft\Windows\Cookies\Low\MLPM9VLD.txt [ Cookie:martinh@mediaplex.com/ ]
C:\USERS\MARTINH\AppData\Roaming\Microsoft\Windows\Cookies\Low\97PQ695G.txt [ Cookie:martinh@2o7.net/ ]
C:\USERS\MARTINH\AppData\Roaming\Microsoft\Windows\Cookies\Low\YXIF0370.txt [ Cookie:martinh@atdmt.com/ ]
C:\USERS\MARTINH\AppData\Roaming\Microsoft\Windows\Cookies\Low\martinh@imrworldwide[2].txt [ Cookie:martinh@imrworldwide.com/cgi-bin ]
C:\USERS\MARTINH\AppData\Roaming\Microsoft\Windows\Cookies\Low\martinh@questionmarket[1].txt [ Cookie:martinh@questionmarket.com/ ]
C:\USERS\MARTINH\AppData\Roaming\Microsoft\Windows\Cookies\Low\N7CG0N8Y.txt [ Cookie:martinh@apmebf.com/ ]
C:\USERS\MARTINH\AppData\Roaming\Microsoft\Windows\Cookies\Low\RF2LLT5E.txt [ Cookie:martinh@adfarm1.adition.com/ ]
C:\USERS\MARTINH\AppData\Roaming\Microsoft\Windows\Cookies\Low\QWWYWOOD.txt [ Cookie:martinh@invitemedia.com/ ]
C:\USERS\MARTINH\AppData\Roaming\Microsoft\Windows\Cookies\Low\L1APL3K3.txt [ Cookie:martinh@www.googleadservices.com/pagead/conversion/1052825818/ ]
C:\USERS\MARTINH\AppData\Roaming\Microsoft\Windows\Cookies\Low\4THCJX91.txt [ Cookie:martinh@media6degrees.com/ ]
C:\USERS\MARTINH\AppData\Roaming\Microsoft\Windows\Cookies\Low\FK3POQLX.txt [ Cookie:martinh@ad2.adfarm1.adition.com/ ]
C:\USERS\MARTINH\AppData\Roaming\Microsoft\Windows\Cookies\Low\WMRRHY5M.txt [ Cookie:martinh@xiti.com/ ]
C:\USERS\MARTINH\AppData\Roaming\Microsoft\Windows\Cookies\Low\6K07NUBI.txt [ Cookie:martinh@c.atdmt.com/ ]
C:\USERS\MARTINH\Cookies\G5C5AZVM.txt [ Cookie:martinh@audiag.112.2o7.net/ ]
C:\USERS\MARTINH\Cookies\LIT8EHNM.txt [ Cookie:martinh@2o7.net/ ]
C:\USERS\MARTINH\Cookies\HR3DOORJ.txt [ Cookie:martinh@atdmt.com/ ]
C:\USERS\MARTINH\Cookies\1E10ULJ7.txt [ Cookie:martinh@imrworldwide.com/cgi-bin ]
C:\USERS\MARTINH\Cookies\BZI3U2JH.txt [ Cookie:martinh@c.atdmt.com/ ]
ad.yieldmanager.com [ C:\USERS\MARTINH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\MARTINH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\MARTINH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.doubleclick.net [ C:\USERS\MARTINH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
www.etracker.de [ C:\USERS\MARTINH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tribalfusion.com [ C:\USERS\MARTINH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\MARTINH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.webmasterplan.com [ C:\USERS\MARTINH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.webmasterplan.com [ C:\USERS\MARTINH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.specificclick.net [ C:\USERS\MARTINH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.webmasterplan.com [ C:\USERS\MARTINH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.webmasterplan.com [ C:\USERS\MARTINH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tracking.quisma.com [ C:\USERS\MARTINH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\MARTINH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\USERS\MARTINH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tracking.quisma.com [ C:\USERS\MARTINH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ru4.com [ C:\USERS\MARTINH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\MARTINH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\MARTINH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\MARTINH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\MARTINH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\MARTINH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\MARTINH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\MARTINH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
de.sitestat.com [ C:\USERS\MARTINH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
de.sitestat.com [ C:\USERS\MARTINH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\MARTINH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad3.adfarm1.adition.com [ C:\USERS\MARTINH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.apmebf.com [ C:\USERS\MARTINH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mediaplex.com [ C:\USERS\MARTINH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mediaplex.com [ C:\USERS\MARTINH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
server.adform.net [ C:\USERS\MARTINH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
server.adform.net [ C:\USERS\MARTINH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adform.net [ C:\USERS\MARTINH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adviva.net [ C:\USERS\MARTINH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\MARTINH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.atdmt.com [ C:\USERS\MARTINH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.atdmt.com [ C:\USERS\MARTINH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.xiti.com [ C:\USERS\MARTINH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.im.banner.t-online.de [ C:\USERS\MARTINH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\USERS\MARTINH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\MARTINH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\MARTINH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.olympiaverlag.122.2o7.net [ C:\USERS\MARTINH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\USERS\MARTINH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\USERS\MARTINH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\USERS\MARTINH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.zanox.com [ C:\USERS\MARTINH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zanox.com [ C:\USERS\MARTINH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zanox-affiliate.de [ C:\USERS\MARTINH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adfarm1.adition.com [ C:\USERS\MARTINH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adfarm1.adition.com [ C:\USERS\MARTINH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad2.adfarm1.adition.com [ C:\USERS\MARTINH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adfarm1.adition.com [ C:\USERS\MARTINH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adfarm1.adition.com [ C:\USERS\MARTINH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adfarm1.adition.com [ C:\USERS\MARTINH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad4.adfarm1.adition.com [ C:\USERS\MARTINH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adfarm1.adition.com [ C:\USERS\MARTINH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tracking.mindshare.de [ C:\USERS\MARTINH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\MARTINH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\MARTINH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\MARTINH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.im.banner.t-online.de [ C:\USERS\MARTINH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\MARTINH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\MARTINH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\MARTINH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\MARTINH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\MARTINH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
C:\USERS\MARTINH\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MARTINH@ADS.UNDERTONE[1].TXT [ /ADS.UNDERTONE ]
.xiti.com [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
.atdmt.com [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
eas.apm.emediate.eu [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
.tracking.quisma.com [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
tracking.quisma.com [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
tracking.tchibo.de [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
.amazon-adsystem.com [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
.amazon-adsystem.com [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
.qnsr.com [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
o1.qnsr.com [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
www.qsstats.com [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
www.qsstats.com [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
.stepstone.112.2o7.net [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
tracking.quisma.com [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
banner.testberichte.de [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
.apmebf.com [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
.mediaplex.com [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
.specificclick.net [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
tracking.quisma.com [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
.bs.serving-sys.com [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
media.stage-entertainment.de [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
.im.banner.t-online.de [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
.olympiaverlag.122.2o7.net [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
.liveperson.net [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
.dealtime.com [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
stat.dealtime.com [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
.imrworldwide.com [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
.imrworldwide.com [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
track.effiliation.com [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
.accounts.google.com [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
.paypal.112.2o7.net [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
.legolas-media.com [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
.hightraffic.hugoboss.com [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
.questionmarket.com [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
.tracking.3gnet.de [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
.adbrite.com [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
.a.revenuemax.de [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
.overture.com [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
adserver.kleinwalsertal.com [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
.adxvalue.com [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
adserver.doccheck.com [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
.kontera.com [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
.adxvalue.com [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
.adxvalue.com [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
.estat.com [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
.legolas-media.com [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
.liveperson.net [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
.getclicky.com [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
.static.getclicky.com [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
in.getclicky.com [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
.advertising.com [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
.advertising.com [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
.advertising.com [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
.advertising.com [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
www7.addfreestats.com [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
.adserver.adtechus.com [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
wstat.wibiya.com [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
.microsoftsto.112.2o7.net [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
.statcounter.com [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
tracking.quisma.com [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
.clicksor.com [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
.ru4.com [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
webcount.feratel.at [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
.apmebf.com [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
.interclick.com [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
.interclick.com [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
.zedo.com [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
.zedo.com [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
.findicons.com [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
.doubleclick.net [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
.ad.adnet.de [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
.vodafonegroup.122.2o7.net [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
rotator.adjuggler.com [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
rotator.adjuggler.com [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
.zedo.com [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
.sonyeurope.112.2o7.net [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
.liveperson.net [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
.daimlerag.122.2o7.net [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
.doubleclick.net [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
.wlw.122.2o7.net [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
.deutschepostag.112.2o7.net [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
.foxfilmedentertainment.122.2o7.net [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
.quartermedia.de [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
.web-stat.com [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
.web-stat.com [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
.web-stat.com [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
.atdmt.com [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
.atdmt.com [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
.c1.atdmt.com [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
.atdmt.com [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
.c.atdmt.com [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
.c.atdmt.com [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
.interclick.com [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
tracking.klicktel.de [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
eas.apm.emediate.eu [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
.adxvalue.com [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
.adxvalue.com [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
.adxvalue.com [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
.adxvalue.com [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
.at.atwola.com [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
.tacoda.at.atwola.com [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
.tacoda.at.atwola.com [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
.at.atwola.com [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
.advertising.com [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
.pro-market.net [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
auslieferung.commindo-media-ressourcen.de [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
auslieferung.commindo-media-ressourcen.de [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
auslieferung.commindo-media-ressourcen.de [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
.ad.adnet.de [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
www3.addfreestats.com [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
adfarm1.adition.com [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
.traffictrack.de [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
s08.flagcounter.com [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
.adviva.net [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
.questionmarket.com [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
.zedo.com [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
findicons.com [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
eas8.emediate.eu [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
.histats.com [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
.histats.com [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
adx2.chip.de [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
.yieldmanager.net [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
adx.chip.de [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
.mediaplex.com [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
.overture.com [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
.overture.com [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
.lucidmedia.com [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
.guj.122.2o7.net [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
.mediaplex.com [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
eas.apm.emediate.eu [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
eas.apm.emediate.eu [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
ad3.adfarm1.adition.com [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
ad2.adfarm1.adition.com [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
.fastclick.net [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
ad4.adfarm1.adition.com [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
ad1.adfarm1.adition.com [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
banner.slashcam.de [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
banner.slashcam.de [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
.apmebf.com [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
.commission-junction.com [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
.commission-junction.com [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
.commission-junction.com [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
.commission-junction.com [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
stat.onestat.com [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
stat.onestat.com [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
.gostats.com [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
.navtracks.com [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
.premiumtv.122.2o7.net [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
.accounts.google.com [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
.accounts.google.com [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
accounts.youtube.com [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
accounts.google.com [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
tracking.porsche.com [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
.opodo.122.2o7.net [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
.liveperson.net [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
.htc.122.2o7.net [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
.msnportal.112.2o7.net [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
.oracle.112.2o7.net [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
.conrad.122.2o7.net [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
.liveperson.net [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
.carlson.112.2o7.net [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
.liveperson.net [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
www.madxperts.com [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
www.madxperts.com [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
.madxperts.com [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
www.madxperts.com [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
www.madxperts.com [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
.audiag.112.2o7.net [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
tracking.mobile.de [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
.tracking.3gnet.de [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
bridge2.admarketplace.net [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
.admarketplace.net [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
servestats.com [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
ad.zanox.com [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
.navtracks.com [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
.navtracks.com [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
.navtracks.com [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
.liveperson.net [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
clicks.coolsearchnow.com [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
.stats.paypal.com [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
.mediaplex.com [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
partners.webmasterplan.com [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
us.2.cqcounter.com [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
track.zalando.de [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
.efeducation.112.2o7.net [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
.liveperson.net [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
server.lon.liveperson.net [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
statse.webtrendslive.com [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
.tracker.vinsight.de [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
.stats4free.de [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
.stats4free.de [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
.stats4free.de [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
.bwincom.122.2o7.net [ C:\USERS\MARTINH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YKZYPF94.DEFAULT\COOKIES.SQLITE ]
|
|
10.09.2012, 11:57
| #26 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | PopUp rechts unten, Weiterleitung von Links Sieht ok aus, da wurden nur Cookies gefunden. Cookies sind keine Schädlinge direkt, aber es besteht die Gefahr der missbräuchlichen Verwendung (eindeutige Wiedererkennung zB für gezielte Werbung o.ä. => HTTP-Cookie ) Wegen Cookies und anderer Dinge im Web: Um die Pest von vornherein zu blocken (also TrackingCookies, Werbebanner etc.) müsstest du dir mal sowas wie MVPS Hosts File anschauen => Blocking Unwanted Parasites with a Hosts File - sinnvollerweise solltest du alle 4 Wochen mal bei MVPS nachsehen, ob er eine neue Hosts Datei herausgebracht hat. Ansonsten gibt es noch gute Cookiemanager, Erweiterungen für den Firefox zB wäre da CookieCuller http://filepony.de/download-cookie_culler/ Wenn du aber damit leben kannst, dich bei jeder Browsersession überall neu einzuloggen (zB Facebook, Ebay, GMX, oder auch Trojaner-Board) dann stell den Browser einfach so ein, dass einfach alles beim Beenden des Browser inkl. Cookies gelöscht wird. Ich halte es so, dass ich zum "wilden Surfen" den Opera-Browser oder Chromium unter meinem Linux verwende. Mein Hauptbrowser (Firefox) speichert nur die Cookies von den Sites die ich auch will, alles andere lehne ich manuell ab (der FF fragt mich immer) - die anderen Browser nehmen alles an Cookies zwar an, aber spätestens beim nächsten Start von Opera oder Chromium sind keine Cookies mehr da. Ist dein System nun wieder in Ordnung oder gibt's noch andere Funde oder Probleme?
__________________ Logfiles bitte immer in CODE-Tags posten |
|
10.09.2012, 12:36
| #27 |
| | PopUp rechts unten, Weiterleitung von Links Mein System läuft nun stabil und ohne diese nervigen PopUps und Weiterleitungen. Allerbesten Dank für deine Hilfe. Ohne diese Hilfe wäre wohl "plattmachen" angesagt gewesen. Das mit den MVPS Hosts File interessiert mich. Das schaue ich mir mal genauer an. Ansonsten gewöhne ich mir vielleicht auch deine Vorgehensweise an (Opera zum wilden Surfen, FF für das bewusste...). Auf jeden Fall nochmals recht herzlichen Dank. Werde mich gleich zur Kaffeekasse begeben. |
|
10.09.2012, 16:29
| #28 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | PopUp rechts unten, Weiterleitung von Links Dann wären wir durch!  Die Programme, die hier zum Einsatz kamen, können alle wieder runter. Mit Hilfe von OTL kannst du auch viele Tools entfernen: Starte bitte OTL und klicke auf Bereinigung. Dies wird die meisten Tools entfernen, die wir zur Bereinigung benötigt haben. Sollte etwas bestehen bleiben, bitte mit Rechtsklick --> Löschen entfernen. Malwarebytes zu behalten ist zu empfehlen. Kannst ja 1x im Monat damit einen Vollscan machen, aber immer vorher ans Update denken. Bitte abschließend die Updates prüfen, unten mein Leitfaden dazu. Um in Zukunft die Aktualität der installierten Programme besser im Überblick zu halten, kannst du zB Secunia PSI verwenden. Für noch mehr Sicherheit solltest Du nach der beseitigten Infektion auch möglichst alle Passwörter ändern. Microsoftupdate Windows XP: Besuch mit dem IE die MS-Updateseite und lass Dir alle wichtigen Updates installieren. Windows Vista/7: Anleitung Windows-Update PDF-Reader aktualisieren Ein veralteter AdobeReader stellt ein großes Sicherheitsrisiko dar. Du solltest daher besser alte Versionen vom AdobeReader über Systemsteuerung => Software bzw. Programme und Funktionen deinstallieren, indem Du dort auf "Adobe Reader x.0" klickst und das Programm entfernst. (falls du AdobeReader installiert hast) Ich empfehle einen alternativen PDF-Reader wie PDF Xchange Viewer, SumatraPDF oder Foxit PDF Reader, die sind sehr viel schlanker und flotter als der AdobeReader. Bitte überprüf bei der Gelegenheit auch die Aktualität des Flashplayers: Prüfen => Adobe - Flash Player Downloadlinks => Adobe Flash Player Distribution | Adobe Natürlich auch darauf achten, dass andere installierte Browser wie zB Firefox, Opera oder Chrome aktuell sind. Java-Update Veraltete Java-Installationen sind ein Sicherheitsrisiko, daher solltest Du die alten Versionen löschen (falls vorhanden, am besten mit JavaRa) und auf die neuste aktualisieren. Beende dazu alle Programme (v.a. die Browser), klick danach auf Start, Systemsteuerung, Software und deinstalliere darüber alle aufgelisteten Java-Versionen. Lad Dir danach von hier das aktuelle Java SE Runtime Environment (JRE) herunter und installiere es.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
| Themen zu PopUp rechts unten, Weiterleitung von Links |
| adobe, autorun, bho, bonjour, browser, converter, defender, document, explorer, firefox, flash player, format, google earth, helper, log-datei, logfile, mozilla, mp3, nvpciflt.sys, phishing, plug-in, popup, popup weiterleitung, problem, realtek, registry, scan, software, sweetim, updates, usb, windows, wscript.exe |
Linear-Darstellung
