| |
| |||||||
Log-Analyse und Auswertung: Antivir blockt mor.exeWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
09.09.2012, 20:34
| #16 |
| /// Winkelfunktion /// TB-Süch-Tiger™   |  Antivir blockt mor.exe Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten Anleitung und Downloadlink hier => http://www.trojaner-board.de/82358-t...entfernen.html Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm! Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet, Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten. Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition ( meistens Laufwerk C: ) nach, da speichert der TDSS-Killer seine Logs. Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten! 
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
09.09.2012, 22:43
| #17 |
 | Antivir blockt mor.exe hier das Kaspersky Log:
__________________Code:
ATTFilter 23:38:25.0558 3268 TDSS rootkit removing tool 2.8.8.0 Aug 24 2012 13:27:48
23:38:25.0946 3268 ============================================================
23:38:25.0946 3268 Current date / time: 2012/09/09 23:38:25.0946
23:38:25.0946 3268 SystemInfo:
23:38:25.0946 3268
23:38:25.0947 3268 OS Version: 6.1.7601 ServicePack: 1.0
23:38:25.0947 3268 Product type: Workstation
23:38:25.0948 3268 ComputerName: CHARMIANATHOME
23:38:25.0948 3268 UserName: ***
23:38:25.0948 3268 Windows directory: C:\Windows
23:38:25.0948 3268 System windows directory: C:\Windows
23:38:25.0948 3268 Processor architecture: Intel x86
23:38:25.0948 3268 Number of processors: 4
23:38:25.0949 3268 Page size: 0x1000
23:38:25.0949 3268 Boot type: Normal boot
23:38:25.0949 3268 ============================================================
23:38:27.0284 3268 Drive \Device\Harddisk0\DR0 - Size: 0x15D50F66000 (1397.27 Gb), SectorSize: 0x200, Cylinders: 0x2C881, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
23:38:27.0298 3268 ============================================================
23:38:27.0298 3268 \Device\Harddisk0\DR0:
23:38:27.0298 3268 MBR partitions:
23:38:27.0298 3268 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
23:38:27.0298 3268 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xAEA54800
23:38:27.0298 3268 ============================================================
23:38:27.0459 3268 C: <-> \Device\Harddisk0\DR0\Partition2
23:38:27.0464 3268 ============================================================
23:38:27.0464 3268 Initialize success
23:38:27.0464 3268 ============================================================
23:40:15.0907 1980 ============================================================
23:40:15.0907 1980 Scan started
23:40:15.0907 1980 Mode: Manual; SigCheck; TDLFS;
23:40:15.0907 1980 ============================================================
23:40:19.0444 1980 ================ Scan system memory ========================
23:40:19.0444 1980 System memory - ok
23:40:19.0444 1980 ================ Scan services =============================
23:40:19.0589 1980 [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
23:40:19.0844 1980 1394ohci - ok
23:40:19.0889 1980 [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI C:\Windows\system32\drivers\ACPI.sys
23:40:19.0924 1980 ACPI - ok
23:40:19.0964 1980 [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
23:40:20.0054 1980 AcpiPmi - ok
23:40:20.0159 1980 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
23:40:20.0189 1980 AdobeARMservice - ok
23:40:20.0254 1980 [ B2B64AF436FACCFA854DD397027C5360 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
23:40:20.0284 1980 AdobeFlashPlayerUpdateSvc - ok
23:40:20.0324 1980 [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
23:40:20.0359 1980 adp94xx - ok
23:40:20.0379 1980 [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
23:40:20.0399 1980 adpahci - ok
23:40:20.0419 1980 [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
23:40:20.0434 1980 adpu320 - ok
23:40:20.0464 1980 [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
23:40:20.0569 1980 AeLookupSvc - ok
23:40:20.0629 1980 [ 9EBBBA55060F786F0FCAA3893BFA2806 ] AFD C:\Windows\system32\drivers\afd.sys
23:40:20.0724 1980 AFD - ok
23:40:20.0754 1980 [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440 C:\Windows\system32\drivers\agp440.sys
23:40:20.0769 1980 agp440 - ok
23:40:20.0789 1980 [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx C:\Windows\system32\DRIVERS\djsvs.sys
23:40:20.0809 1980 aic78xx - ok
23:40:20.0894 1980 [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG C:\Windows\System32\alg.exe
23:40:20.0959 1980 ALG - ok
23:40:20.0979 1980 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide C:\Windows\system32\drivers\aliide.sys
23:40:20.0994 1980 aliide - ok
23:40:21.0024 1980 [ 446A5644046B7C59C07221742C821A16 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
23:40:21.0119 1980 AMD External Events Utility - ok
23:40:21.0134 1980 [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp C:\Windows\system32\drivers\amdagp.sys
23:40:21.0149 1980 amdagp - ok
23:40:21.0179 1980 [ 211FCE336502911EC03FC15A91344C98 ] amdide C:\Windows\system32\DRIVERS\amdide.sys
23:40:21.0219 1980 amdide - ok
23:40:21.0239 1980 [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
23:40:21.0269 1980 AmdK8 - ok
23:40:21.0504 1980 [ 8B37D7DBF153CF029141C8D82B3F53BA ] amdkmdag C:\Windows\system32\DRIVERS\atipmdag.sys
23:40:21.0579 1980 amdkmdag - ok
23:40:21.0609 1980 [ 2A20C0B5CFE4CFF706856A7B1BF14D72 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
23:40:21.0634 1980 amdkmdap - ok
23:40:21.0664 1980 [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
23:40:21.0689 1980 AmdPPM - ok
23:40:21.0709 1980 [ 6F64C768A9A48FAB7C6D6CEE1B30F97F ] amdsata C:\Windows\system32\DRIVERS\amdsata.sys
23:40:21.0714 1980 amdsata - ok
23:40:21.0719 1980 [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
23:40:21.0729 1980 amdsbs - ok
23:40:21.0754 1980 [ E27866684780606BCCE640A57937D88A ] amdxata C:\Windows\system32\DRIVERS\amdxata.sys
23:40:21.0759 1980 amdxata - ok
23:40:21.0859 1980 [ 6ACC11E9D2F01C88251123D26C1C5489 ] AntiVirFirewallService C:\Program Files\Avira\AntiVir Desktop\avfwsvc.exe
23:40:21.0889 1980 AntiVirFirewallService - ok
23:40:21.0939 1980 [ B7FA28AEFA586FB5A04876C7B31D03E6 ] AntiVirMailService C:\Program Files\Avira\AntiVir Desktop\avmailc.exe
23:40:21.0954 1980 AntiVirMailService - ok
23:40:22.0009 1980 [ 2E35310D600F4CC64624786A813A041E ] AntiVirSchedulerService C:\Program Files\Avira\AntiVir Desktop\sched.exe
23:40:22.0034 1980 AntiVirSchedulerService - ok
23:40:22.0094 1980 [ 984102B9E2F6513008ED4E0C5AC4151D ] AntiVirService C:\Program Files\Avira\AntiVir Desktop\avguard.exe
23:40:22.0124 1980 AntiVirService - ok
23:40:22.0179 1980 [ 9BC7247FD7379307BCFF92CF8EB64B87 ] AntiVirWebService C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
23:40:22.0214 1980 AntiVirWebService - ok
23:40:22.0239 1980 [ AEA177F783E20150ACE5383EE368DA19 ] AppID C:\Windows\system32\drivers\appid.sys
23:40:22.0354 1980 AppID - ok
23:40:22.0389 1980 [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc C:\Windows\System32\appidsvc.dll
23:40:22.0449 1980 AppIDSvc - ok
23:40:22.0479 1980 [ FB1959012294D6AD43E5304DF65E3C26 ] Appinfo C:\Windows\System32\appinfo.dll
23:40:22.0519 1980 Appinfo - ok
23:40:22.0574 1980 [ F401929EE0CC92BFE7F15161CA535383 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
23:40:22.0594 1980 Apple Mobile Device - ok
23:40:22.0609 1980 [ 2932004F49677BD84DBC72EDB754FFB3 ] arc C:\Windows\system32\DRIVERS\arc.sys
23:40:22.0624 1980 arc - ok
23:40:22.0629 1980 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
23:40:22.0639 1980 arcsas - ok
23:40:22.0654 1980 [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
23:40:22.0749 1980 AsyncMac - ok
23:40:22.0789 1980 [ 338C86357871C167A96AB976519BF59E ] atapi C:\Windows\system32\drivers\atapi.sys
23:40:22.0804 1980 atapi - ok
23:40:22.0849 1980 [ 430449D04B05348879244C9090D405B4 ] AtiHdmiService C:\Windows\system32\drivers\AtiHdmi.sys
23:40:22.0894 1980 AtiHdmiService - ok
23:40:22.0929 1980 [ B73C832088DD54B55E04FF6F9646AD8C ] AtiPcie C:\Windows\system32\DRIVERS\AtiPcie.sys
23:40:22.0949 1980 AtiPcie - ok
23:40:22.0984 1980 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
23:40:23.0049 1980 AudioEndpointBuilder - ok
23:40:23.0059 1980 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv C:\Windows\System32\Audiosrv.dll
23:40:23.0084 1980 Audiosrv - ok
23:40:23.0125 1980 [ E6263CDD0EF3B98CFA2A251A21D8BE2E ] avfwim C:\Windows\system32\DRIVERS\avfwim.sys
23:40:23.0130 1980 avfwim - ok
23:40:23.0180 1980 [ 48929A52C039738C3193581F7FC483A5 ] avfwot C:\Windows\system32\DRIVERS\avfwot.sys
23:40:23.0215 1980 avfwot - ok
23:40:23.0260 1980 [ D5541F0AFB767E85FC412FC609D96A74 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
23:40:23.0285 1980 avgntflt - ok
23:40:23.0325 1980 [ 7D967A682D4694DF7FA57D63A2DB01FE ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
23:40:23.0345 1980 avipbb - ok
23:40:23.0360 1980 [ 53E56450DA16A1A7F0D002F511113F67 ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
23:40:23.0375 1980 avkmgr - ok
23:40:23.0425 1980 [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV C:\Windows\System32\AxInstSV.dll
23:40:23.0500 1980 AxInstSV - ok
23:40:23.0510 1980 [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv C:\Windows\system32\DRIVERS\bxvbdx.sys
23:40:23.0590 1980 b06bdrv - ok
23:40:23.0620 1980 [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
23:40:23.0650 1980 b57nd60x - ok
23:40:23.0700 1980 [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC C:\Windows\System32\bdesvc.dll
23:40:23.0810 1980 BDESVC - ok
23:40:23.0835 1980 [ 505506526A9D467307B3C393DEDAF858 ] Beep C:\Windows\system32\drivers\Beep.sys
23:40:23.0875 1980 Beep - ok
23:40:23.0925 1980 [ 1E2BAC209D184BB851E1A187D8A29136 ] BFE C:\Windows\System32\bfe.dll
23:40:23.0970 1980 BFE - ok
23:40:24.0005 1980 [ E585445D5021971FAE10393F0F1C3961 ] BITS C:\Windows\System32\qmgr.dll
23:40:24.0040 1980 BITS - ok
23:40:24.0050 1980 [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
23:40:24.0075 1980 blbdrive - ok
23:40:24.0150 1980 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
23:40:24.0185 1980 Bonjour Service - ok
23:40:24.0210 1980 [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
23:40:24.0270 1980 bowser - ok
23:40:24.0285 1980 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
23:40:24.0360 1980 BrFiltLo - ok
23:40:24.0380 1980 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
23:40:24.0440 1980 BrFiltUp - ok
23:40:24.0475 1980 [ 3DAA727B5B0A45039B0E1C9A211B8400 ] Browser C:\Windows\System32\browser.dll
23:40:24.0550 1980 Browser - ok
23:40:24.0565 1980 [ 845B8CE732E67F3B4133164868C666EA ] Brserid C:\Windows\System32\Drivers\Brserid.sys
23:40:24.0635 1980 Brserid - ok
23:40:24.0655 1980 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
23:40:24.0675 1980 BrSerWdm - ok
23:40:24.0685 1980 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
23:40:24.0710 1980 BrUsbMdm - ok
23:40:24.0715 1980 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
23:40:24.0725 1980 BrUsbSer - ok
23:40:24.0775 1980 [ 2865A5C8E98C70C605F417908CEBB3A4 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
23:40:24.0840 1980 BthEnum - ok
23:40:24.0845 1980 [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
23:40:24.0870 1980 BTHMODEM - ok
23:40:24.0905 1980 [ AD1872E5829E8A2C3B5B4B641C3EAB0E ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
23:40:24.0935 1980 BthPan - ok
23:40:24.0970 1980 [ 1153DE2E4F5941E10C399CB5592F78A1 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
23:40:25.0015 1980 BTHPORT - ok
23:40:25.0030 1980 [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv C:\Windows\system32\bthserv.dll
23:40:25.0055 1980 bthserv - ok
23:40:25.0080 1980 [ C81E9413A25A439F436B1D4B6A0CF9E9 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
23:40:25.0105 1980 BTHUSB - ok
23:40:25.0120 1980 [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
23:40:25.0165 1980 cdfs - ok
23:40:25.0205 1980 [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
23:40:25.0250 1980 cdrom - ok
23:40:25.0290 1980 [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc C:\Windows\System32\certprop.dll
23:40:25.0360 1980 CertPropSvc - ok
23:40:25.0375 1980 [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
23:40:25.0395 1980 circlass - ok
23:40:25.0415 1980 [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS C:\Windows\system32\CLFS.sys
23:40:25.0430 1980 CLFS - ok
23:40:25.0475 1980 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
23:40:25.0500 1980 clr_optimization_v2.0.50727_32 - ok
23:40:25.0555 1980 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
23:40:25.0586 1980 clr_optimization_v4.0.30319_32 - ok
23:40:25.0602 1980 [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
23:40:25.0643 1980 CmBatt - ok
23:40:25.0663 1980 [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide C:\Windows\system32\drivers\cmdide.sys
23:40:25.0673 1980 cmdide - ok
23:40:25.0713 1980 [ 247B4CE2DAB1160CD422D532D5241E1F ] CNG C:\Windows\system32\Drivers\cng.sys
23:40:25.0763 1980 CNG - ok
23:40:25.0778 1980 [ A6023D3823C37043986713F118A89BEE ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
23:40:25.0788 1980 Compbatt - ok
23:40:25.0818 1980 [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
23:40:25.0838 1980 CompositeBus - ok
23:40:25.0843 1980 COMSysApp - ok
23:40:25.0933 1980 cpuz132 - ok
23:40:25.0938 1980 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
23:40:25.0963 1980 crcdisk - ok
23:40:26.0003 1980 [ 06E771AA596B8761107AB57E99F128D7 ] CryptSvc C:\Windows\system32\cryptsvc.dll
23:40:26.0063 1980 CryptSvc - ok
23:40:26.0148 1980 [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch C:\Windows\system32\rpcss.dll
23:40:26.0198 1980 DcomLaunch - ok
23:40:26.0223 1980 [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc C:\Windows\System32\defragsvc.dll
23:40:26.0253 1980 defragsvc - ok
23:40:26.0263 1980 [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
23:40:26.0323 1980 DfsC - ok
23:40:26.0353 1980 [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp C:\Windows\system32\dhcpcore.dll
23:40:26.0388 1980 Dhcp - ok
23:40:26.0403 1980 [ 1A050B0274BFB3890703D490F330C0DA ] discache C:\Windows\system32\drivers\discache.sys
23:40:26.0428 1980 discache - ok
23:40:26.0433 1980 [ 565003F326F99802E68CA78F2A68E9FF ] Disk C:\Windows\system32\DRIVERS\disk.sys
23:40:26.0443 1980 Disk - ok
23:40:26.0478 1980 [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache C:\Windows\System32\dnsrslvr.dll
23:40:26.0493 1980 Dnscache - ok
23:40:26.0513 1980 [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc C:\Windows\System32\dot3svc.dll
23:40:26.0533 1980 dot3svc - ok
23:40:26.0548 1980 [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS C:\Windows\system32\dps.dll
23:40:26.0593 1980 DPS - ok
23:40:26.0623 1980 [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
23:40:26.0638 1980 drmkaud - ok
23:40:26.0673 1980 [ 23F5D28378A160352BA8F817BD8C71CB ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
23:40:26.0713 1980 DXGKrnl - ok
23:40:26.0758 1980 [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost C:\Windows\System32\eapsvc.dll
23:40:26.0813 1980 EapHost - ok
23:40:26.0893 1980 [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv C:\Windows\system32\DRIVERS\evbdx.sys
23:40:27.0013 1980 ebdrv - ok
23:40:27.0033 1980 [ 81951F51E318AECC2D68559E47485CC4 ] EFS C:\Windows\System32\lsass.exe
23:40:27.0098 1980 EFS - ok
23:40:27.0153 1980 [ A8C362018EFC87BEB013EE28F29C0863 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
23:40:27.0233 1980 ehRecvr - ok
23:40:27.0253 1980 [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched C:\Windows\ehome\ehsched.exe
23:40:27.0308 1980 ehSched - ok
23:40:27.0328 1980 [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
23:40:27.0353 1980 elxstor - ok
23:40:27.0378 1980 [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev C:\Windows\system32\drivers\errdev.sys
23:40:27.0418 1980 ErrDev - ok
23:40:27.0448 1980 [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem C:\Windows\system32\es.dll
23:40:27.0483 1980 EventSystem - ok
23:40:27.0503 1980 [ 2DC9108D74081149CC8B651D3A26207F ] exfat C:\Windows\system32\drivers\exfat.sys
23:40:27.0558 1980 exfat - ok
23:40:27.0573 1980 [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat C:\Windows\system32\drivers\fastfat.sys
23:40:27.0603 1980 fastfat - ok
23:40:27.0623 1980 [ 967EA5B213E9984CBE270205DF37755B ] Fax C:\Windows\system32\fxssvc.exe
23:40:27.0654 1980 Fax - ok
23:40:27.0654 1980 [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
23:40:27.0669 1980 fdc - ok
23:40:27.0684 1980 [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost C:\Windows\system32\fdPHost.dll
23:40:27.0719 1980 fdPHost - ok
23:40:27.0739 1980 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub C:\Windows\system32\fdrespub.dll
23:40:27.0764 1980 FDResPub - ok
23:40:27.0779 1980 [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
23:40:27.0789 1980 FileInfo - ok
23:40:27.0794 1980 [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
23:40:27.0814 1980 Filetrace - ok
23:40:27.0854 1980 [ F76D04F7413B07DAA029F6520B64B4E8 ] FLEXnet Licensing Service C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
23:40:27.0899 1980 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - warning
23:40:27.0899 1980 FLEXnet Licensing Service - detected UnsignedFile.Multi.Generic (1)
23:40:27.0904 1980 [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
23:40:27.0919 1980 flpydisk - ok
23:40:27.0939 1980 [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
23:40:27.0959 1980 FltMgr - ok
23:40:28.0014 1980 [ B3A5EC6B6B6673DB7E87C2BCDBDDC074 ] FontCache C:\Windows\system32\FntCache.dll
23:40:28.0115 1980 FontCache - ok
23:40:28.0165 1980 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
23:40:28.0190 1980 FontCache3.0.0.0 - ok
23:40:28.0195 1980 [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
23:40:28.0210 1980 FsDepends - ok
23:40:28.0245 1980 [ 7DAE5EBCC80E45D3253F4923DC424D05 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
23:40:28.0260 1980 Fs_Rec - ok
23:40:28.0295 1980 [ 8A73E79089B282100B9393B644CB853B ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
23:40:28.0330 1980 fvevol - ok
23:40:28.0335 1980 [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
23:40:28.0345 1980 gagp30kx - ok
23:40:28.0380 1980 [ 8182FF89C65E4D38B2DE4BB0FB18564E ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
23:40:28.0400 1980 GEARAspiWDM - ok
23:40:28.0455 1980 [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc C:\Windows\System32\gpsvc.dll
23:40:28.0505 1980 gpsvc - ok
23:40:28.0570 1980 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
23:40:28.0595 1980 gupdate - ok
23:40:28.0605 1980 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
23:40:28.0620 1980 gupdatem - ok
23:40:28.0625 1980 [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
23:40:28.0675 1980 hcw85cir - ok
23:40:28.0740 1980 [ A5EF29D5315111C80A5C1ABAD14C8972 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
23:40:28.0800 1980 HdAudAddService - ok
23:40:28.0825 1980 [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
23:40:28.0855 1980 HDAudBus - ok
23:40:28.0870 1980 [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
23:40:28.0900 1980 HidBatt - ok
23:40:28.0905 1980 [ 89448F40E6DF260C206A193A4683BA78 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
23:40:28.0930 1980 HidBth - ok
23:40:28.0945 1980 [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
23:40:28.0960 1980 HidIr - ok
23:40:28.0975 1980 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv C:\Windows\system32\hidserv.dll
23:40:29.0000 1980 hidserv - ok
23:40:29.0010 1980 [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb C:\Windows\system32\drivers\hidusb.sys
23:40:29.0020 1980 HidUsb - ok
23:40:29.0050 1980 [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc C:\Windows\system32\kmsvc.dll
23:40:29.0080 1980 hkmsvc - ok
23:40:29.0120 1980 [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
23:40:29.0155 1980 HomeGroupListener - ok
23:40:29.0180 1980 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
23:40:29.0200 1980 HomeGroupProvider - ok
23:40:29.0220 1980 [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
23:40:29.0240 1980 HpSAMD - ok
23:40:29.0280 1980 [ 871917B07A141BFF43D76D8844D48106 ] HTTP C:\Windows\system32\drivers\HTTP.sys
23:40:29.0330 1980 HTTP - ok
23:40:29.0350 1980 [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
23:40:29.0360 1980 hwpolicy - ok
23:40:29.0385 1980 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
23:40:29.0395 1980 i8042prt - ok
23:40:29.0415 1980 [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
23:40:29.0430 1980 iaStorV - ok
23:40:29.0505 1980 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
23:40:29.0525 1980 IDriverT ( UnsignedFile.Multi.Generic ) - warning
23:40:29.0525 1980 IDriverT - detected UnsignedFile.Multi.Generic (1)
23:40:29.0595 1980 [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
23:40:29.0650 1980 idsvc - ok
23:40:29.0670 1980 [ 4173FF5708F3236CF25195FECD742915 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
23:40:29.0675 1980 iirsp - ok
23:40:29.0695 1980 [ F95622F161474511B8D80D6B093AA610 ] IKEEXT C:\Windows\System32\ikeext.dll
23:40:29.0725 1980 IKEEXT - ok
23:40:29.0830 1980 [ 97FA95E4F486F37D60AD3744D86F3D7E ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
23:40:29.0930 1980 IntcAzAudAddService - ok
23:40:29.0940 1980 [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide C:\Windows\system32\drivers\intelide.sys
23:40:29.0950 1980 intelide - ok
23:40:29.0970 1980 [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
23:40:29.0995 1980 intelppm - ok
23:40:30.0010 1980 [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
23:40:30.0040 1980 IPBusEnum - ok
23:40:30.0055 1980 [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
23:40:30.0090 1980 IpFilterDriver - ok
23:40:30.0105 1980 [ 4D65A07B795D6674312F879D09AA7663 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
23:40:30.0130 1980 iphlpsvc - ok
23:40:30.0145 1980 [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
23:40:30.0170 1980 IPMIDRV - ok
23:40:30.0190 1980 [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT C:\Windows\system32\drivers\ipnat.sys
23:40:30.0250 1980 IPNAT - ok
23:40:30.0320 1980 [ E6BE7A41A28D8F2DB174957454D32448 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
23:40:30.0355 1980 iPod Service - ok
23:40:30.0375 1980 [ 42996CFF20A3084A56017B7902307E9F ] IRENUM C:\Windows\system32\drivers\irenum.sys
23:40:30.0435 1980 IRENUM - ok
23:40:30.0455 1980 [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp C:\Windows\system32\drivers\isapnp.sys
23:40:30.0485 1980 isapnp - ok
23:40:30.0500 1980 [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
23:40:30.0520 1980 iScsiPrt - ok
23:40:30.0540 1980 [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
23:40:30.0555 1980 kbdclass - ok
23:40:30.0580 1980 [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
23:40:30.0630 1980 kbdhid - ok
23:40:30.0640 1980 [ 81951F51E318AECC2D68559E47485CC4 ] KeyIso C:\Windows\system32\lsass.exe
23:40:30.0665 1980 KeyIso - ok
23:40:30.0695 1980 [ B7895B4182C0D16F6EFADEB8081E8D36 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
23:40:30.0710 1980 KSecDD - ok
23:40:30.0725 1980 [ D30159AC9237519FBC62C6EC247D2D46 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
23:40:30.0745 1980 KSecPkg - ok
23:40:30.0770 1980 [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm C:\Windows\system32\msdtckrm.dll
23:40:30.0800 1980 KtmRm - ok
23:40:30.0840 1980 [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer C:\Windows\system32\srvsvc.dll
23:40:30.0890 1980 LanmanServer - ok
23:40:30.0900 1980 [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
23:40:30.0935 1980 LanmanWorkstation - ok
23:40:30.0950 1980 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
23:40:30.0970 1980 lltdio - ok
23:40:31.0000 1980 [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc C:\Windows\System32\lltdsvc.dll
23:40:31.0040 1980 lltdsvc - ok
23:40:31.0060 1980 [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts C:\Windows\System32\lmhsvc.dll
23:40:31.0080 1980 lmhosts - ok
23:40:31.0095 1980 [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
23:40:31.0105 1980 LSI_FC - ok
23:40:31.0120 1980 [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
23:40:31.0130 1980 LSI_SAS - ok
23:40:31.0150 1980 [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
23:40:31.0160 1980 LSI_SAS2 - ok
23:40:31.0165 1980 [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
23:40:31.0175 1980 LSI_SCSI - ok
23:40:31.0180 1980 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv C:\Windows\system32\drivers\luafv.sys
23:40:31.0200 1980 luafv - ok
23:40:31.0225 1980 [ BFB9EE8EE977EFE85D1A3105ABEF6DD1 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
23:40:31.0235 1980 Mcx2Svc - ok
23:40:31.0250 1980 [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
23:40:31.0260 1980 megasas - ok
23:40:31.0280 1980 [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
23:40:31.0295 1980 MegaSR - ok
23:40:31.0305 1980 [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS C:\Windows\system32\mmcss.dll
23:40:31.0355 1980 MMCSS - ok
23:40:31.0400 1980 [ F001861E5700EE84E2D4E52C712F4964 ] Modem C:\Windows\system32\drivers\modem.sys
23:40:31.0480 1980 Modem - ok
23:40:31.0490 1980 [ 79D10964DE86B292320E9DFE02282A23 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
23:40:31.0515 1980 monitor - ok
23:40:31.0545 1980 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass C:\Windows\system32\drivers\mouclass.sys
23:40:31.0560 1980 mouclass - ok
23:40:31.0570 1980 [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
23:40:31.0590 1980 mouhid - ok
23:40:31.0625 1980 [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
23:40:31.0655 1980 mountmgr - ok
23:40:31.0735 1980 [ CB8AF049AC9BE419A77ADAE288673359 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
23:40:31.0755 1980 MozillaMaintenance - ok
23:40:31.0775 1980 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio C:\Windows\system32\drivers\mpio.sys
23:40:31.0790 1980 mpio - ok
23:40:31.0795 1980 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
23:40:31.0825 1980 mpsdrv - ok
23:40:31.0860 1980 [ 9835584E999D25004E1EE8E5F3E3B881 ] MpsSvc C:\Windows\system32\mpssvc.dll
23:40:31.0920 1980 MpsSvc - ok
23:40:31.0930 1980 [ CEB46AB7C01C9F825F8CC6BABC18166A ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
23:40:31.0945 1980 MRxDAV - ok
23:40:31.0975 1980 [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
23:40:32.0050 1980 mrxsmb - ok
23:40:32.0090 1980 [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
23:40:32.0126 1980 mrxsmb10 - ok
23:40:32.0146 1980 [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
23:40:32.0181 1980 mrxsmb20 - ok
23:40:32.0191 1980 [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci C:\Windows\system32\drivers\msahci.sys
23:40:32.0226 1980 msahci - ok
23:40:32.0246 1980 [ 55055F8AD8BE27A64C831322A780A228 ] msdsm C:\Windows\system32\drivers\msdsm.sys
23:40:32.0261 1980 msdsm - ok
23:40:32.0281 1980 [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC C:\Windows\System32\msdtc.exe
23:40:32.0316 1980 MSDTC - ok
23:40:32.0351 1980 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs C:\Windows\system32\drivers\Msfs.sys
23:40:32.0376 1980 Msfs - ok
23:40:32.0391 1980 [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
23:40:32.0411 1980 mshidkmdf - ok
23:40:32.0416 1980 [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
23:40:32.0426 1980 msisadrv - ok
23:40:32.0441 1980 [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
23:40:32.0476 1980 MSiSCSI - ok
23:40:32.0476 1980 msiserver - ok
23:40:32.0501 1980 [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
23:40:32.0531 1980 MSKSSRV - ok
23:40:32.0566 1980 [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
23:40:32.0591 1980 MSPCLOCK - ok
23:40:32.0596 1980 [ F456E973590D663B1073E9C463B40932 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
23:40:32.0611 1980 MSPQM - ok
23:40:32.0631 1980 [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
23:40:32.0641 1980 MsRPC - ok
23:40:32.0661 1980 [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
23:40:32.0666 1980 mssmbios - ok
23:40:32.0681 1980 [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
23:40:32.0701 1980 MSTEE - ok
23:40:32.0721 1980 [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
23:40:32.0726 1980 MTConfig - ok
23:40:32.0741 1980 [ 159FAD02F64E6381758C990F753BCC80 ] Mup C:\Windows\system32\Drivers\mup.sys
23:40:32.0746 1980 Mup - ok
23:40:32.0761 1980 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent C:\Windows\system32\qagentRT.dll
23:40:32.0786 1980 napagent - ok
23:40:32.0811 1980 [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
23:40:32.0826 1980 NativeWifiP - ok
23:40:32.0876 1980 [ E7C54812A2AAF43316EB6930C1FFA108 ] NDIS C:\Windows\system32\drivers\ndis.sys
23:40:32.0921 1980 NDIS - ok
23:40:32.0936 1980 [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
23:40:32.0961 1980 NdisCap - ok
23:40:32.0976 1980 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
23:40:32.0991 1980 NdisTapi - ok
23:40:33.0031 1980 [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
23:40:33.0071 1980 Ndisuio - ok
23:40:33.0106 1980 [ 38FBE267E7E6983311179230FACB1017 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
23:40:33.0136 1980 NdisWan - ok
23:40:33.0166 1980 [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
23:40:33.0186 1980 NDProxy - ok
23:40:33.0196 1980 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
23:40:33.0216 1980 NetBIOS - ok
23:40:33.0241 1980 [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
23:40:33.0276 1980 NetBT - ok
23:40:33.0281 1980 [ 81951F51E318AECC2D68559E47485CC4 ] Netlogon C:\Windows\system32\lsass.exe
23:40:33.0291 1980 Netlogon - ok
23:40:33.0411 1980 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman C:\Windows\System32\netman.dll
23:40:33.0491 1980 Netman - ok
23:40:33.0511 1980 [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm C:\Windows\System32\netprofm.dll
23:40:33.0536 1980 netprofm - ok
23:40:33.0566 1980 [ F476EC40033CDB91EFBE73EB99B8362D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
23:40:33.0571 1980 NetTcpPortSharing - ok
23:40:33.0586 1980 [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
23:40:33.0596 1980 nfrd960 - ok
23:40:33.0616 1980 [ 912084381D30D8B89EC4E293053F4710 ] NlaSvc C:\Windows\System32\nlasvc.dll
23:40:33.0641 1980 NlaSvc - ok
23:40:33.0656 1980 [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs C:\Windows\system32\drivers\Npfs.sys
23:40:33.0676 1980 Npfs - ok
23:40:33.0701 1980 [ BA387E955E890C8A88306D9B8D06BF17 ] nsi C:\Windows\system32\nsisvc.dll
23:40:33.0726 1980 nsi - ok
23:40:33.0736 1980 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
23:40:33.0751 1980 nsiproxy - ok
23:40:33.0811 1980 [ 81189C3D7763838E55C397759D49007A ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
23:40:33.0886 1980 Ntfs - ok
23:40:33.0896 1980 [ F9756A98D69098DCA8945D62858A812C ] Null C:\Windows\system32\drivers\Null.sys
23:40:33.0916 1980 Null - ok
23:40:33.0951 1980 [ B3E25EE28883877076E0E1FF877D02E0 ] nvraid C:\Windows\system32\drivers\nvraid.sys
23:40:33.0961 1980 nvraid - ok
23:40:33.0976 1980 [ 4380E59A170D88C4F1022EFF6719A8A4 ] nvstor C:\Windows\system32\drivers\nvstor.sys
23:40:33.0986 1980 nvstor - ok
23:40:34.0001 1980 [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
23:40:34.0011 1980 nv_agp - ok
23:40:34.0096 1980 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
23:40:34.0126 1980 odserv - ok
23:40:34.0156 1980 [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
23:40:34.0176 1980 ohci1394 - ok
23:40:34.0191 1980 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
23:40:34.0206 1980 ose - ok
23:40:34.0221 1980 [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
23:40:34.0311 1980 p2pimsvc - ok
23:40:34.0331 1980 [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc C:\Windows\system32\p2psvc.dll
23:40:34.0366 1980 p2psvc - ok
23:40:34.0411 1980 [ 803CF09C795290825607505D37819135 ] PalmUSBD C:\Windows\system32\drivers\PalmUSBD.sys
23:40:34.0456 1980 PalmUSBD - ok
23:40:34.0471 1980 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport C:\Windows\system32\DRIVERS\parport.sys
23:40:34.0486 1980 Parport - ok
23:40:34.0511 1980 [ 3F34A1B4C5F6475F320C275E63AFCE9B ] partmgr C:\Windows\system32\drivers\partmgr.sys
23:40:34.0526 1980 partmgr - ok
23:40:34.0551 1980 [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm C:\Windows\system32\DRIVERS\parvdm.sys
23:40:34.0566 1980 Parvdm - ok
23:40:34.0581 1980 [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc C:\Windows\System32\pcasvc.dll
23:40:34.0606 1980 PcaSvc - ok
23:40:34.0621 1980 [ 673E55C3498EB970088E812EA820AA8F ] pci C:\Windows\system32\drivers\pci.sys
23:40:34.0641 1980 pci - ok
23:40:34.0681 1980 [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide C:\Windows\system32\drivers\pciide.sys
23:40:34.0696 1980 pciide - ok
23:40:34.0721 1980 [ F396431B31693E71E8A80687EF523506 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
23:40:34.0741 1980 pcmcia - ok
23:40:34.0751 1980 [ 250F6B43D2B613172035C6747AEEB19F ] pcw C:\Windows\system32\drivers\pcw.sys
23:40:34.0761 1980 pcw - ok
23:40:34.0781 1980 [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH C:\Windows\system32\drivers\peauth.sys
23:40:34.0806 1980 PEAUTH - ok
23:40:34.0886 1980 [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla C:\Windows\system32\pla.dll
23:40:34.0961 1980 pla - ok
23:40:35.0006 1980 [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay C:\Windows\system32\umpnpmgr.dll
23:40:35.0066 1980 PlugPlay - ok
23:40:35.0076 1980 [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
23:40:35.0091 1980 PNRPAutoReg - ok
23:40:35.0101 1980 [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
23:40:35.0111 1980 PNRPsvc - ok
23:40:35.0131 1980 [ 53946B69BA0836BD95B03759530C81EC ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
23:40:35.0161 1980 PolicyAgent - ok
23:40:35.0196 1980 [ F87D30E72E03D579A5199CCB3831D6EA ] Power C:\Windows\system32\umpo.dll
23:40:35.0226 1980 Power - ok
23:40:35.0256 1980 [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
23:40:35.0321 1980 PptpMiniport - ok
23:40:35.0336 1980 [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor C:\Windows\system32\DRIVERS\processr.sys
23:40:35.0356 1980 Processor - ok
23:40:35.0401 1980 [ CADEFAC453040E370A1BDFF3973BE00D ] ProfSvc C:\Windows\system32\profsvc.dll
23:40:35.0471 1980 ProfSvc - ok
23:40:35.0476 1980 [ 81951F51E318AECC2D68559E47485CC4 ] ProtectedStorage C:\Windows\system32\lsass.exe
23:40:35.0501 1980 ProtectedStorage - ok
23:40:35.0526 1980 [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched C:\Windows\system32\DRIVERS\pacer.sys
23:40:35.0556 1980 Psched - ok
23:40:35.0596 1980 [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
23:40:35.0626 1980 ql2300 - ok
23:40:35.0631 1980 [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
23:40:35.0641 1980 ql40xx - ok
23:40:35.0671 1980 [ 31AC809E7707EB580B2BDB760390765A ] QWAVE C:\Windows\system32\qwave.dll
23:40:35.0706 1980 QWAVE - ok
23:40:35.0716 1980 [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
23:40:35.0736 1980 QWAVEdrv - ok
23:40:35.0736 1980 [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
23:40:35.0771 1980 RasAcd - ok
23:40:35.0786 1980 [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
23:40:35.0821 1980 RasAgileVpn - ok
23:40:35.0821 1980 [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto C:\Windows\System32\rasauto.dll
23:40:35.0853 1980 RasAuto - ok
23:40:35.0853 1980 [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
23:40:35.0888 1980 Rasl2tp - ok
23:40:35.0933 1980 [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan C:\Windows\System32\rasmans.dll
23:40:35.0963 1980 RasMan - ok
23:40:35.0983 1980 [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
23:40:36.0013 1980 RasPppoe - ok
23:40:36.0023 1980 [ 44101F495A83EA6401D886E7FD70096B ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
23:40:36.0053 1980 RasSstp - ok
23:40:36.0068 1980 [ D528BC58A489409BA40334EBF96A311B ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
23:40:36.0098 1980 rdbss - ok
23:40:36.0113 1980 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
23:40:36.0128 1980 rdpbus - ok
23:40:36.0158 1980 [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
23:40:36.0178 1980 RDPCDD - ok
23:40:36.0193 1980 [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
23:40:36.0213 1980 RDPENCDD - ok
23:40:36.0228 1980 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
23:40:36.0243 1980 RDPREFMP - ok
23:40:36.0283 1980 [ F031683E6D1FEA157ABB2FF260B51E61 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
23:40:36.0348 1980 RDPWD - ok
23:40:36.0398 1980 [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
23:40:36.0453 1980 rdyboost - ok
23:40:36.0473 1980 [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess C:\Windows\System32\mprdim.dll
23:40:36.0498 1980 RemoteAccess - ok
23:40:36.0518 1980 [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry C:\Windows\system32\regsvc.dll
23:40:36.0538 1980 RemoteRegistry - ok
23:40:36.0578 1980 [ CB928D9E6DAF51879DD6BA8D02F01321 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
23:40:36.0618 1980 RFCOMM - ok
23:40:36.0658 1980 [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
23:40:36.0713 1980 RpcEptMapper - ok
23:40:36.0733 1980 [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator C:\Windows\system32\locator.exe
23:40:36.0748 1980 RpcLocator - ok
23:40:36.0768 1980 [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs C:\Windows\system32\rpcss.dll
23:40:36.0788 1980 RpcSs - ok
23:40:36.0798 1980 [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
23:40:36.0833 1980 rspndr - ok
23:40:36.0868 1980 [ BCEBD5D1AABCE4EFB7597635E347C44B ] RTL8167 C:\Windows\system32\DRIVERS\Rt86win7.sys
23:40:36.0938 1980 RTL8167 - ok
23:40:36.0968 1980 [ 51ADEF77E4C929535FD50DA153774E79 ] RTL8192su C:\Windows\system32\DRIVERS\RTL8192su.sys
23:40:37.0003 1980 RTL8192su - ok
23:40:37.0028 1980 [ 81951F51E318AECC2D68559E47485CC4 ] SamSs C:\Windows\system32\lsass.exe
23:40:37.0038 1980 SamSs - ok
23:40:37.0068 1980 [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
23:40:37.0078 1980 sbp2port - ok
23:40:37.0098 1980 [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr C:\Windows\System32\SCardSvr.dll
23:40:37.0123 1980 SCardSvr - ok
23:40:37.0128 1980 [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
23:40:37.0148 1980 scfilter - ok
23:40:37.0188 1980 [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule C:\Windows\system32\schedsvc.dll
23:40:37.0223 1980 Schedule - ok
23:40:37.0238 1980 [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc C:\Windows\System32\certprop.dll
23:40:37.0258 1980 SCPolicySvc - ok
23:40:37.0293 1980 [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC C:\Windows\System32\SDRSVC.dll
23:40:37.0378 1980 SDRSVC - ok
23:40:37.0393 1980 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
23:40:37.0418 1980 secdrv - ok
23:40:37.0433 1980 [ A59B3A4442C52060CC7A85293AA3546F ] seclogon C:\Windows\system32\seclogon.dll
23:40:37.0468 1980 seclogon - ok
23:40:37.0488 1980 [ DCB7FCDCC97F87360F75D77425B81737 ] SENS C:\Windows\System32\sens.dll
23:40:37.0543 1980 SENS - ok
23:40:37.0558 1980 [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc C:\Windows\system32\sensrsvc.dll
23:40:37.0633 1980 SensrSvc - ok
23:40:37.0653 1980 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
23:40:37.0683 1980 Serenum - ok
23:40:37.0698 1980 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial C:\Windows\system32\DRIVERS\serial.sys
23:40:37.0718 1980 Serial - ok
23:40:37.0728 1980 [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
23:40:37.0743 1980 sermouse - ok
23:40:37.0788 1980 [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv C:\Windows\system32\sessenv.dll
23:40:37.0818 1980 SessionEnv - ok
23:40:37.0848 1980 [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
23:40:37.0893 1980 sffdisk - ok
23:40:37.0923 1980 [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
23:40:37.0968 1980 sffp_mmc - ok
23:40:37.0983 1980 [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
23:40:37.0998 1980 sffp_sd - ok
23:40:38.0018 1980 [ DB96666CC8312EBC45032F30B007A547 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
23:40:38.0038 1980 sfloppy - ok
23:40:38.0058 1980 [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess C:\Windows\System32\ipnathlp.dll
23:40:38.0083 1980 SharedAccess - ok
23:40:38.0118 1980 [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
23:40:38.0138 1980 ShellHWDetection - ok
23:40:38.0158 1980 [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp C:\Windows\system32\drivers\sisagp.sys
23:40:38.0168 1980 sisagp - ok
23:40:38.0183 1980 [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
23:40:38.0193 1980 SiSRaid2 - ok
23:40:38.0203 1980 [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
23:40:38.0213 1980 SiSRaid4 - ok
23:40:38.0253 1980 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
23:40:38.0283 1980 SkypeUpdate - ok
23:40:38.0303 1980 [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb C:\Windows\system32\DRIVERS\smb.sys
23:40:38.0328 1980 Smb - ok
23:40:38.0333 1980 [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
23:40:38.0348 1980 SNMPTRAP - ok
23:40:38.0363 1980 [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr C:\Windows\system32\drivers\spldr.sys
23:40:38.0373 1980 spldr - ok
23:40:38.0398 1980 [ 9AEA093B8F9C37CF45538382CABA2475 ] Spooler C:\Windows\System32\spoolsv.exe
23:40:38.0453 1980 Spooler - ok
23:40:38.0553 1980 [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc C:\Windows\system32\sppsvc.exe
23:40:38.0638 1980 sppsvc - ok
23:40:38.0668 1980 [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify C:\Windows\system32\sppuinotify.dll
23:40:38.0743 1980 sppuinotify - ok
23:40:38.0773 1980 [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv C:\Windows\system32\DRIVERS\srv.sys
23:40:38.0838 1980 srv - ok
23:40:38.0858 1980 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
23:40:38.0873 1980 srv2 - ok
23:40:38.0888 1980 [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
23:40:38.0908 1980 srvnet - ok
23:40:38.0928 1980 [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
23:40:38.0958 1980 SSDPSRV - ok
23:40:38.0988 1980 [ A36EE93698802CD899F98BFD553D8185 ] ssmdrv C:\Windows\system32\DRIVERS\ssmdrv.sys
23:40:38.0993 1980 ssmdrv - ok
23:40:39.0003 1980 [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc C:\Windows\system32\sstpsvc.dll
23:40:39.0023 1980 SstpSvc - ok
23:40:39.0038 1980 [ DB32D325C192B801DF274BFD12A7E72B ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
23:40:39.0048 1980 stexstor - ok
23:40:39.0083 1980 [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc C:\Windows\System32\wiaservc.dll
23:40:39.0103 1980 StiSvc - ok
23:40:39.0128 1980 [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum C:\Windows\system32\drivers\swenum.sys
23:40:39.0133 1980 swenum - ok
23:40:39.0153 1980 [ A28BD92DF340E57B024BA433165D34D7 ] swprv C:\Windows\System32\swprv.dll
23:40:39.0178 1980 swprv - ok
23:40:39.0223 1980 [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain C:\Windows\system32\sysmain.dll
23:40:39.0273 1980 SysMain - ok
23:40:39.0283 1980 [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\Windows\System32\TabSvc.dll
23:40:39.0308 1980 TabletInputService - ok
23:40:39.0343 1980 [ 613BF4820361543956909043A265C6AC ] TapiSrv C:\Windows\System32\tapisrv.dll
23:40:39.0363 1980 TapiSrv - ok
23:40:39.0383 1980 [ B799D9FDB26111737F58288D8DC172D9 ] TBS C:\Windows\System32\tbssvc.dll
23:40:39.0418 1980 TBS - ok
23:40:39.0478 1980 [ 7FA2E0F8B072BD04B77B421480B6CC22 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
23:40:39.0533 1980 Tcpip - ok
23:40:39.0553 1980 [ 7FA2E0F8B072BD04B77B421480B6CC22 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
23:40:39.0578 1980 TCPIP6 - ok
23:40:39.0583 1980 [ CCA24162E055C3714CE5A88B100C64ED ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
23:40:39.0603 1980 tcpipreg - ok
23:40:39.0633 1980 [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
23:40:39.0683 1980 TDPIPE - ok
23:40:39.0708 1980 [ 2C2C5AFE7EE4F620D69C23C0617651A8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
23:40:39.0753 1980 TDTCP - ok
23:40:39.0783 1980 [ B459575348C20E8121D6039DA063C704 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
23:40:39.0828 1980 tdx - ok
23:40:39.0838 1980 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD C:\Windows\system32\drivers\termdd.sys
23:40:39.0848 1980 TermDD - ok
23:40:39.0883 1980 [ 382C804C92811BE57829D8E550A900E2 ] TermService C:\Windows\System32\termsrv.dll
23:40:39.0908 1980 TermService - ok
23:40:39.0928 1980 [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes C:\Windows\system32\themeservice.dll
23:40:39.0938 1980 Themes - ok
23:40:39.0954 1980 [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER C:\Windows\system32\mmcss.dll
23:40:39.0969 1980 THREADORDER - ok
23:40:40.0005 1980 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks C:\Windows\System32\trkwks.dll
23:40:40.0025 1980 TrkWks - ok
23:40:40.0080 1980 [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
23:40:40.0150 1980 TrustedInstaller - ok
23:40:40.0170 1980 [ 254BB140EEE3C59D6114C1A86B636877 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
23:40:40.0210 1980 tssecsrv - ok
23:40:40.0245 1980 [ FD1D6C73E6333BE727CBCC6054247654 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
23:40:40.0300 1980 TsUsbFlt - ok
23:40:40.0340 1980 [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
23:40:40.0385 1980 tunnel - ok
23:40:40.0405 1980 [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
23:40:40.0410 1980 uagp35 - ok
23:40:40.0435 1980 [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs C:\Windows\system32\DRIVERS\udfs.sys
23:40:40.0455 1980 udfs - ok
23:40:40.0480 1980 [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
23:40:40.0520 1980 UI0Detect - ok
23:40:40.0550 1980 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
23:40:40.0570 1980 uliagpkx - ok
23:40:40.0590 1980 [ D295BED4B898F0FD999FCFA9B32B071B ] umbus C:\Windows\system32\drivers\umbus.sys
23:40:40.0605 1980 umbus - ok
23:40:40.0625 1980 [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
23:40:40.0640 1980 UmPass - ok
23:40:40.0660 1980 [ 833FBB672460EFCE8011D262175FAD33 ] upnphost C:\Windows\System32\upnphost.dll
23:40:40.0690 1980 upnphost - ok
23:40:40.0720 1980 [ EAFE1E00739AFE6C51487A050E772E17 ] USBAAPL C:\Windows\system32\Drivers\usbaapl.sys
23:40:40.0740 1980 USBAAPL - ok
23:40:40.0755 1980 [ BD9C55D7023C5DE374507ACC7A14E2AC ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
23:40:40.0770 1980 usbccgp - ok
23:40:40.0810 1980 [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir C:\Windows\system32\drivers\usbcir.sys
23:40:40.0855 1980 usbcir - ok
23:40:40.0865 1980 [ F92DE757E4B7CE9C07C5E65423F3AE3B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
23:40:40.0875 1980 usbehci - ok
23:40:40.0895 1980 [ 19999CA8E83F16D271AFC467B84718D7 ] usbfilter C:\Windows\system32\DRIVERS\usbfilter.sys
23:40:40.0905 1980 usbfilter - ok
23:40:40.0950 1980 [ 8DC94AEC6A7E644A06135AE7506DC2E9 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
23:40:40.0980 1980 usbhub - ok
23:40:40.0995 1980 [ E185D44FAC515A18D9DEDDC23C2CDF44 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
23:40:41.0005 1980 usbohci - ok
23:40:41.0015 1980 [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
23:40:41.0025 1980 usbprint - ok
23:40:41.0060 1980 [ 576096CCBC07E7C4EA4F5E6686D6888F ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
23:40:41.0070 1980 usbscan - ok
23:40:41.0080 1980 [ F991AB9CC6B908DB552166768176896A ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
23:40:41.0135 1980 USBSTOR - ok
23:40:41.0155 1980 [ 68DF884CF41CDADA664BEB01DAF67E3D ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
23:40:41.0180 1980 usbuhci - ok
23:40:41.0210 1980 [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms C:\Windows\System32\uxsms.dll
23:40:41.0240 1980 UxSms - ok
23:40:41.0250 1980 [ 81951F51E318AECC2D68559E47485CC4 ] VaultSvc C:\Windows\system32\lsass.exe
23:40:41.0260 1980 VaultSvc - ok
23:40:41.0265 1980 [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
23:40:41.0270 1980 vdrvroot - ok
23:40:41.0300 1980 [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds C:\Windows\System32\vds.exe
23:40:41.0340 1980 vds - ok
23:40:41.0360 1980 [ 17C408214EA61696CEC9C66E388B14F3 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
23:40:41.0370 1980 vga - ok
23:40:41.0370 1980 [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave C:\Windows\System32\drivers\vga.sys
23:40:41.0390 1980 VgaSave - ok
23:40:41.0405 1980 [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
23:40:41.0415 1980 vhdmp - ok
23:40:41.0425 1980 [ C829317A37B4BEA8F39735D4B076E923 ] viaagp C:\Windows\system32\drivers\viaagp.sys
23:40:41.0435 1980 viaagp - ok
23:40:41.0445 1980 [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7 C:\Windows\system32\DRIVERS\viac7.sys
23:40:41.0455 1980 ViaC7 - ok
23:40:41.0470 1980 [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide C:\Windows\system32\drivers\viaide.sys
23:40:41.0480 1980 viaide - ok
23:40:41.0485 1980 [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr C:\Windows\system32\drivers\volmgr.sys
23:40:41.0495 1980 volmgr - ok
23:40:41.0510 1980 [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
23:40:41.0525 1980 volmgrx - ok
23:40:41.0555 1980 [ F497F67932C6FA693D7DE2780631CFE7 ] volsnap C:\Windows\system32\drivers\volsnap.sys
23:40:41.0590 1980 volsnap - ok
23:40:41.0645 1980 [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
23:40:41.0700 1980 vsmraid - ok
23:40:41.0755 1980 [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS C:\Windows\system32\vssvc.exe
23:40:41.0820 1980 VSS - ok
23:40:41.0830 1980 [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
23:40:41.0840 1980 vwifibus - ok
23:40:41.0855 1980 [ 7090D3436EEB4E7DA3373090A23448F7 ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
23:40:41.0870 1980 vwififlt - ok
23:40:41.0895 1980 [ A3F04CBEA6C2A10E6CB01F8B47611882 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
23:40:41.0935 1980 vwifimp - ok
23:40:41.0960 1980 [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time C:\Windows\system32\w32time.dll
23:40:41.0990 1980 W32Time - ok
23:40:42.0010 1980 [ DE3721E89C653AA281428C8A69745D90 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
23:40:42.0030 1980 WacomPen - ok
23:40:42.0055 1980 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
23:40:42.0105 1980 WANARP - ok
23:40:42.0110 1980 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
23:40:42.0135 1980 Wanarpv6 - ok
23:40:42.0165 1980 [ 691E3285E53DCA558E1A84667F13E15A ] wbengine C:\Windows\system32\wbengine.exe
23:40:42.0250 1980 wbengine - ok
23:40:42.0265 1980 [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
23:40:42.0290 1980 WbioSrvc - ok
23:40:42.0330 1980 [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc C:\Windows\System32\wcncsvc.dll
23:40:42.0370 1980 wcncsvc - ok
23:40:42.0385 1980 [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
23:40:42.0450 1980 WcsPlugInService - ok
23:40:42.0465 1980 [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd C:\Windows\system32\DRIVERS\wd.sys
23:40:42.0480 1980 Wd - ok
23:40:42.0495 1980 [ 9950E3D0F08141C7E89E64456AE7DC73 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
23:40:42.0515 1980 Wdf01000 - ok
23:40:42.0525 1980 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost C:\Windows\system32\wdi.dll
23:40:42.0605 1980 WdiServiceHost - ok
23:40:42.0610 1980 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost C:\Windows\system32\wdi.dll
23:40:42.0625 1980 WdiSystemHost - ok
23:40:42.0655 1980 [ A9D880F97530D5B8FEE278923349929D ] WebClient C:\Windows\System32\webclnt.dll
23:40:42.0685 1980 WebClient - ok
23:40:42.0715 1980 [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc C:\Windows\system32\wecsvc.dll
23:40:42.0735 1980 Wecsvc - ok
23:40:42.0740 1980 [ AC804569BB2364FB6017370258A4091B ] wercplsupport C:\Windows\System32\wercplsupport.dll
23:40:42.0760 1980 wercplsupport - ok
23:40:42.0785 1980 [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc C:\Windows\System32\WerSvc.dll
23:40:42.0820 1980 WerSvc - ok
23:40:42.0850 1980 [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
23:40:42.0875 1980 WfpLwf - ok
23:40:42.0885 1980 [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount C:\Windows\system32\drivers\wimmount.sys
23:40:42.0895 1980 WIMMount - ok
23:40:42.0940 1980 [ 3FAE8F94296001C32EAB62CD7D82E0FD ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
23:40:42.0975 1980 WinDefend - ok
23:40:42.0980 1980 WinHttpAutoProxySvc - ok
23:40:43.0025 1980 [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
23:40:43.0095 1980 Winmgmt - ok
23:40:43.0140 1980 [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] WinRM C:\Windows\system32\WsmSvc.dll
23:40:43.0215 1980 WinRM - ok
23:40:43.0255 1980 [ A67E5F9A400F3BD1BE3D80613B45F708 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
23:40:43.0270 1980 WinUsb - ok
23:40:43.0300 1980 [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc C:\Windows\System32\wlansvc.dll
23:40:43.0335 1980 Wlansvc - ok
23:40:43.0380 1980 [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
23:40:43.0460 1980 WmiAcpi - ok
23:40:43.0485 1980 [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
23:40:43.0525 1980 wmiApSrv - ok
23:40:43.0620 1980 [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
23:40:43.0735 1980 WMPNetworkSvc - ok
23:40:43.0755 1980 [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc C:\Windows\System32\wpcsvc.dll
23:40:43.0810 1980 WPCSvc - ok
23:40:43.0845 1980 [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
23:40:43.0890 1980 WPDBusEnum - ok
23:40:43.0900 1980 [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
23:40:43.0940 1980 ws2ifsl - ok
23:40:43.0960 1980 [ 6F5D49EFE0E7164E03AE773A3FE25340 ] wscsvc C:\Windows\System32\wscsvc.dll
23:40:43.0980 1980 wscsvc - ok
23:40:43.0985 1980 WSearch - ok
23:40:44.0055 1980 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
23:40:44.0167 1980 wuauserv - ok
23:40:44.0202 1980 [ E714A1C0354636837E20CCBF00888EE7 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
23:40:44.0222 1980 WudfPf - ok
23:40:44.0247 1980 [ 1023EE888C9B47178C5293ED5336AB69 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
23:40:44.0292 1980 WUDFRd - ok
23:40:44.0307 1980 [ 8D1E1E529A2C9E9B6A85B55A345F7629 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
23:40:44.0332 1980 wudfsvc - ok
23:40:44.0352 1980 [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc C:\Windows\System32\wwansvc.dll
23:40:44.0372 1980 WwanSvc - ok
23:40:44.0412 1980 ================ Scan global ===============================
23:40:44.0462 1980 [ DAB748AE0439955ED2FA22357533DDDB ] C:\Windows\system32\basesrv.dll
23:40:44.0502 1980 [ 183B4188D5D91B271613EC3EFD1B3CEF ] C:\Windows\system32\winsrv.dll
23:40:44.0522 1980 [ 183B4188D5D91B271613EC3EFD1B3CEF ] C:\Windows\system32\winsrv.dll
23:40:44.0542 1980 [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll
23:40:44.0572 1980 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe
23:40:44.0577 1980 [Global] - ok
23:40:44.0577 1980 ================ Scan MBR ==================================
23:40:44.0592 1980 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
23:40:44.0867 1980 \Device\Harddisk0\DR0 - ok
23:40:44.0867 1980 ================ Scan VBR ==================================
23:40:44.0872 1980 [ 61650723780ABDBE6C5402CADAC946F6 ] \Device\Harddisk0\DR0\Partition1
23:40:44.0872 1980 \Device\Harddisk0\DR0\Partition1 - ok
23:40:44.0882 1980 [ 63110D2C92DA81F1278908A663007E9A ] \Device\Harddisk0\DR0\Partition2
23:40:44.0882 1980 \Device\Harddisk0\DR0\Partition2 - ok
23:40:44.0887 1980 ============================================================
23:40:44.0887 1980 Scan finished
23:40:44.0887 1980 ============================================================
23:40:44.0897 5648 Detected object count: 2
23:40:44.0897 5648 Actual detected object count: 2
23:41:02.0209 5648 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - skipped by user
23:41:02.0209 5648 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:41:02.0214 5648 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
23:41:02.0214 5648 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
Geändert von berlinessa (09.09.2012 um 22:46 Uhr) Grund: UserName gesternt |
|
10.09.2012, 16:13
| #18 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Antivir blockt mor.exe Dann bitte jetzt CF ausführen:
__________________ComboFix Ein Leitfaden und Tutorium zur Nutzung von ComboFix
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat! Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie Zitat:
__________________ |
|
13.09.2012, 20:50
| #19 |
| | Antivir blockt mor.exe hier kommt endlich das Combofix Log Code:
ATTFilter ComboFix 12-09-13.03 - *** 13.09.2012 21:28:53.1.4 - x86
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.3326.2558 [GMT 2:00]
ausgeführt von:: c:\users\***\Documents\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
FW: FireWall *Disabled* {CE40CCC0-8ADB-6D67-25A0-C5B6438E4B57}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\***\4.0
c:\users\***\4.0\.tfo4\.freemind\auto.mmfilter
c:\users\***\4.0\.tfo4\.freemind\auto.properties
c:\users\***\4.0\.tfo4\.freemind\log.0
c:\users\***\4.0\.tfo4\.freemind\log.1
c:\windows\IsUn0407.exe
c:\windows\pkunzip.pif
c:\windows\pkzip.pif
c:\windows\security\Database\tmp.edb
.
.
((((((((((((((((((((((( Dateien erstellt von 2012-08-13 bis 2012-09-13 ))))))))))))))))))))))))))))))
.
.
2012-09-13 19:38 . 2012-09-13 19:38 -------- d-----w- c:\users\***\AppData\Local\temp
2012-09-13 19:38 . 2012-09-13 19:38 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-09-12 05:24 . 2012-08-22 17:16 712048 ----a-w- c:\windows\system32\drivers\ndis.sys
2012-09-12 05:24 . 2012-07-04 19:45 33280 ----a-w- c:\windows\system32\drivers\RNDISMP.sys
2012-09-12 05:24 . 2012-08-22 17:16 1292144 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-09-12 05:24 . 2012-08-22 17:16 240496 ----a-w- c:\windows\system32\drivers\netio.sys
2012-09-12 05:24 . 2012-08-22 17:16 187760 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2012-09-12 05:24 . 2012-08-02 16:57 490496 ----a-w- c:\windows\system32\d3d10level9.dll
2012-09-07 10:14 . 2012-09-07 10:14 -------- d-----w- C:\_OTL
2012-09-05 05:04 . 2012-09-05 05:04 -------- d-----w- c:\program files\ESET
2012-09-05 01:01 . 2012-09-05 01:01 -------- d-----w- c:\program files\Common Files\Skype
2012-09-03 13:31 . 2012-09-03 13:31 -------- d-----w- c:\program files\Common Files\Java
2012-09-03 13:30 . 2012-09-03 13:30 93672 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2012-08-15 22:14 . 2012-07-06 19:23 393728 ----a-w- c:\windows\system32\drivers\bthport.sys
2012-08-15 17:58 . 2012-05-05 07:46 400896 ----a-w- c:\windows\system32\srcore.dll
2012-08-15 17:58 . 2012-07-18 17:47 2345984 ----a-w- c:\windows\system32\win32k.sys
2012-08-15 17:58 . 2012-02-11 05:43 492032 ----a-w- c:\windows\system32\win32spl.dll
2012-08-15 17:58 . 2012-02-11 05:37 317440 ----a-w- c:\windows\system32\spoolsv.exe
2012-08-15 17:58 . 2012-07-04 21:14 41984 ----a-w- c:\windows\system32\browcli.dll
2012-08-15 17:58 . 2012-07-04 21:14 102912 ----a-w- c:\windows\system32\browser.dll
2012-08-15 17:58 . 2012-05-14 04:33 769024 ----a-w- c:\windows\system32\localspl.dll
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-09-03 13:40 . 2012-05-13 08:35 696520 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-09-03 13:40 . 2011-05-14 16:39 73416 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-09-03 13:30 . 2012-07-15 20:19 821736 ----a-w- c:\windows\system32\npDeployJava1.dll
2012-09-03 13:30 . 2010-07-30 10:08 746984 ----a-w- c:\windows\system32\deployJava1.dll
2012-07-03 11:46 . 2012-02-06 21:13 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-06-18 21:42 . 2012-06-19 06:05 36000 ----a-w- c:\windows\system32\drivers\avkmgr.sys
2012-06-18 21:42 . 2012-06-19 06:05 137928 ----a-w- c:\windows\system32\drivers\avipbb.sys
2012-06-18 21:42 . 2012-06-19 06:05 91968 ----a-w- c:\windows\system32\drivers\avfwim.sys
2012-06-18 21:42 . 2012-06-19 06:05 83392 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2012-06-18 21:42 . 2012-06-19 06:05 112032 ----a-w- c:\windows\system32\drivers\avfwot.sys
2003-06-11 06:19 . 2010-06-26 14:16 16527250 ----a-w- c:\program files\PalmDesktop41SP03DEU.exe
2012-09-07 14:16 . 2012-09-07 14:16 266720 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\***\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\***\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\***\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-05-30 59280]
"ScanSnap WIA Service Checker"="c:\windows\SSDriver\fi5110\SsWiaChecker.exe" [2009-09-30 86016]
"Adobe Acrobat Speed Launcher"="c:\program files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe" [2008-06-12 37232]
"Acrobat Assistant 8.0"="c:\program files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe" [2008-06-11 640376]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2012-07-31 348664]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2012-04-18 421888]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2012-06-07 421776]
"KeePass 2 PreLoad"="c:\program files\KeePass Password Safe 2\KeePass.exe" [2012-05-01 1895424]
.
c:\users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\***\AppData\Roaming\Dropbox\bin\Dropbox.exe [2012-5-24 27112840]
EvernoteClipper.lnk - c:\program files\Evernote\Evernote\EvernoteClipper.exe [2012-8-14 1014624]
Yammer.lnk - c:\program files\Yammer\Yammer.exe [2012-2-18 142336]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
CardMinder Viewer.lnk - c:\program files\PFU\ScanSnap\CardMinder\CardLauncher.exe [2012-1-24 77824]
In PDF-Datei mit ScanSnap Organizer konvertieren.lnk - c:\program files\PFU\ScanSnap\Organizer\PfuSsOrgOcrChk.exe [2012-1-24 15360]
ScanSnap Manager.lnk - c:\program files\PFU\ScanSnap\Driver\PfuSsMon.exe [2012-1-24 1146880]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
R2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [x]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [x]
R3 gupdatem;Google Update-Dienst (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [x]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
S1 avfwot;avfwot;c:\windows\system32\DRIVERS\avfwot.sys [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 AntiVirFirewallService;Avira FireWall;c:\program files\Avira\AntiVir Desktop\avfwsvc.exe [x]
S2 AntiVirMailService;Avira Email Schutz;c:\program files\Avira\AntiVir Desktop\avmailc.exe [x]
S2 AntiVirSchedulerService;Avira Planer;c:\program files\Avira\AntiVir Desktop\sched.exe [x]
S2 AntiVirWebService;Avira Browser Schutz;c:\program files\Avira\AntiVir Desktop\AVWEBGRD.EXE [x]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atipmdag.sys [x]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]
S3 avfwim;AvFw Packet Filter Miniport;c:\windows\system32\DRIVERS\avfwim.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [x]
S3 RTL8192su;Realtek RTL8192SU Wireless LAN 802.11n USB 2.0 Network Adapter;c:\windows\system32\DRIVERS\RTL8192su.sys [x]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys [x]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
.
.
Inhalt des "geplante Tasks" Ordners
.
2012-09-13 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-13 13:40]
.
2012-09-13 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-04-14 10:18]
.
2012-09-13 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-04-14 10:18]
.
2012-09-13 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3099018591-4240011507-2240214865-1000Core.job
- c:\users\***\AppData\Local\Google\Update\GoogleUpdate.exe [2010-06-26 10:56]
.
2012-09-13 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3099018591-4240011507-2240214865-1000UA.job
- c:\users\***\AppData\Local\Google\Update\GoogleUpdate.exe [2010-06-26 10:56]
.
.
------- Zusätzlicher Suchlauf -------
.
uInternet Settings,ProxyOverride = *.local
IE: Add to Evernote 4.0 - c:\program files\Evernote\Evernote\EvernoteIE.dll/204
IE: An vorhandene PDF-Datei anfügen - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Free YouTube Download - c:\users\***\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm
IE: Free YouTube to MP3 Converter - c:\users\***\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: In Adobe PDF konvertieren - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: Linkziel an vorhandene PDF-Datei anhängen - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Linkziel in Adobe PDF konvertieren - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Nach Microsoft E&xel exportieren - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
LSP: c:\program files\Avira\AntiVir Desktop\avsda.dll
TCP: DhcpNameServer = 192.168.2.1
FF - ProfilePath - c:\users\***\AppData\Roaming\Mozilla\Firefox\Profiles\bu1cut1c.default\
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
MSConfigStartUp-HotSync - c:\program files\PalmSource\Desktop\HotSync.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2012-09-13 21:40:35
ComboFix-quarantined-files.txt 2012-09-13 19:40
.
Vor Suchlauf: 8 Verzeichnis(se), 1.228.433.219.584 Bytes frei
Nach Suchlauf: 12 Verzeichnis(se), 1.228.093.394.944 Bytes frei
.
- - End Of File - - 9F828F700AA2090F0B3ABDD7DFDCD098
|
|
14.09.2012, 14:00
| #20 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Antivir blockt mor.exe Bitte nun Logs mit GMER und OSAM erstellen und posten. GMER stürzt häufiger ab, wenn das Tool auch beim 2. Mal nicht will, lass es einfach weg und führ nur OSAM aus - die Online-Abfrage durch OSAM bitte überspringen. Bei OSAM bitte darauf auch achten, dass Du das Log auch als *.log und nicht *.html oder so abspeicherst. Hinweis: Zum Entpacken von OSAM bitte WinRAR oder 7zip verwenden! Stell auch unbedingt den Virenscanner ab, besonders der Scanner von McAfee meldet oft einen Fehalarm in OSAM! Downloade dir bitte  aswMBR.exe und speichere die Datei auf deinem Desktop.
Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none). Noch ein Hinweis: Sollte aswMBR abstürzen und es kommt eine Meldung wie "aswMBR.exe funktioniert nicht mehr, dann mach Folgendes: Starte aswMBR neu, wähle unten links im Drop-Down-Menü (unten links im Fenster von aswMBR) bei "AV scan" (none) aus und klick nochmal auf den Scan-Button.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
15.09.2012, 09:41
| #21 |
| | Antivir blockt mor.exe also, GMER ist wirklich zweimal abgestürzt, bzw. der ganze Computer ist abgestürzt, und das nachdem das Ding schon fast zwei Stunden gescannt hatte - deswegen habe ich jetzt nur die beiden anderen Logfiles... Hoffe, das genügt erstmal... OSAM Log: Code:
ATTFilter Report of OSAM: Autorun Manager v5.0.11926.0 hxxp://www.online-solutions.ru/en/ Saved at 21:11:06 on 14.09.2012 OS: Windows 7 Home Premium Edition Service Pack 1 (Build 7601), 32-bit Default Browser: Mozilla Corporation Firefox 15.0.1 Scanner Settings [x] Rootkits detection (hidden registry) [x] Rootkits detection (hidden files) [x] Retrieve files information [x] Check Microsoft signatures Filters [ ] Trusted entries [ ] Empty entries [x] Hidden registry entries (rootkit activity) [x] Exclusively opened files [x] Not found files [x] Files without detailed information [x] Existing files [ ] Non-startable services [ ] Non-startable drivers [x] Active entries [x] Disabled entries [Common] -----( %SystemRoot%\Tasks )----- "GoogleUpdateTaskMachineCore.job" - "Google Inc." - C:\Program Files\Google\Update\GoogleUpdate.exe "GoogleUpdateTaskMachineUA.job" - "Google Inc." - C:\Program Files\Google\Update\GoogleUpdate.exe "GoogleUpdateTaskUserS-1-5-21-3099018591-4240011507-2240214865-1000Core.job" - "Google Inc." - C:\Users\***\AppData\Local\Google\Update\GoogleUpdate.exe "GoogleUpdateTaskUserS-1-5-21-3099018591-4240011507-2240214865-1000UA.job" - "Google Inc." - C:\Users\***\AppData\Local\Google\Update\GoogleUpdate.exe "Adobe Flash Player Updater.job" - "Adobe Systems Incorporated" - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [Control Panel Objects] -----( %SystemRoot%\system32 )----- "FlashPlayerCPLApp.cpl" - "Adobe Systems Incorporated" - C:\Windows\system32\FlashPlayerCPLApp.cpl -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Control Panel\Cpls )----- "QuickTime" - "Apple Inc." - C:\Program Files\QuickTime\QTSystem\QuickTime.cpl [Drivers] -----( HKLM\SYSTEM\CurrentControlSet\Services )----- "avfwot" (avfwot) - "Avira GmbH" - C:\Windows\System32\DRIVERS\avfwot.sys "avgntflt" (avgntflt) - "Avira GmbH" - C:\Windows\System32\DRIVERS\avgntflt.sys "avipbb" (avipbb) - "Avira GmbH" - C:\Windows\System32\DRIVERS\avipbb.sys "avkmgr" (avkmgr) - "Avira GmbH" - C:\Windows\System32\DRIVERS\avkmgr.sys "catchme" (catchme) - ? - C:\Users\JUDITH~1\AppData\Local\Temp\catchme.sys (File not found) "cpuz132" (cpuz132) - ? - C:\Users\JUDITH~1\AppData\Local\Temp\cpuz132\cpuz132_x32.sys (File not found) "ssmdrv" (ssmdrv) - "Avira GmbH" - C:\Windows\System32\DRIVERS\ssmdrv.sys [Explorer] -----( HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )----- {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} "DropboxExt" - ? - (File not found | COM-object registry key not found) {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} "DropboxExt" - ? - (File not found | COM-object registry key not found) {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} "DropboxExt" - ? - (File not found | COM-object registry key not found) {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} "DropboxExt" - ? - (File not found | COM-object registry key not found) -----( HKLM\Software\Classes\Folder\shellex\ColumnHandlers )----- {F9DB5320-233E-11D1-9F84-707F02C10627} "PDF Shell Extension" - "Adobe Systems, Inc." - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll -----( HKLM\Software\Classes\Protocols\Filter )----- {807563E5-5146-11D5-A672-00B0D022E945} "Microsoft Office InfoPath XML Mime Filter" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL -----( HKLM\Software\Classes\Protocols\Handler )----- {314111c7-a502-11d2-bbca-00c04f8ec294} "HxProtocol Class" - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} "IEProtocolHandler Class" - "Skype Technologies" - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL {91774881-D725-4E58-B298-07617B9B86A8} "Skype IE add-on Pluggable Protocol" - "Skype Technologies S.A." - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )----- {23170F69-40C1-278A-1000-000100020000} "7-Zip Shell Extension" - "Igor Pavlov" - C:\Program Files\7-Zip\7-zip.dll {D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802} "Acrobat Elements Context Menu" - "Adobe Systems Inc." - C:\Program Files\Adobe\Acrobat 9.0\Acrobat Elements\ContextMenu.dll {872A9397-E0D6-4e28-B64D-52B8D0A7EA35} "DisplayCplExt Class" - "Advanced Micro Devices, Inc." - C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\atiamaxx.dll {5FCD4425-CA3A-48F4-A57C-B8A75C32ACB1} "iPhone" - ? - C:\Program Files\Xilisoft\iPad Magic\IPhoneExplorer.dll {B9E1D2CB-CCFF-4AA6-9579-D7A4754030EF} "iTunes" - "Apple Inc." - C:\Program Files\iTunes\iTunesMiniPlayer.dll {42042206-2D85-11D3-8CFF-005004838597} "Microsoft Office HTML Icon Handler" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\msohevi.dll {993BE281-6695-4BA5-8A2A-7AACBFAAB69E} "Microsoft Office Metadata Handler" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll {5858A72C-C2B4-4dd7-B2BF-B76DB1BD9F6C} "Microsoft Office OneNote Namespace Extension for Windows Desktop Search" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office12\ONFILTER.DLL {C41662BB-1FA0-4CE0-8DC5-9B7F8279FF97} "Microsoft Office Thumbnail Handler" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll {45AC2688-0253-4ED8-97DE-B5370FA7D48A} "Shell Extension for Malware scanning" - ? - (File not found | COM-object registry key not found) {5E2121EE-0300-11D4-8D3B-444553540000} "SimpleShlExt Class" - "Advanced Micro Devices, Inc." - C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\atiacmxx.dll [Internet Explorer] -----( HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser )----- <binary data> "Adobe PDF" - "Adobe Systems Incorporated" - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll ITBar7Height "ITBar7Height" - ? - (File not found | COM-object registry key not found) <binary data> "ITBar7Layout" - ? - (File not found | COM-object registry key not found) -----( HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units )----- {CAFEEFAC-0017-0000-0007-ABCDEFFEDCBA} "Java Plug-in 1.7.0_07" - "Oracle Corporation" - C:\Program Files\Java\jre7\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_07-windows-i586.cab {8AD9C840-044E-11D1-B3E9-00805F499D93} "Java Plug-in 10.7.2" - "Oracle Corporation" - C:\Program Files\Java\jre7\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_07-windows-i586.cab {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} "Java Plug-in 10.7.2" - "Oracle Corporation" - C:\Program Files\Java\jre7\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_07-windows-i586.cab {D27CDB6E-AE6D-11CF-96B8-444553540000} "Shockwave Flash Object" - "Adobe Systems, Inc." - C:\Windows\system32\Macromed\Flash\Flash32_11_3_300_271.ocx / hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab -----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions )----- "@C:\Program Files\Evernote\Evernote\Resource.dll,-101" - ? - res://C:\Program Files\Evernote\Evernote\EvernoteIE.dll/204 (File not found) {BC0E0A5D-AB5A-4fa4-A5FA-280E1D58EEEE} "Add to Evernote" - ? - C:\Program Files\Evernote\Evernote3.5\enbar.dll (File not found) {48E73304-E1D6-4330-914C-F5F514E3486C} "An OneNote senden" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll {0B4350D1-055F-47A3-B112-5F2F2B0D6F08} "ClsidExtension" - "Google Inc." - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll {FF059E31-CC5A-4E2E-BF3B-96E929D65503} "Research" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL {898EA8C8-E7FF-479B-8935-AEC46303B9E5} "Skype add-on for Internet Explorer" - "Skype Technologies S.A." - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll -----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar )----- <binary data> "Adobe PDF" - "Adobe Systems Incorporated" - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects )----- {AE7CD045-E861-484f-8273-0445EE161910} "Adobe PDF Conversion Toolbar Helper" - "Adobe Systems Incorporated" - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll {18DF081C-E8AD-4283-A596-FA578C2EBDC3} "Adobe PDF Link Helper" - "Adobe Systems Incorporated" - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} "Google Gears Helper" - "Google Inc." - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll {DBC80044-A445-435b-BC74-9C25C1C588A9} "Java(tm) Plug-In 2 SSV Helper" - "Oracle Corporation" - C:\Program Files\Java\jre7\bin\jp2ssv.dll {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} "Java(tm) Plug-In SSV Helper" - "Oracle Corporation" - C:\Program Files\Java\jre7\bin\ssv.dll {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} "Skype add-on for Internet Explorer" - "Skype Technologies S.A." - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll {F4971EE7-DAA0-4053-9964-665D8EE6A077} "SmartSelect Class" - "Adobe Systems Incorporated" - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [Logon] -----( %APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup )----- "desktop.ini" - ? - C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini "Dropbox.lnk" - "Dropbox, Inc." - C:\Users\***\AppData\Roaming\Dropbox\bin\Dropbox.exe (Shortcut exists | File exists) "EvernoteClipper.lnk" - "Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041" - C:\Program Files\Evernote\Evernote\EvernoteClipper.exe (Shortcut exists | File exists) "Yammer.lnk" - ? - C:\Program Files\Yammer\Yammer.exe (Shortcut exists | File found, but it contains no detailed information | File exists) -----( %AllUsersProfile%\Microsoft\Windows\Start Menu\Programs\Startup )----- "CardMinder Viewer.lnk" - "PFU LIMITED" - C:\Program Files\PFU\ScanSnap\CardMinder\CardLauncher.exe (Shortcut exists | File exists) "desktop.ini" - ? - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini "In PDF-Datei mit ScanSnap Organizer konvertieren.lnk" - "PFU LIMITED" - C:\Program Files\PFU\ScanSnap\Organizer\PfuSsOrgOcrChk.exe (Shortcut exists | File exists) "ScanSnap Manager.lnk" - "PFU LIMITED" - C:\Program Files\PFU\ScanSnap\Driver\PfuSsMon.exe (Shortcut exists | File exists) -----( HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run )----- "Google Update" - "Google Inc." - "C:\Users\***\AppData\Local\Google\Update\GoogleUpdate.exe" /c -----( HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server\Wds\rdpwd )----- "StartupPrograms" - ? - rdpclip (File not found) -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Run )----- "Acrobat Assistant 8.0" - "Adobe Systems Inc." - "C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe" "Adobe Acrobat Speed Launcher" - "Adobe Systems Incorporated" - "C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe" "Adobe ARM" - "Adobe Systems Incorporated" - "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "APSDaemon" - "Apple Inc." - "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" "avgnt" - "Avira Operations GmbH & Co. KG" - "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min "iTunesHelper" - "Apple Inc." - "C:\Program Files\iTunes\iTunesHelper.exe" "KeePass 2 PreLoad" - "Dominik Reichl" - "C:\Program Files\KeePass Password Safe 2\KeePass.exe" --preload "QuickTime Task" - "Apple Inc." - "C:\Program Files\QuickTime\QTTask.exe" -atboottime "ScanSnap WIA Service Checker" - "PFU LIMITED" - C:\Windows\SSDriver\fi5110\SsWiaChecker.exe [Print Monitors] -----( HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors )----- "Adobe PDF Port Monitor" - "Adobe Systems Inc" - C:\Windows\system32\AdobePDF.dll "Send To Microsoft OneNote Monitor" - "Microsoft Corporation" - C:\Windows\system32\msonpmon.dll "WEB.DE Fax Monitor" - "WEB.DE GmbH" - C:\Windows\system32\UIWEBMON.DLL [Services] -----( HKLM\SYSTEM\CurrentControlSet\Services )----- "Adobe Acrobat Update Service" (AdobeARMservice) - "Adobe Systems Incorporated" - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe "Adobe Flash Player Update Service" (AdobeFlashPlayerUpdateSvc) - "Adobe Systems Incorporated" - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe "Apple Mobile Device" (Apple Mobile Device) - "Apple Inc." - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe "Avira Browser Schutz" (AntiVirWebService) - "Avira Operations GmbH & Co. KG" - C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE "Avira Echtzeit Scanner" (AntiVirService) - "Avira Operations GmbH & Co. KG" - C:\Program Files\Avira\AntiVir Desktop\avguard.exe "Avira Email Schutz" (AntiVirMailService) - "Avira Operations GmbH & Co. KG" - C:\Program Files\Avira\AntiVir Desktop\avmailc.exe "Avira FireWall" (AntiVirFirewallService) - "Avira Operations GmbH & Co. KG" - C:\Program Files\Avira\AntiVir Desktop\avfwsvc.exe "Avira Planer" (AntiVirSchedulerService) - "Avira Operations GmbH & Co. KG" - C:\Program Files\Avira\AntiVir Desktop\sched.exe "Dienst "Bonjour"" (Bonjour Service) - "Apple Inc." - C:\Program Files\Bonjour\mDNSResponder.exe "FLEXnet Licensing Service" (FLEXnet Licensing Service) - "Macrovision Europe Ltd." - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe "Google Update Service (gupdate)" (gupdate) - "Google Inc." - C:\Program Files\Google\Update\GoogleUpdate.exe "Google Update-Dienst (gupdatem)" (gupdatem) - "Google Inc." - C:\Program Files\Google\Update\GoogleUpdate.exe "InstallDriver Table Manager" (IDriverT) - "Macrovision Corporation" - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe "iPod-Dienst" (iPod Service) - "Apple Inc." - C:\Program Files\iPod\bin\iPodService.exe "Microsoft .NET Framework NGEN v4.0.30319_X86" (clr_optimization_v4.0.30319_32) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe "Microsoft Office Diagnostics Service" (odserv) - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE "Mozilla Maintenance Service" (MozillaMaintenance) - "Mozilla Foundation" - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe "Office Source Engine" (ose) - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE "Skype Updater" (SkypeUpdate) - "Skype Technologies" - C:\Program Files\Skype\Updater\Updater.exe [Winsock Providers] -----( HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries )----- "mdnsNSP" - "Apple Inc." - C:\Program Files\Bonjour\mdnsNSP.dll -----( HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries )----- "AVSDA" - "Avira Operations GmbH & Co. KG" - C:\Program Files\Avira\AntiVir Desktop\avsda.dll ===[ Logfile end ]=========================================[ Logfile end ]=== If You have questions or want to get some help, You can visit hxxp://forum.online-solutions.ru Code:
ATTFilter aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-09-14 21:13:26
-----------------------------
21:13:26.901 OS Version: Windows 6.1.7601 Service Pack 1
21:13:26.901 Number of processors: 4 586 0x402
21:13:26.901 ComputerName: CHARMIANATHOME UserName: ***
21:13:46.167 Initialize success
21:14:27.722 AVAST engine defs: 12091400
21:15:02.245 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000060
21:15:02.260 Disk 0 Vendor: WDC_WD15 80.0 Size: 1430799MB BusType: 11
21:15:02.276 Disk 0 MBR read successfully
21:15:02.292 Disk 0 MBR scan
21:15:02.307 Disk 0 Windows 7 default MBR code
21:15:02.307 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
21:15:02.338 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 1430697 MB offset 206848
21:15:02.401 Disk 0 scanning sectors +2930274304
21:15:02.572 Disk 0 scanning C:\Windows\system32\drivers
21:15:11.620 Service scanning
21:15:28.671 Modules scanning
21:15:34.646 Disk 0 trace - called modules:
21:15:34.677 ntkrnlpa.exe CLASSPNP.SYS disk.sys amdxata.sys storport.sys halmacpi.dll amdsata.sys
21:15:34.693 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x864e2ac8]
21:15:34.693 3 CLASSPNP.SYS[8bfae59e] -> nt!IofCallDriver -> [0x86499730]
21:15:34.708 5 amdxata.sys[8bb807b6] -> nt!IofCallDriver -> \Device\00000060[0x86495030]
21:15:38.702 AVAST engine scan C:\Windows
21:15:41.947 AVAST engine scan C:\Windows\system32
21:17:59.898 AVAST engine scan C:\Windows\system32\drivers
21:18:11.083 AVAST engine scan C:\Users\***
09:29:28.314 AVAST engine scan C:\ProgramData
09:37:06.708 Scan finished successfully
10:29:44.572 Disk 0 MBR has been saved successfully to "C:\Users\***\Documents\Desktop\MBR.dat"
10:29:44.588 The log file has been saved successfully to "C:\Users\***\Documents\Desktop\aswMBR.txt"
|
|
15.09.2012, 14:26
| #22 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Antivir blockt mor.exe Sieht ok aus. Wir sollten fast durch sein. Mach bitte zur Kontrolle Vollscans mit Malwarebytes und SUPERAntiSpyware und poste die Logs. Denk dran beide Tools zu updaten vor dem Scan!!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
17.09.2012, 11:40
| #23 |
| | Antivir blockt mor.exe das klingt ja hoffnungsvoll... Die beiden Logs, die du haben wolltest, kommen anbei. Bei SUPERAntiSpyware habe ich die Sachen, die es gefunden hat, vom Programm löschen lassen am Schluss, nachdem es mir versichert hatte, dass es die Dinger in Quarantäne verschiebt und nicht sofort ganz löscht. Ich hoffe, das war richtig... Malwarebytes Log Code:
ATTFilter Malwarebytes Anti-Malware 1.65.0.1400 www.malwarebytes.org Datenbank Version: v2012.09.16.04 Windows 7 Service Pack 1 x86 NTFS Internet Explorer 9.0.8112.16421 *** :: CHARMIANATHOME [Administrator] 16.09.2012 13:09:55 mbam-log-2012-09-16 (13-09-55).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|) Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 531758 Laufzeit: 1 Stunde(n), 34 Minute(n), 39 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) Code:
ATTFilter SUPERAntiSpyware Scan Log
hxxp://www.superantispyware.com
Generated 09/17/2012 at 02:41 AM
Application Version : 5.5.1016
Core Rules Database Version : 9236
Trace Rules Database Version: 7048
Scan type : Complete Scan
Total Scan Time : 02:51:03
Operating System Information
Windows 7 Home Premium 32-bit, Service Pack 1 (Build 6.01.7601)
UAC On - Limited User
Memory items scanned : 710
Memory threats detected : 0
Registry items scanned : 34778
Registry threats detected : 0
File items scanned : 314323
File threats detected : 339
Adware.Tracking Cookie
C:\Users\***\AppData\Roaming\Microsoft\Windows\Cookies\judith_egger@doubleclick[1].txt [ /doubleclick ]
C:\Users\***\AppData\Roaming\Microsoft\Windows\Cookies\8NC04QIO.txt [ /c.atdmt.com ]
C:\Users\***\AppData\Roaming\Microsoft\Windows\Cookies\5PPVB64U.txt [ /atdmt.com ]
C:\USERS\***\AppData\Roaming\Microsoft\Windows\Cookies\Low\judith_egger@msnportal.112.2o7[2].txt [ Cookie:***@msnportal.112.2o7.net/ ]
C:\USERS\***\AppData\Roaming\Microsoft\Windows\Cookies\Low\78Z55L2Y.txt [ Cookie:***@c.atdmt.com/ ]
C:\USERS\***\AppData\Roaming\Microsoft\Windows\Cookies\Low\XBDBY3AI.txt [ Cookie:***@atdmt.com/ ]
C:\USERS\***\AppData\Roaming\Microsoft\Windows\Cookies\Low\SLK0TI4S.txt [ Cookie:***@specificclick.net/ ]
C:\USERS\***\AppData\Roaming\Microsoft\Windows\Cookies\Low\69AIV9IG.txt [ Cookie:***@imrworldwide.com/cgi-bin ]
C:\USERS\***\AppData\Roaming\Microsoft\Windows\Cookies\Low\PHSG3N3K.txt [ Cookie:***@invitemedia.com/ ]
C:\USERS\***\AppData\Roaming\Microsoft\Windows\Cookies\Low\5739GQ4L.txt [ Cookie:***@ad2.adfarm1.adition.com/ ]
C:\USERS\***\AppData\Roaming\Microsoft\Windows\Cookies\Low\judith_egger@traffictrack[1].txt [ Cookie:***@traffictrack.de/ ]
C:\USERS\***\AppData\Roaming\Microsoft\Windows\Cookies\Low\judith_egger@track.webtrekk[2].txt [ Cookie:***@track.webtrekk.net/223128535705246/ ]
C:\USERS\***\AppData\Roaming\Microsoft\Windows\Cookies\Low\judith_egger@track.webtrekk[1].txt [ Cookie:***@track.webtrekk.net/523478367474333/ ]
C:\USERS\***\AppData\Roaming\Microsoft\Windows\Cookies\Low\judith_egger@zanox[2].txt [ Cookie:***@zanox.com/ ]
C:\USERS\***\AppData\Roaming\Microsoft\Windows\Cookies\Low\judith_egger@mediaplex[2].txt [ Cookie:***@mediaplex.com/ ]
C:\USERS\***\AppData\Roaming\Microsoft\Windows\Cookies\Low\judith_egger@apmebf[1].txt [ Cookie:***@apmebf.com/ ]
C:\USERS\***\AppData\Roaming\Microsoft\Windows\Cookies\Low\6UL06QU9.txt [ Cookie:***@serving-sys.com/ ]
C:\USERS\***\AppData\Roaming\Microsoft\Windows\Cookies\Low\M67YY9NO.txt [ Cookie:***@media6degrees.com/ ]
C:\USERS\***\AppData\Roaming\Microsoft\Windows\Cookies\Low\4MB2L8W1.txt [ Cookie:***@adfarm1.adition.com/ ]
C:\USERS\***\AppData\Roaming\Microsoft\Windows\Cookies\Low\judith_egger@microsoftinternetexplorer.112.2o7[1].txt [ Cookie:***@microsoftinternetexplorer.112.2o7.net/ ]
C:\USERS\***\Cookies\8NC04QIO.txt [ Cookie:***@c.atdmt.com/ ]
C:\USERS\***\Cookies\5PPVB64U.txt [ Cookie:***@atdmt.com/ ]
.mediaplex.com [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.doubleclick.net [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.atdmt.com [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.bs.serving-sys.com [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.webmasterplan.com [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.webmasterplan.com [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ad.adnet.de [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
track.adform.net [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
track.adform.net [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adform.net [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zanox-affiliate.de [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
www.zanox-affiliate.de [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adfarm1.adition.com [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.atdmt.com [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.apmebf.com [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
eas.apm.emediate.eu [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
eas.apm.emediate.eu [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adfarm1.adition.com [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adtech.de [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tradedoubler.com [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adfarm1.adition.com [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adfarm1.adition.com [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adfarm1.adition.com [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad3.adfarm1.adition.com [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
adfarm1.adition.com [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.fastclick.net [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.fastclick.net [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.fastclick.net [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.apmebf.com [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ad.adnet.de [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ad.adnet.de [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
adx.chip.de [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
adx.chip.de [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
adx.chip.de [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
adx.chip.de [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
adx.chip.de [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
adx.chip.de [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
adx.chip.de [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
adx.chip.de [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
adx.chip.de [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tradedoubler.com [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zanox.com [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tradedoubler.com [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tradedoubler.com [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.traffictrack.de [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adfarm1.adition.com [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad2.adfarm1.adition.com [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adfarm1.adition.com [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.zanox.com [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\***\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
C:\USERS\***\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\JUDITH_EGGER@2O7[2].TXT [ /2O7 ]
C:\USERS\***\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\JUDITH_EGGER@AD.AD-SRV[2].TXT [ /AD.AD-SRV ]
C:\USERS\***\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\JUDITH_EGGER@TRADEDOUBLER[1].TXT [ /TRADEDOUBLER ]
C:\USERS\***\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\JUDITH_EGGER@AD.ZANOX[1].TXT [ /AD.ZANOX ]
.tribalfusion.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
.tribalfusion.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
.tribalfusion.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
.tribalfusion.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
.tribalfusion.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
track.webtrekk.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
.ad.adnet.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
.imrworldwide.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
.imrworldwide.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
.adbrite.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
.adxpose.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
.apmebf.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
.eyewonder.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
eas.apm.emediate.eu [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
.usenext.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
.mediaplex.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
.xiti.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
.112.2o7.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
.doubleclick.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
.getclicky.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
.amazon-adsystem.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
.122.2o7.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
.122.2o7.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
ads.adxvalue.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
.a.revenuemax.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
.legolas-media.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
.amazon-adsystem.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
.googleads.g.doubleclick.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
in.getclicky.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
.ad.yieldmanager.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
.yieldmanager.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
ads.adxvalue.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
ads.adxvalue.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
ads.adxvalue.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
ads.adxvalue.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
.adbrite.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
.adbrite.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
.adbrite.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
media.gan-online.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
.ad.adnet.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
.eyewonder.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
.zedo.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
.liveperson.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
.server.cpmstar.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
.ru4.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
.adnet.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
.adbrite.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
.adviva.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
.adviva.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
.socialmediatoday.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
.socialmediatoday.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
.socialmediatoday.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
.adxvalue.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
.adxvalue.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
.adxvalue.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
.adxvalue.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
.atdmt.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
.statcounter.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
.adxvalue.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
.apmebf.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
.jeetyetmedia.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
.zedo.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
.paypal.112.2o7.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
.unrulymedia.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
adx.chip.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
.mediavideoconverter.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
www.mediavideoconverter.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
.deutschepostag.112.2o7.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
.hightraffic.hugoboss.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
.overture.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
.statcounter.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
.legolas-media.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
.ads.pointroll.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
.pointroll.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
.mohg.112.2o7.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
eas.apm.emediate.eu [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
.mediaplex.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
ad.zanox.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
.dmtracker.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
www.flightstats.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
track.effiliation.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
.adviva.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
.weborama.fr [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
.lucidmedia.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
adserver.twitpic.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
s04.flagcounter.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
ad4.adfarm1.adition.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
eas.apm.emediate.eu [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
.mediaplex.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
.advertising.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
edge.jeetyetmedia.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
.at.atwola.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
.advertising.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
.advertising.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
.at.atwola.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
.tacoda.at.atwola.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
.tacoda.at.atwola.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
.at.atwola.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
.tacoda.at.atwola.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
.tacoda.at.atwola.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
.tacoda.at.atwola.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
.advertising.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
eas.apm.emediate.eu [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
track.effiliation.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
.ads.pointroll.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
.pointroll.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
.ads.pointroll.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
.ads.pointroll.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
.ads.pointroll.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
.ads.pointroll.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
.ads.pointroll.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
.ads.pointroll.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
.questionmarket.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
.questionmarket.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
eas.apm.emediate.eu [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
eas.apm.emediate.eu [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
.adnet.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
adfarm1.adition.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
.traffictrack.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
.ad.adnet.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
.ad.adnet.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
ad1.adfarm1.adition.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
media.gan-online.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
media.gan-online.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
media.gan-online.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
media.gan-online.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
.adinterax.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
.sexologicalbodywork.ch [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
.sexologicalbodywork.ch [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
.sexologicalbodywork.ch [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
ad3.adfarm1.adition.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
ad2.adfarm1.adition.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
.fastclick.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
openx.jeetyetmedia.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
statse.webtrendslive.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
.liveperson.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
.wgfinden.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
.wgfinden.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
.mediaplex.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
.bdsmhandel.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
.bdsmhandel.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
accounts.google.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
.bwr-media.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
.bwr-media.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
.marriedmansexlife.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
.marriedmansexlife.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
.acronymfinder.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
track.webstatistik-bw.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
track.webstatistik-bw.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
accounts.youtube.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
.accounts.google.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
.accounts.google.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
.liveperson.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
ad.zanox.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
cpmediaload.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
traffic.brand-wall.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
.socialentrepreneurempowerment.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
.socialentrepreneurempowerment.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
armundsexy.posterous.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
armundsexy.posterous.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
.berlinfolgen.2470media.eu [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
.berlinfolgen.2470media.eu [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
berlinfolgen.2470media.eu [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
traffic.brand-wall.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
www.entrepreneurship.info [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
www.entrepreneurship.info [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
www.entrepreneurship.info [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
.entrepreneurship.info [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
.entrepreneurship.info [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
.entrepreneurship.info [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
www.entrepreneurship.info [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
accounts.google.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
accounts.google.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
|
|
17.09.2012, 12:20
| #24 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Antivir blockt mor.exeCode:
ATTFilter UAC On - Limited User
__________________ Logfiles bitte immer in CODE-Tags posten |
|
17.09.2012, 13:25
| #25 |
| | Antivir blockt mor.exe ja, einfach per Doppelklick - ich bin nach der Anleitung vorgegangen, da war nichts Spezielles beschrieben zum Starten des Programms... oh shit - sorry... doch, da steht natürlich schon was für Windows 7 Nutzer zum Starten des Programms... Ich lass es nochmal laufen, diesmal als Administrator und poste dann das Log hier kommt jetzt also das neue SUPERAntiSpyware Log, diesmal als Administrator ausgeführt: Code:
ATTFilter SUPERAntiSpyware Scan Log
hxxp://www.superantispyware.com
Generated 09/17/2012 at 07:05 PM
Application Version : 5.5.1016
Core Rules Database Version : 9238
Trace Rules Database Version: 7050
Scan type : Complete Scan
Total Scan Time : 03:12:06
Operating System Information
Windows 7 Home Premium 32-bit, Service Pack 1 (Build 6.01.7601)
UAC On - Administrator
Memory items scanned : 807
Memory threats detected : 0
Registry items scanned : 34895
Registry threats detected : 0
File items scanned : 316001
File threats detected : 1
Adware.Tracking Cookie
accounts.google.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BU1CUT1C.DEFAULT\COOKIES.SQLITE ]
|
|
17.09.2012, 19:34
| #26 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Antivir blockt mor.exe Sieht ok aus, da wurden nur Cookies gefunden. Cookies sind keine Schädlinge direkt, aber es besteht die Gefahr der missbräuchlichen Verwendung (eindeutige Wiedererkennung zB für gezielte Werbung o.ä. => HTTP-Cookie ) Wegen Cookies und anderer Dinge im Web: Um die Pest von vornherein zu blocken (also TrackingCookies, Werbebanner etc.) müsstest du dir mal sowas wie MVPS Hosts File anschauen => Blocking Unwanted Parasites with a Hosts File - sinnvollerweise solltest du alle 4 Wochen mal bei MVPS nachsehen, ob er eine neue Hosts Datei herausgebracht hat. Ansonsten gibt es noch gute Cookiemanager, Erweiterungen für den Firefox zB wäre da CookieCuller http://filepony.de/download-cookie_culler/ Wenn du aber damit leben kannst, dich bei jeder Browsersession überall neu einzuloggen (zB Facebook, Ebay, GMX, oder auch Trojaner-Board) dann stell den Browser einfach so ein, dass einfach alles beim Beenden des Browser inkl. Cookies gelöscht wird. Ich halte es so, dass ich zum "wilden Surfen" den Opera-Browser oder Chromium unter meinem Linux verwende. Mein Hauptbrowser (Firefox) speichert nur die Cookies von den Sites die ich auch will, alles andere lehne ich manuell ab (der FF fragt mich immer) - die anderen Browser nehmen alles an Cookies zwar an, aber spätestens beim nächsten Start von Opera oder Chromium sind keine Cookies mehr da. Ist dein System nun wieder in Ordnung oder gibt's noch andere Funde oder Probleme?
__________________ Logfiles bitte immer in CODE-Tags posten |
|
17.09.2012, 19:52
| #27 |
| | Antivir blockt mor.exe Hallo Cosinus, nein, keine weiteren Funde oder Probleme :-) Ganz ganz herzlichen Dank für deine unkomplizierte und kompetente Hilfe! Und vielen Dank auch für die Tipps im Umgang mit Cookies, das werde ich mir mal alles anschauen... Eine letzte Frage noch - vermutlich sollte ich die ganzen Scanprogramme wieder deinstallieren? Und ich erinnere mich auch, dass ich bei Defogger, den ich ganz am Anfang gemacht habe, irgendwas zurückstellen muss. Gibts dabei noch irgendwas zu beachten? Ansonsten werde ich euch wärmstens weiter empfehlen und hab auch eine Spende da gelassen... Ich hoffe, ich brauche euch nicht so bald wieder, aber es ist beruhigend zu wissen, dass es euch gibt :-) Vieloen Dank nochmal Berlinessa |
|
18.09.2012, 14:40
| #28 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Antivir blockt mor.exe Dann wären wir durch!  Die Programme, die hier zum Einsatz kamen, können alle wieder runter. Mit Hilfe von OTL kannst du auch viele Tools entfernen: Starte bitte OTL und klicke auf Bereinigung. Dies wird die meisten Tools entfernen, die wir zur Bereinigung benötigt haben. Sollte etwas bestehen bleiben, bitte mit Rechtsklick --> Löschen entfernen. Malwarebytes zu behalten ist zu empfehlen. Kannst ja 1x im Monat damit einen Vollscan machen, aber immer vorher ans Update denken. Bitte abschließend die Updates prüfen, unten mein Leitfaden dazu. Um in Zukunft die Aktualität der installierten Programme besser im Überblick zu halten, kannst du zB Secunia PSI verwenden. Für noch mehr Sicherheit solltest Du nach der beseitigten Infektion auch möglichst alle Passwörter ändern. Microsoftupdate Windows XP: Besuch mit dem IE die MS-Updateseite und lass Dir alle wichtigen Updates installieren. Windows Vista/7: Anleitung Windows-Update PDF-Reader aktualisieren Ein veralteter AdobeReader stellt ein großes Sicherheitsrisiko dar. Du solltest daher besser alte Versionen vom AdobeReader über Systemsteuerung => Software bzw. Programme und Funktionen deinstallieren, indem Du dort auf "Adobe Reader x.0" klickst und das Programm entfernst. (falls du AdobeReader installiert hast) Ich empfehle einen alternativen PDF-Reader wie PDF Xchange Viewer, SumatraPDF oder Foxit PDF Reader, die sind sehr viel schlanker und flotter als der AdobeReader. Bitte überprüf bei der Gelegenheit auch die Aktualität des Flashplayers: Prüfen => Adobe - Flash Player Downloadlinks => Adobe Flash Player Distribution | Adobe Natürlich auch darauf achten, dass andere installierte Browser wie zB Firefox, Opera oder Chrome aktuell sind. Java-Update Veraltete Java-Installationen sind ein Sicherheitsrisiko, daher solltest Du die alten Versionen löschen (falls vorhanden, am besten mit JavaRa) und auf die neuste aktualisieren. Beende dazu alle Programme (v.a. die Browser), klick danach auf Start, Systemsteuerung, Software und deinstalliere darüber alle aufgelisteten Java-Versionen. Lad Dir danach von hier das aktuelle Java SE Runtime Environment (JRE) herunter und installiere es.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
18.09.2012, 20:06
| #29 |
| | Antivir blockt mor.exe super - ganz herzlichen Dank nochmal, auch für die Tipps in deinem letzten Post - die werde ich alle mal systematisch durchgehen... Keep up the good work und bis hoffentlich nicht so bald Berlinessa |
|
| Themen zu Antivir blockt mor.exe |
| 7-zip, anlage, antivir, avira, bho, bonjour, converter, desktop, error, flash player, google, home, homepage, hängen, install.exe, langs, locker, logfile, mor.exe, mp3, object, office 2007, plug-in, programm, realtek, scan, security, senden, software, svchost.exe, taskhost.exe, total commander, verweise, virus, windows, wuauclt.exe |
Linear-Darstellung
