| |
| |||||||
Log-Analyse und Auswertung: Systemcheck! Kein Verdacht! Prophilaxe!Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
10.09.2012, 22:14
| #16 |
| /// Winkelfunktion /// TB-Süch-Tiger™   |  Systemcheck! Kein Verdacht! Prophilaxe! Mach einen OTL-Fix, beende alle evtl. geöffneten Programme, auch Virenscanner deaktivieren (!), starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!) Code:
ATTFilter :OTL
FF - user.js - File not found
FF - prefs.js..browser.startup.homepage: "https://startpage.com/"
[2012/02/15 16:48:02 | 000,378,880 | ---- | M] (InfiniAd GmbH) -- C:\Program Files\mozilla firefox\plugins\npmieze.dll
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\S-1-5-21-1259771857-2446808710-1401688873-1000\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\S-1-5-21-1259771857-2446808710-1401688873-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
@Alternate Data Stream - 138 bytes -> C:\ProgramData\Temp:AB689DEA
:Files
C:\Users\unzares\AppData\Roaming\.#
C:\Users\unzares\AppData\Roaming\Ypmuzi
ipconfig /flushdns /c
:Commands
[purity]
[emptytemp]
[resethosts]
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet. Die mit diesem Script gefixten Einträge, Dateien und Ordner werden zur Sicherheit nicht vollständig gelöscht, es wird eine Sicherheitskopie auf der Systempartition im Ordner "_OTL" erstellt. Hinweis: Das obige Script ist nur für diesen einen User in dieser Situtation erstellt worden. Es ist auf keinen anderen Rechner portierbar und darf nicht anderweitig verwandt werden, da es das System nachhaltig schädigen kann!
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
11.09.2012, 15:02
| #17 |
 | Systemcheck! Kein Verdacht! Prophilaxe!Code:
ATTFilter All processes killed
========== OTL ==========
Prefs.js: "https://startpage.com/" removed from browser.startup.homepage
C:\Program Files\mozilla firefox\plugins\npmieze.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_USERS\S-1-5-21-1259771857-2446808710-1401688873-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{21FA44EF-376D-4D53-9B0F-8A89D3229068} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{21FA44EF-376D-4D53-9B0F-8A89D3229068}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\PromptOnSecureDesktop deleted successfully.
Registry value HKEY_USERS\S-1-5-21-1259771857-2446808710-1401688873-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\E&xport to Microsoft Excel\ deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!
C:\autoexec.bat moved successfully.
ADS C:\ProgramData\Temp:AB689DEA deleted successfully.
========== FILES ==========
C:\Users\unzares\AppData\Roaming\.# folder moved successfully.
C:\Users\unzares\AppData\Roaming\Ypmuzi folder moved successfully.
< ipconfig /flushdns /c >
Windows-IP-Konfiguration
Der DNS-Aufl”sungscache wurde geleert.
C:\Users\unzares\Desktop\cmd.bat deleted successfully.
C:\Users\unzares\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 121064 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 321 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: Public
User: unzares
->Temp folder emptied: 94623132 bytes
->Temporary Internet Files folder emptied: 102014261 bytes
->Java cache emptied: 57156885 bytes
->FireFox cache emptied: 194994257 bytes
->Flash cache emptied: 279127 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 132802 bytes
RecycleBin emptied: 1110305 bytes
Total Files Cleaned = 430.00 mb
C:\windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
OTL by OldTimer - Version 3.2.61.3 log created on 09112012_154710
Files\Folders moved on Reboot...
PendingFileRenameOperations files...
Registry entries deleted on Reboot...
Nach dem neustart ging ein fenster auf: "der herausgeber konnte nicht verifiziert werden. möchten sie das programm ausführen?" (der pfad war glaub: unzares/programme/desktop....) und der hintergrund war schwarz. ich hab dann auf ausführen geklickt. |
|
11.09.2012, 21:14
| #18 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Systemcheck! Kein Verdacht! Prophilaxe! Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten Anleitung und Downloadlink hier => http://www.trojaner-board.de/82358-t...entfernen.html
__________________Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm! Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet, Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten. Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition ( meistens Laufwerk C: ) nach, da speichert der TDSS-Killer seine Logs. Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten! 
__________________ |
|
12.09.2012, 17:02
| #19 |
| | Systemcheck! Kein Verdacht! Prophilaxe!Code:
ATTFilter 17:55:49.0162 1316 TDSS rootkit removing tool 2.8.8.0 Aug 24 2012 13:27:48
17:55:49.0318 1316 ============================================================
17:55:49.0318 1316 Current date / time: 2012/09/12 17:55:49.0318
17:55:49.0318 1316 SystemInfo:
17:55:49.0318 1316
17:55:49.0318 1316 OS Version: 6.1.7601 ServicePack: 1.0
17:55:49.0318 1316 Product type: Workstation
17:55:49.0318 1316 ComputerName: UNZARES-PC
17:55:49.0318 1316 UserName: unzares
17:55:49.0318 1316 Windows directory: C:\windows
17:55:49.0318 1316 System windows directory: C:\windows
17:55:49.0318 1316 Processor architecture: Intel x86
17:55:49.0318 1316 Number of processors: 2
17:55:49.0318 1316 Page size: 0x1000
17:55:49.0318 1316 Boot type: Normal boot
17:55:49.0318 1316 ============================================================
17:55:50.0550 1316 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
17:55:50.0550 1316 ============================================================
17:55:50.0550 1316 \Device\Harddisk0\DR0:
17:55:50.0550 1316 MBR partitions:
17:55:50.0550 1316 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xC800000
17:55:50.0550 1316 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xC800800, BlocksNum 0xF5BB800
17:55:50.0550 1316 ============================================================
17:55:50.0597 1316 C: <-> \Device\Harddisk0\DR0\Partition1
17:55:50.0628 1316 D: <-> \Device\Harddisk0\DR0\Partition2
17:55:50.0660 1316 ============================================================
17:55:50.0660 1316 Initialize success
17:55:50.0660 1316 ============================================================
17:56:17.0960 2492 ============================================================
17:56:17.0960 2492 Scan started
17:56:17.0960 2492 Mode: Manual; SigCheck; TDLFS;
17:56:17.0960 2492 ============================================================
17:56:19.0270 2492 ================ Scan system memory ========================
17:56:19.0270 2492 System memory - ok
17:56:19.0270 2492 ================ Scan services =============================
17:56:19.0551 2492 [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci C:\windows\system32\drivers\1394ohci.sys
17:56:19.0816 2492 1394ohci - ok
17:56:19.0894 2492 [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI C:\windows\system32\drivers\ACPI.sys
17:56:19.0925 2492 ACPI - ok
17:56:19.0972 2492 [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi C:\windows\system32\drivers\acpipmi.sys
17:56:20.0050 2492 AcpiPmi - ok
17:56:20.0128 2492 [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx C:\windows\system32\DRIVERS\adp94xx.sys
17:56:20.0175 2492 adp94xx - ok
17:56:20.0206 2492 [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci C:\windows\system32\DRIVERS\adpahci.sys
17:56:20.0253 2492 adpahci - ok
17:56:20.0269 2492 [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320 C:\windows\system32\DRIVERS\adpu320.sys
17:56:20.0300 2492 adpu320 - ok
17:56:20.0347 2492 [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc C:\windows\System32\aelupsvc.dll
17:56:20.0487 2492 AeLookupSvc - ok
17:56:20.0581 2492 [ 9EBBBA55060F786F0FCAA3893BFA2806 ] AFD C:\windows\system32\drivers\afd.sys
17:56:20.0690 2492 AFD - ok
17:56:20.0721 2492 [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440 C:\windows\system32\drivers\agp440.sys
17:56:20.0752 2492 agp440 - ok
17:56:20.0815 2492 [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx C:\windows\system32\DRIVERS\djsvs.sys
17:56:20.0846 2492 aic78xx - ok
17:56:20.0893 2492 [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG C:\windows\System32\alg.exe
17:56:20.0986 2492 ALG - ok
17:56:21.0064 2492 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide C:\windows\system32\drivers\aliide.sys
17:56:21.0095 2492 aliide - ok
17:56:21.0127 2492 [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp C:\windows\system32\drivers\amdagp.sys
17:56:21.0158 2492 amdagp - ok
17:56:21.0173 2492 [ CD5914170297126B6266860198D1D4F0 ] amdide C:\windows\system32\drivers\amdide.sys
17:56:21.0205 2492 amdide - ok
17:56:21.0267 2492 [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8 C:\windows\system32\DRIVERS\amdk8.sys
17:56:21.0329 2492 AmdK8 - ok
17:56:21.0361 2492 [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM C:\windows\system32\DRIVERS\amdppm.sys
17:56:21.0392 2492 AmdPPM - ok
17:56:21.0454 2492 [ D320BF87125326F996D4904FE24300FC ] amdsata C:\windows\system32\drivers\amdsata.sys
17:56:21.0485 2492 amdsata - ok
17:56:21.0532 2492 [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs C:\windows\system32\DRIVERS\amdsbs.sys
17:56:21.0563 2492 amdsbs - ok
17:56:21.0579 2492 [ 46387FB17B086D16DEA267D5BE23A2F2 ] amdxata C:\windows\system32\drivers\amdxata.sys
17:56:21.0610 2492 amdxata - ok
17:56:21.0719 2492 [ 466A0D95960DAD3222C896D2CEA99993 ] AntiVirSchedulerService C:\Program Files\Avira\AntiVir Desktop\sched.exe
17:56:21.0766 2492 AntiVirSchedulerService - ok
17:56:21.0797 2492 [ A489BE6BB0AA1FF406B488B60542314B ] AntiVirService C:\Program Files\Avira\AntiVir Desktop\avguard.exe
17:56:21.0829 2492 AntiVirService - ok
17:56:21.0891 2492 [ AEA177F783E20150ACE5383EE368DA19 ] AppID C:\windows\system32\drivers\appid.sys
17:56:22.0078 2492 AppID - ok
17:56:22.0125 2492 [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc C:\windows\System32\appidsvc.dll
17:56:22.0219 2492 AppIDSvc - ok
17:56:22.0265 2492 [ FB1959012294D6AD43E5304DF65E3C26 ] Appinfo C:\windows\System32\appinfo.dll
17:56:22.0359 2492 Appinfo - ok
17:56:22.0406 2492 [ 2932004F49677BD84DBC72EDB754FFB3 ] arc C:\windows\system32\DRIVERS\arc.sys
17:56:22.0437 2492 arc - ok
17:56:22.0453 2492 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas C:\windows\system32\DRIVERS\arcsas.sys
17:56:22.0484 2492 arcsas - ok
17:56:22.0609 2492 [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state C:\windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
17:56:22.0671 2492 aspnet_state - ok
17:56:22.0687 2492 [ E67493490466B5F04B58C22D2590E8CA ] AsUpIO C:\windows\system32\drivers\AsUpIO.sys
17:56:23.0077 2492 AsUpIO - ok
17:56:23.0139 2492 [ C4FB2613D3C75364BB159B9C23A00E7A ] AsusService C:\Windows\System32\AsusService.exe
17:56:23.0186 2492 AsusService ( UnsignedFile.Multi.Generic ) - warning
17:56:23.0186 2492 AsusService - detected UnsignedFile.Multi.Generic (1)
17:56:23.0233 2492 [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac C:\windows\system32\DRIVERS\asyncmac.sys
17:56:23.0404 2492 AsyncMac - ok
17:56:23.0435 2492 [ 338C86357871C167A96AB976519BF59E ] atapi C:\windows\system32\drivers\atapi.sys
17:56:23.0482 2492 atapi - ok
17:56:23.0576 2492 [ B01751CC563AECAC09BBE36AAA21FBEF ] athr C:\windows\system32\DRIVERS\athr.sys
17:56:23.0857 2492 athr - ok
17:56:23.0935 2492 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
17:56:24.0028 2492 AudioEndpointBuilder - ok
17:56:24.0106 2492 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv C:\windows\System32\Audiosrv.dll
17:56:24.0184 2492 Audiosrv - ok
17:56:24.0247 2492 [ D5541F0AFB767E85FC412FC609D96A74 ] avgntflt C:\windows\system32\DRIVERS\avgntflt.sys
17:56:24.0293 2492 avgntflt - ok
17:56:24.0418 2492 [ 7D967A682D4694DF7FA57D63A2DB01FE ] avipbb C:\windows\system32\DRIVERS\avipbb.sys
17:56:24.0465 2492 avipbb - ok
17:56:24.0512 2492 [ 53E56450DA16A1A7F0D002F511113F67 ] avkmgr C:\windows\system32\DRIVERS\avkmgr.sys
17:56:24.0527 2492 avkmgr - ok
17:56:24.0637 2492 [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV C:\windows\System32\AxInstSV.dll
17:56:24.0824 2492 AxInstSV - ok
17:56:24.0917 2492 [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv C:\windows\system32\DRIVERS\bxvbdx.sys
17:56:24.0995 2492 b06bdrv - ok
17:56:25.0058 2492 [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x C:\windows\system32\DRIVERS\b57nd60x.sys
17:56:25.0136 2492 b57nd60x - ok
17:56:25.0229 2492 [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC C:\windows\System32\bdesvc.dll
17:56:25.0323 2492 BDESVC - ok
17:56:25.0354 2492 [ 505506526A9D467307B3C393DEDAF858 ] Beep C:\windows\system32\drivers\Beep.sys
17:56:25.0448 2492 Beep - ok
17:56:25.0510 2492 [ 1E2BAC209D184BB851E1A187D8A29136 ] BFE C:\windows\System32\bfe.dll
17:56:25.0604 2492 BFE - ok
17:56:25.0651 2492 [ E585445D5021971FAE10393F0F1C3961 ] BITS C:\windows\System32\qmgr.dll
17:56:25.0744 2492 BITS - ok
17:56:25.0775 2492 [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive C:\windows\system32\DRIVERS\blbdrive.sys
17:56:25.0807 2492 blbdrive - ok
17:56:25.0853 2492 [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser C:\windows\system32\DRIVERS\bowser.sys
17:56:25.0931 2492 bowser - ok
17:56:25.0978 2492 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\windows\system32\DRIVERS\BrFiltLo.sys
17:56:26.0056 2492 BrFiltLo - ok
17:56:26.0087 2492 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\windows\system32\DRIVERS\BrFiltUp.sys
17:56:26.0134 2492 BrFiltUp - ok
17:56:26.0181 2492 [ 3DAA727B5B0A45039B0E1C9A211B8400 ] Browser C:\windows\System32\browser.dll
17:56:26.0306 2492 Browser - ok
17:56:26.0353 2492 [ 845B8CE732E67F3B4133164868C666EA ] Brserid C:\windows\System32\Drivers\Brserid.sys
17:56:26.0462 2492 Brserid - ok
17:56:26.0493 2492 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\windows\System32\Drivers\BrSerWdm.sys
17:56:26.0540 2492 BrSerWdm - ok
17:56:26.0587 2492 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\windows\System32\Drivers\BrUsbMdm.sys
17:56:26.0618 2492 BrUsbMdm - ok
17:56:26.0665 2492 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\windows\System32\Drivers\BrUsbSer.sys
17:56:26.0711 2492 BrUsbSer - ok
17:56:26.0774 2492 [ 2865A5C8E98C70C605F417908CEBB3A4 ] BthEnum C:\windows\system32\drivers\BthEnum.sys
17:56:26.0883 2492 BthEnum - ok
17:56:26.0930 2492 [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM C:\windows\system32\DRIVERS\bthmodem.sys
17:56:26.0977 2492 BTHMODEM - ok
17:56:27.0023 2492 [ AD1872E5829E8A2C3B5B4B641C3EAB0E ] BthPan C:\windows\system32\DRIVERS\bthpan.sys
17:56:27.0101 2492 BthPan - ok
17:56:27.0148 2492 [ 1153DE2E4F5941E10C399CB5592F78A1 ] BTHPORT C:\windows\System32\Drivers\BTHport.sys
17:56:27.0211 2492 BTHPORT - ok
17:56:27.0273 2492 [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv C:\windows\system32\bthserv.dll
17:56:27.0335 2492 bthserv - ok
17:56:27.0351 2492 [ C81E9413A25A439F436B1D4B6A0CF9E9 ] BTHUSB C:\windows\System32\Drivers\BTHUSB.sys
17:56:27.0398 2492 BTHUSB - ok
17:56:27.0429 2492 [ 92C5B845803F3662637EB691AC0B250F ] btusbflt C:\windows\system32\drivers\btusbflt.sys
17:56:27.0445 2492 btusbflt - ok
17:56:27.0460 2492 btwaudio - ok
17:56:27.0476 2492 btwavdt - ok
17:56:27.0507 2492 btwl2cap - ok
17:56:27.0523 2492 btwrchid - ok
17:56:27.0569 2492 [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs C:\windows\system32\DRIVERS\cdfs.sys
17:56:27.0632 2492 cdfs - ok
17:56:27.0679 2492 [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom C:\windows\system32\drivers\cdrom.sys
17:56:27.0741 2492 cdrom - ok
17:56:27.0819 2492 [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc C:\windows\System32\certprop.dll
17:56:27.0913 2492 CertPropSvc - ok
17:56:27.0959 2492 [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass C:\windows\system32\DRIVERS\circlass.sys
17:56:28.0006 2492 circlass - ok
17:56:28.0053 2492 [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS C:\windows\system32\CLFS.sys
17:56:28.0084 2492 CLFS - ok
17:56:28.0162 2492 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:56:28.0193 2492 clr_optimization_v2.0.50727_32 - ok
17:56:28.0256 2492 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:56:28.0334 2492 clr_optimization_v4.0.30319_32 - ok
17:56:28.0365 2492 [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt C:\windows\system32\DRIVERS\CmBatt.sys
17:56:28.0427 2492 CmBatt - ok
17:56:28.0443 2492 [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide C:\windows\system32\drivers\cmdide.sys
17:56:28.0474 2492 cmdide - ok
17:56:28.0521 2492 [ 247B4CE2DAB1160CD422D532D5241E1F ] CNG C:\windows\system32\Drivers\cng.sys
17:56:28.0568 2492 CNG - ok
17:56:28.0615 2492 [ A6023D3823C37043986713F118A89BEE ] Compbatt C:\windows\system32\DRIVERS\compbatt.sys
17:56:28.0661 2492 Compbatt - ok
17:56:28.0693 2492 [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus C:\windows\system32\drivers\CompositeBus.sys
17:56:28.0739 2492 CompositeBus - ok
17:56:28.0771 2492 COMSysApp - ok
17:56:28.0817 2492 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk C:\windows\system32\DRIVERS\crcdisk.sys
17:56:28.0849 2492 crcdisk - ok
17:56:28.0911 2492 [ 06E771AA596B8761107AB57E99F128D7 ] CryptSvc C:\windows\system32\cryptsvc.dll
17:56:28.0989 2492 CryptSvc - ok
17:56:29.0036 2492 [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch C:\windows\system32\rpcss.dll
17:56:29.0145 2492 DcomLaunch - ok
17:56:29.0192 2492 [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc C:\windows\System32\defragsvc.dll
17:56:29.0270 2492 defragsvc - ok
17:56:29.0317 2492 [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC C:\windows\system32\Drivers\dfsc.sys
17:56:29.0395 2492 DfsC - ok
17:56:29.0488 2492 [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp C:\windows\system32\dhcpcore.dll
17:56:29.0597 2492 Dhcp - ok
17:56:29.0629 2492 [ 1A050B0274BFB3890703D490F330C0DA ] discache C:\windows\system32\drivers\discache.sys
17:56:29.0722 2492 discache - ok
17:56:29.0769 2492 [ 565003F326F99802E68CA78F2A68E9FF ] Disk C:\windows\system32\DRIVERS\disk.sys
17:56:29.0800 2492 Disk - ok
17:56:29.0831 2492 [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache C:\windows\System32\dnsrslvr.dll
17:56:29.0909 2492 Dnscache - ok
17:56:29.0956 2492 [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc C:\windows\System32\dot3svc.dll
17:56:30.0050 2492 dot3svc - ok
17:56:30.0081 2492 [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS C:\windows\system32\dps.dll
17:56:30.0175 2492 DPS - ok
17:56:30.0221 2492 [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud C:\windows\system32\drivers\drmkaud.sys
17:56:30.0284 2492 drmkaud - ok
17:56:30.0331 2492 [ 23F5D28378A160352BA8F817BD8C71CB ] DXGKrnl C:\windows\System32\drivers\dxgkrnl.sys
17:56:30.0393 2492 DXGKrnl - ok
17:56:30.0440 2492 [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost C:\windows\System32\eapsvc.dll
17:56:30.0518 2492 EapHost - ok
17:56:30.0627 2492 [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv C:\windows\system32\DRIVERS\evbdx.sys
17:56:30.0814 2492 ebdrv - ok
17:56:30.0861 2492 [ 81951F51E318AECC2D68559E47485CC4 ] EFS C:\windows\System32\lsass.exe
17:56:30.0955 2492 EFS - ok
17:56:31.0001 2492 [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor C:\windows\system32\DRIVERS\elxstor.sys
17:56:31.0048 2492 elxstor - ok
17:56:31.0095 2492 [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev C:\windows\system32\drivers\errdev.sys
17:56:31.0126 2492 ErrDev - ok
17:56:31.0204 2492 [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem C:\windows\system32\es.dll
17:56:31.0298 2492 EventSystem - ok
17:56:31.0329 2492 [ 2DC9108D74081149CC8B651D3A26207F ] exfat C:\windows\system32\drivers\exfat.sys
17:56:31.0423 2492 exfat - ok
17:56:31.0438 2492 [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat C:\windows\system32\drivers\fastfat.sys
17:56:31.0532 2492 fastfat - ok
17:56:31.0594 2492 [ 967EA5B213E9984CBE270205DF37755B ] Fax C:\windows\system32\fxssvc.exe
17:56:31.0672 2492 Fax - ok
17:56:31.0719 2492 [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc C:\windows\system32\DRIVERS\fdc.sys
17:56:31.0766 2492 fdc - ok
17:56:31.0797 2492 [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost C:\windows\system32\fdPHost.dll
17:56:31.0875 2492 fdPHost - ok
17:56:31.0891 2492 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub C:\windows\system32\fdrespub.dll
17:56:31.0953 2492 FDResPub - ok
17:56:31.0984 2492 [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo C:\windows\system32\drivers\fileinfo.sys
17:56:32.0015 2492 FileInfo - ok
17:56:32.0047 2492 [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace C:\windows\system32\drivers\filetrace.sys
17:56:32.0125 2492 Filetrace - ok
17:56:32.0156 2492 [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk C:\windows\system32\DRIVERS\flpydisk.sys
17:56:32.0203 2492 flpydisk - ok
17:56:32.0249 2492 [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr C:\windows\system32\drivers\fltmgr.sys
17:56:32.0296 2492 FltMgr - ok
17:56:32.0374 2492 [ FA6C66E4364D7DA57AADE5DCC03BB999 ] FontCache C:\windows\system32\FntCache.dll
17:56:32.0468 2492 FontCache - ok
17:56:32.0546 2492 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
17:56:32.0561 2492 FontCache3.0.0.0 - ok
17:56:32.0593 2492 [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends C:\windows\system32\drivers\FsDepends.sys
17:56:32.0639 2492 FsDepends - ok
17:56:32.0655 2492 [ 7DAE5EBCC80E45D3253F4923DC424D05 ] Fs_Rec C:\windows\system32\drivers\Fs_Rec.sys
17:56:32.0686 2492 Fs_Rec - ok
17:56:32.0749 2492 [ 8A73E79089B282100B9393B644CB853B ] fvevol C:\windows\system32\DRIVERS\fvevol.sys
17:56:32.0795 2492 fvevol - ok
17:56:32.0827 2492 [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx C:\windows\system32\DRIVERS\gagp30kx.sys
17:56:32.0873 2492 gagp30kx - ok
17:56:32.0920 2492 [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc C:\windows\System32\gpsvc.dll
17:56:32.0998 2492 gpsvc - ok
17:56:33.0045 2492 [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir C:\windows\system32\drivers\hcw85cir.sys
17:56:33.0107 2492 hcw85cir - ok
17:56:33.0154 2492 [ A5EF29D5315111C80A5C1ABAD14C8972 ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
17:56:33.0201 2492 HdAudAddService - ok
17:56:33.0217 2492 [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus C:\windows\system32\drivers\HDAudBus.sys
17:56:33.0279 2492 HDAudBus - ok
17:56:33.0310 2492 [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt C:\windows\system32\DRIVERS\HidBatt.sys
17:56:33.0357 2492 HidBatt - ok
17:56:33.0388 2492 [ 89448F40E6DF260C206A193A4683BA78 ] HidBth C:\windows\system32\DRIVERS\hidbth.sys
17:56:33.0435 2492 HidBth - ok
17:56:33.0466 2492 [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr C:\windows\system32\DRIVERS\hidir.sys
17:56:33.0513 2492 HidIr - ok
17:56:33.0544 2492 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv C:\windows\system32\hidserv.dll
17:56:33.0638 2492 hidserv - ok
17:56:33.0700 2492 [ 25072FB35AC90B25F9E4E3BACF774102 ] HidUsb C:\windows\system32\drivers\hidusb.sys
17:56:33.0747 2492 HidUsb - ok
17:56:33.0778 2492 [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc C:\windows\system32\kmsvc.dll
17:56:33.0856 2492 hkmsvc - ok
17:56:33.0903 2492 [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\windows\system32\ListSvc.dll
17:56:33.0981 2492 HomeGroupListener - ok
17:56:34.0028 2492 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\windows\system32\provsvc.dll
17:56:34.0090 2492 HomeGroupProvider - ok
17:56:34.0137 2492 [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD C:\windows\system32\drivers\HpSAMD.sys
17:56:34.0168 2492 HpSAMD - ok
17:56:34.0231 2492 [ 871917B07A141BFF43D76D8844D48106 ] HTTP C:\windows\system32\drivers\HTTP.sys
17:56:34.0309 2492 HTTP - ok
17:56:34.0371 2492 [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy C:\windows\system32\drivers\hwpolicy.sys
17:56:34.0402 2492 hwpolicy - ok
17:56:34.0449 2492 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt C:\windows\system32\drivers\i8042prt.sys
17:56:34.0496 2492 i8042prt - ok
17:56:34.0605 2492 [ 7548066DF68A8A1A56B043359F915F37 ] IAANTMON C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
17:56:34.0652 2492 IAANTMON - ok
17:56:34.0714 2492 [ D483687EACE0C065EE772481A96E05F5 ] iaStor C:\windows\system32\DRIVERS\iaStor.sys
17:56:34.0745 2492 iaStor - ok
17:56:34.0792 2492 [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E ] iaStorV C:\windows\system32\drivers\iaStorV.sys
17:56:34.0839 2492 iaStorV - ok
17:56:34.0917 2492 [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc C:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
17:56:34.0979 2492 idsvc - ok
17:56:35.0135 2492 [ 81F7C715528AB621C6AF58869D4B07B9 ] igfx C:\windows\system32\DRIVERS\igdkmd32.sys
17:56:35.0432 2492 igfx - ok
17:56:35.0479 2492 [ 4173FF5708F3236CF25195FECD742915 ] iirsp C:\windows\system32\DRIVERS\iirsp.sys
17:56:35.0510 2492 iirsp - ok
17:56:35.0588 2492 [ F95622F161474511B8D80D6B093AA610 ] IKEEXT C:\windows\System32\ikeext.dll
17:56:35.0681 2492 IKEEXT - ok
17:56:35.0837 2492 [ DB96B8BD676BB24BD4F1DC53CA1F182C ] IntcAzAudAddService C:\windows\system32\drivers\RTKVHDA.sys
17:56:35.0962 2492 IntcAzAudAddService - ok
17:56:36.0009 2492 [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide C:\windows\system32\drivers\intelide.sys
17:56:36.0040 2492 intelide - ok
17:56:36.0071 2492 [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm C:\windows\system32\DRIVERS\intelppm.sys
17:56:36.0118 2492 intelppm - ok
17:56:36.0149 2492 [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum C:\windows\system32\ipbusenum.dll
17:56:36.0227 2492 IPBusEnum - ok
17:56:36.0243 2492 [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver C:\windows\system32\DRIVERS\ipfltdrv.sys
17:56:36.0337 2492 IpFilterDriver - ok
17:56:36.0399 2492 [ 4D65A07B795D6674312F879D09AA7663 ] iphlpsvc C:\windows\System32\iphlpsvc.dll
17:56:36.0477 2492 iphlpsvc - ok
17:56:36.0524 2492 [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV C:\windows\system32\drivers\IPMIDrv.sys
17:56:36.0571 2492 IPMIDRV - ok
17:56:36.0617 2492 [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT C:\windows\system32\drivers\ipnat.sys
17:56:36.0711 2492 IPNAT - ok
17:56:36.0727 2492 [ 42996CFF20A3084A56017B7902307E9F ] IRENUM C:\windows\system32\drivers\irenum.sys
17:56:36.0805 2492 IRENUM - ok
17:56:36.0836 2492 [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp C:\windows\system32\drivers\isapnp.sys
17:56:36.0883 2492 isapnp - ok
17:56:36.0914 2492 [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt C:\windows\system32\drivers\msiscsi.sys
17:56:36.0945 2492 iScsiPrt - ok
17:56:36.0992 2492 [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass C:\windows\system32\drivers\kbdclass.sys
17:56:37.0023 2492 kbdclass - ok
17:56:37.0039 2492 [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid C:\windows\system32\drivers\kbdhid.sys
17:56:37.0085 2492 kbdhid - ok
17:56:37.0132 2492 [ 3EB803312987FF44265C87CB960DF6AB ] kbfiltr C:\windows\system32\DRIVERS\kbfiltr.sys
17:56:37.0148 2492 kbfiltr - ok
17:56:37.0163 2492 [ 81951F51E318AECC2D68559E47485CC4 ] KeyIso C:\windows\system32\lsass.exe
17:56:37.0210 2492 KeyIso - ok
17:56:37.0241 2492 [ B7895B4182C0D16F6EFADEB8081E8D36 ] KSecDD C:\windows\system32\Drivers\ksecdd.sys
17:56:37.0288 2492 KSecDD - ok
17:56:37.0304 2492 [ D30159AC9237519FBC62C6EC247D2D46 ] KSecPkg C:\windows\system32\Drivers\ksecpkg.sys
17:56:37.0351 2492 KSecPkg - ok
17:56:37.0397 2492 [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm C:\windows\system32\msdtckrm.dll
17:56:37.0491 2492 KtmRm - ok
17:56:37.0538 2492 [ A158CEA8644B8A5C1EC0E9A81B70F65A ] L1C C:\windows\system32\DRIVERS\L1C62x86.sys
17:56:37.0569 2492 L1C - ok
17:56:37.0631 2492 [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer C:\windows\system32\srvsvc.dll
17:56:37.0725 2492 LanmanServer - ok
17:56:37.0772 2492 [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\windows\System32\wkssvc.dll
17:56:37.0865 2492 LanmanWorkstation - ok
17:56:37.0928 2492 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio C:\windows\system32\DRIVERS\lltdio.sys
17:56:38.0006 2492 lltdio - ok
17:56:38.0021 2492 [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc C:\windows\System32\lltdsvc.dll
17:56:38.0115 2492 lltdsvc - ok
17:56:38.0146 2492 [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts C:\windows\System32\lmhsvc.dll
17:56:38.0224 2492 lmhosts - ok
17:56:38.0255 2492 [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC C:\windows\system32\DRIVERS\lsi_fc.sys
17:56:38.0287 2492 LSI_FC - ok
17:56:38.0333 2492 [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS C:\windows\system32\DRIVERS\lsi_sas.sys
17:56:38.0365 2492 LSI_SAS - ok
17:56:38.0396 2492 [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2 C:\windows\system32\DRIVERS\lsi_sas2.sys
17:56:38.0427 2492 LSI_SAS2 - ok
17:56:38.0443 2492 [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI C:\windows\system32\DRIVERS\lsi_scsi.sys
17:56:38.0474 2492 LSI_SCSI - ok
17:56:38.0505 2492 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv C:\windows\system32\drivers\luafv.sys
17:56:38.0583 2492 luafv - ok
17:56:38.0614 2492 [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas C:\windows\system32\DRIVERS\megasas.sys
17:56:38.0661 2492 megasas - ok
17:56:38.0692 2492 [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR C:\windows\system32\DRIVERS\MegaSR.sys
17:56:38.0739 2492 MegaSR - ok
17:56:38.0786 2492 [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS C:\windows\system32\mmcss.dll
17:56:38.0879 2492 MMCSS - ok
17:56:38.0895 2492 [ F001861E5700EE84E2D4E52C712F4964 ] Modem C:\windows\system32\drivers\modem.sys
17:56:38.0989 2492 Modem - ok
17:56:39.0035 2492 [ 79D10964DE86B292320E9DFE02282A23 ] monitor C:\windows\system32\DRIVERS\monitor.sys
17:56:39.0098 2492 monitor - ok
17:56:39.0145 2492 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass C:\windows\system32\drivers\mouclass.sys
17:56:39.0176 2492 mouclass - ok
17:56:39.0207 2492 [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid C:\windows\system32\DRIVERS\mouhid.sys
17:56:39.0254 2492 mouhid - ok
17:56:39.0301 2492 [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr C:\windows\system32\drivers\mountmgr.sys
17:56:39.0332 2492 mountmgr - ok
17:56:39.0425 2492 [ CB8AF049AC9BE419A77ADAE288673359 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
17:56:39.0457 2492 MozillaMaintenance - ok
17:56:39.0488 2492 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio C:\windows\system32\drivers\mpio.sys
17:56:39.0535 2492 mpio - ok
17:56:39.0550 2492 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv C:\windows\system32\drivers\mpsdrv.sys
17:56:39.0628 2492 mpsdrv - ok
17:56:39.0722 2492 [ 9835584E999D25004E1EE8E5F3E3B881 ] MpsSvc C:\windows\system32\mpssvc.dll
17:56:39.0831 2492 MpsSvc - ok
17:56:39.0878 2492 [ CEB46AB7C01C9F825F8CC6BABC18166A ] MRxDAV C:\windows\system32\drivers\mrxdav.sys
17:56:39.0925 2492 MRxDAV - ok
17:56:39.0956 2492 [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb C:\windows\system32\DRIVERS\mrxsmb.sys
17:56:40.0034 2492 mrxsmb - ok
17:56:40.0065 2492 [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10 C:\windows\system32\DRIVERS\mrxsmb10.sys
17:56:40.0112 2492 mrxsmb10 - ok
17:56:40.0143 2492 [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20 C:\windows\system32\DRIVERS\mrxsmb20.sys
17:56:40.0190 2492 mrxsmb20 - ok
17:56:40.0237 2492 [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci C:\windows\system32\drivers\msahci.sys
17:56:40.0268 2492 msahci - ok
17:56:40.0299 2492 [ 55055F8AD8BE27A64C831322A780A228 ] msdsm C:\windows\system32\drivers\msdsm.sys
17:56:40.0330 2492 msdsm - ok
17:56:40.0361 2492 [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC C:\windows\System32\msdtc.exe
17:56:40.0424 2492 MSDTC - ok
17:56:40.0471 2492 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs C:\windows\system32\drivers\Msfs.sys
17:56:40.0549 2492 Msfs - ok
17:56:40.0580 2492 [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf C:\windows\System32\drivers\mshidkmdf.sys
17:56:40.0658 2492 mshidkmdf - ok
17:56:40.0705 2492 [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv C:\windows\system32\drivers\msisadrv.sys
17:56:40.0736 2492 msisadrv - ok
17:56:40.0767 2492 [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI C:\windows\system32\iscsiexe.dll
17:56:40.0861 2492 MSiSCSI - ok
17:56:40.0861 2492 msiserver - ok
17:56:40.0923 2492 [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV C:\windows\system32\drivers\MSKSSRV.sys
17:56:41.0001 2492 MSKSSRV - ok
17:56:41.0017 2492 [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK C:\windows\system32\drivers\MSPCLOCK.sys
17:56:41.0110 2492 MSPCLOCK - ok
17:56:41.0126 2492 [ F456E973590D663B1073E9C463B40932 ] MSPQM C:\windows\system32\drivers\MSPQM.sys
17:56:41.0204 2492 MSPQM - ok
17:56:41.0235 2492 [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC C:\windows\system32\drivers\MsRPC.sys
17:56:41.0282 2492 MsRPC - ok
17:56:41.0329 2492 [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios C:\windows\system32\drivers\mssmbios.sys
17:56:41.0344 2492 mssmbios - ok
17:56:41.0407 2492 [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE C:\windows\system32\drivers\MSTEE.sys
17:56:41.0485 2492 MSTEE - ok
17:56:41.0500 2492 [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig C:\windows\system32\DRIVERS\MTConfig.sys
17:56:41.0547 2492 MTConfig - ok
17:56:41.0563 2492 [ 159FAD02F64E6381758C990F753BCC80 ] Mup C:\windows\system32\Drivers\mup.sys
17:56:41.0594 2492 Mup - ok
17:56:41.0656 2492 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent C:\windows\system32\qagentRT.dll
17:56:41.0734 2492 napagent - ok
17:56:41.0797 2492 [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP C:\windows\system32\DRIVERS\nwifi.sys
17:56:41.0859 2492 NativeWifiP - ok
17:56:41.0906 2492 [ E7C54812A2AAF43316EB6930C1FFA108 ] NDIS C:\windows\system32\drivers\ndis.sys
17:56:41.0953 2492 NDIS - ok
17:56:41.0999 2492 [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap C:\windows\system32\DRIVERS\ndiscap.sys
17:56:42.0077 2492 NdisCap - ok
17:56:42.0109 2492 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi C:\windows\system32\DRIVERS\ndistapi.sys
17:56:42.0187 2492 NdisTapi - ok
17:56:42.0233 2492 [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio C:\windows\system32\DRIVERS\ndisuio.sys
17:56:42.0296 2492 Ndisuio - ok
17:56:42.0343 2492 [ 38FBE267E7E6983311179230FACB1017 ] NdisWan C:\windows\system32\DRIVERS\ndiswan.sys
17:56:42.0421 2492 NdisWan - ok
17:56:42.0467 2492 [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy C:\windows\system32\drivers\NDProxy.sys
17:56:42.0561 2492 NDProxy - ok
17:56:42.0608 2492 [ 69C503C004F49AEE8B8E3067CC047BA7 ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
17:56:42.0623 2492 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
17:56:42.0623 2492 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
17:56:42.0655 2492 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS C:\windows\system32\DRIVERS\netbios.sys
17:56:42.0733 2492 NetBIOS - ok
17:56:42.0779 2492 [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT C:\windows\system32\DRIVERS\netbt.sys
17:56:42.0857 2492 NetBT - ok
17:56:42.0889 2492 [ 81951F51E318AECC2D68559E47485CC4 ] Netlogon C:\windows\system32\lsass.exe
17:56:42.0920 2492 Netlogon - ok
17:56:42.0967 2492 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman C:\windows\System32\netman.dll
17:56:43.0060 2492 Netman - ok
17:56:43.0107 2492 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
17:56:43.0154 2492 NetMsmqActivator - ok
17:56:43.0169 2492 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
17:56:43.0201 2492 NetPipeActivator - ok
17:56:43.0232 2492 [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm C:\windows\System32\netprofm.dll
17:56:43.0341 2492 netprofm - ok
17:56:43.0341 2492 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
17:56:43.0372 2492 NetTcpActivator - ok
17:56:43.0388 2492 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
17:56:43.0419 2492 NetTcpPortSharing - ok
17:56:43.0466 2492 [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960 C:\windows\system32\DRIVERS\nfrd960.sys
17:56:43.0497 2492 nfrd960 - ok
17:56:43.0559 2492 [ 912084381D30D8B89EC4E293053F4710 ] NlaSvc C:\windows\System32\nlasvc.dll
17:56:43.0653 2492 NlaSvc - ok
17:56:43.0684 2492 [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs C:\windows\system32\drivers\Npfs.sys
17:56:43.0762 2492 Npfs - ok
17:56:43.0809 2492 [ BA387E955E890C8A88306D9B8D06BF17 ] nsi C:\windows\system32\nsisvc.dll
17:56:43.0887 2492 nsi - ok
17:56:43.0918 2492 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy C:\windows\system32\drivers\nsiproxy.sys
17:56:43.0981 2492 nsiproxy - ok
17:56:44.0059 2492 [ 81189C3D7763838E55C397759D49007A ] Ntfs C:\windows\system32\drivers\Ntfs.sys
17:56:44.0137 2492 Ntfs - ok
17:56:44.0152 2492 [ F9756A98D69098DCA8945D62858A812C ] Null C:\windows\system32\drivers\Null.sys
17:56:44.0246 2492 Null - ok
17:56:44.0277 2492 [ B3E25EE28883877076E0E1FF877D02E0 ] nvraid C:\windows\system32\drivers\nvraid.sys
17:56:44.0324 2492 nvraid - ok
17:56:44.0339 2492 [ 4380E59A170D88C4F1022EFF6719A8A4 ] nvstor C:\windows\system32\drivers\nvstor.sys
17:56:44.0386 2492 nvstor - ok
17:56:44.0433 2492 [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp C:\windows\system32\drivers\nv_agp.sys
17:56:44.0464 2492 nv_agp - ok
17:56:44.0495 2492 [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394 C:\windows\system32\drivers\ohci1394.sys
17:56:44.0542 2492 ohci1394 - ok
17:56:44.0636 2492 [ 7A56CF3E3F12E8AF599963B16F50FB6A ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
17:56:44.0698 2492 ose - ok
17:56:44.0729 2492 [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc C:\windows\system32\pnrpsvc.dll
17:56:44.0839 2492 p2pimsvc - ok
17:56:44.0901 2492 [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc C:\windows\system32\p2psvc.dll
17:56:44.0948 2492 p2psvc - ok
17:56:44.0995 2492 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport C:\windows\system32\DRIVERS\parport.sys
17:56:45.0073 2492 Parport - ok
17:56:45.0104 2492 [ 3F34A1B4C5F6475F320C275E63AFCE9B ] partmgr C:\windows\system32\drivers\partmgr.sys
17:56:45.0135 2492 partmgr - ok
17:56:45.0151 2492 [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm C:\windows\system32\DRIVERS\parvdm.sys
17:56:45.0197 2492 Parvdm - ok
17:56:45.0229 2492 [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc C:\windows\System32\pcasvc.dll
17:56:45.0291 2492 PcaSvc - ok
17:56:45.0322 2492 [ 673E55C3498EB970088E812EA820AA8F ] pci C:\windows\system32\drivers\pci.sys
17:56:45.0369 2492 pci - ok
17:56:45.0400 2492 [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide C:\windows\system32\drivers\pciide.sys
17:56:45.0431 2492 pciide - ok
17:56:45.0463 2492 [ F396431B31693E71E8A80687EF523506 ] pcmcia C:\windows\system32\DRIVERS\pcmcia.sys
17:56:45.0509 2492 pcmcia - ok
17:56:45.0525 2492 [ 250F6B43D2B613172035C6747AEEB19F ] pcw C:\windows\system32\drivers\pcw.sys
17:56:45.0556 2492 pcw - ok
17:56:45.0603 2492 [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH C:\windows\system32\drivers\peauth.sys
17:56:45.0697 2492 PEAUTH - ok
17:56:45.0806 2492 [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla C:\windows\system32\pla.dll
17:56:45.0931 2492 pla - ok
17:56:45.0977 2492 [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay C:\windows\system32\umpnpmgr.dll
17:56:46.0087 2492 PlugPlay - ok
17:56:46.0118 2492 [ 12B4549D515CB26BB8D375038017CA65 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
17:56:46.0133 2492 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
17:56:46.0133 2492 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
17:56:46.0165 2492 [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg C:\windows\system32\pnrpauto.dll
17:56:46.0211 2492 PNRPAutoReg - ok
17:56:46.0243 2492 [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc C:\windows\system32\pnrpsvc.dll
17:56:46.0289 2492 PNRPsvc - ok
17:56:46.0336 2492 [ 53946B69BA0836BD95B03759530C81EC ] PolicyAgent C:\windows\System32\ipsecsvc.dll
17:56:46.0414 2492 PolicyAgent - ok
17:56:46.0477 2492 [ F87D30E72E03D579A5199CCB3831D6EA ] Power C:\windows\system32\umpo.dll
17:56:46.0555 2492 Power - ok
17:56:46.0601 2492 [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport C:\windows\system32\DRIVERS\raspptp.sys
17:56:46.0679 2492 PptpMiniport - ok
17:56:46.0695 2492 [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor C:\windows\system32\DRIVERS\processr.sys
17:56:46.0757 2492 Processor - ok
17:56:46.0804 2492 [ CADEFAC453040E370A1BDFF3973BE00D ] ProfSvc C:\windows\system32\profsvc.dll
17:56:46.0882 2492 ProfSvc - ok
17:56:46.0898 2492 [ 81951F51E318AECC2D68559E47485CC4 ] ProtectedStorage C:\windows\system32\lsass.exe
17:56:46.0945 2492 ProtectedStorage - ok
17:56:46.0976 2492 [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched C:\windows\system32\DRIVERS\pacer.sys
17:56:47.0054 2492 Psched - ok
17:56:47.0116 2492 [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300 C:\windows\system32\DRIVERS\ql2300.sys
17:56:47.0210 2492 ql2300 - ok
17:56:47.0241 2492 [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx C:\windows\system32\DRIVERS\ql40xx.sys
17:56:47.0288 2492 ql40xx - ok
17:56:47.0319 2492 [ 31AC809E7707EB580B2BDB760390765A ] QWAVE C:\windows\system32\qwave.dll
17:56:47.0381 2492 QWAVE - ok
17:56:47.0397 2492 [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv C:\windows\system32\drivers\qwavedrv.sys
17:56:47.0444 2492 QWAVEdrv - ok
17:56:47.0459 2492 [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd C:\windows\system32\DRIVERS\rasacd.sys
17:56:47.0537 2492 RasAcd - ok
17:56:47.0584 2492 [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn C:\windows\system32\DRIVERS\AgileVpn.sys
17:56:47.0662 2492 RasAgileVpn - ok
17:56:47.0709 2492 [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto C:\windows\System32\rasauto.dll
17:56:47.0787 2492 RasAuto - ok
17:56:47.0834 2492 [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp C:\windows\system32\DRIVERS\rasl2tp.sys
17:56:47.0927 2492 Rasl2tp - ok
17:56:47.0990 2492 [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan C:\windows\System32\rasmans.dll
17:56:48.0068 2492 RasMan - ok
17:56:48.0099 2492 [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe C:\windows\system32\DRIVERS\raspppoe.sys
17:56:48.0177 2492 RasPppoe - ok
17:56:48.0208 2492 [ 44101F495A83EA6401D886E7FD70096B ] RasSstp C:\windows\system32\DRIVERS\rassstp.sys
17:56:48.0271 2492 RasSstp - ok
17:56:48.0302 2492 [ D528BC58A489409BA40334EBF96A311B ] rdbss C:\windows\system32\DRIVERS\rdbss.sys
17:56:48.0395 2492 rdbss - ok
17:56:48.0427 2492 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus C:\windows\system32\DRIVERS\rdpbus.sys
17:56:48.0473 2492 rdpbus - ok
17:56:48.0505 2492 [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD C:\windows\system32\DRIVERS\RDPCDD.sys
17:56:48.0598 2492 RDPCDD - ok
17:56:48.0629 2492 [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD C:\windows\system32\drivers\rdpencdd.sys
17:56:48.0707 2492 RDPENCDD - ok
17:56:48.0754 2492 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP C:\windows\system32\drivers\rdprefmp.sys
17:56:48.0832 2492 RDPREFMP - ok
17:56:48.0863 2492 [ F031683E6D1FEA157ABB2FF260B51E61 ] RDPWD C:\windows\system32\drivers\RDPWD.sys
17:56:48.0941 2492 RDPWD - ok
17:56:48.0988 2492 [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost C:\windows\system32\drivers\rdyboost.sys
17:56:49.0035 2492 rdyboost - ok
17:56:49.0066 2492 [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess C:\windows\System32\mprdim.dll
17:56:49.0144 2492 RemoteAccess - ok
17:56:49.0191 2492 [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry C:\windows\system32\regsvc.dll
17:56:49.0285 2492 RemoteRegistry - ok
17:56:49.0331 2492 [ CB928D9E6DAF51879DD6BA8D02F01321 ] RFCOMM C:\windows\system32\DRIVERS\rfcomm.sys
17:56:49.0363 2492 RFCOMM - ok
17:56:49.0394 2492 [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper C:\windows\System32\RpcEpMap.dll
17:56:49.0487 2492 RpcEptMapper - ok
17:56:49.0519 2492 [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator C:\windows\system32\locator.exe
17:56:49.0565 2492 RpcLocator - ok
17:56:49.0597 2492 [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs C:\windows\system32\rpcss.dll
17:56:49.0675 2492 RpcSs - ok
17:56:49.0706 2492 [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr C:\windows\system32\DRIVERS\rspndr.sys
17:56:49.0784 2492 rspndr - ok
17:56:49.0799 2492 [ 81951F51E318AECC2D68559E47485CC4 ] SamSs C:\windows\system32\lsass.exe
17:56:49.0846 2492 SamSs - ok
17:56:49.0877 2492 [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port C:\windows\system32\drivers\sbp2port.sys
17:56:49.0909 2492 sbp2port - ok
17:56:49.0940 2492 [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr C:\windows\System32\SCardSvr.dll
17:56:50.0018 2492 SCardSvr - ok
17:56:50.0049 2492 [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter C:\windows\system32\DRIVERS\scfilter.sys
17:56:50.0127 2492 scfilter - ok
17:56:50.0189 2492 [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule C:\windows\system32\schedsvc.dll
17:56:50.0283 2492 Schedule - ok
17:56:50.0299 2492 [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc C:\windows\System32\certprop.dll
17:56:50.0361 2492 SCPolicySvc - ok
17:56:50.0408 2492 [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC C:\windows\System32\SDRSVC.dll
17:56:50.0486 2492 SDRSVC - ok
17:56:50.0533 2492 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\windows\system32\drivers\secdrv.sys
17:56:50.0611 2492 secdrv - ok
17:56:50.0657 2492 [ A59B3A4442C52060CC7A85293AA3546F ] seclogon C:\windows\system32\seclogon.dll
17:56:50.0735 2492 seclogon - ok
17:56:50.0751 2492 [ DCB7FCDCC97F87360F75D77425B81737 ] SENS C:\windows\System32\sens.dll
17:56:50.0845 2492 SENS - ok
17:56:50.0860 2492 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum C:\windows\system32\DRIVERS\serenum.sys
17:56:50.0907 2492 Serenum - ok
17:56:50.0938 2492 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial C:\windows\system32\DRIVERS\serial.sys
17:56:50.0969 2492 Serial - ok
17:56:51.0001 2492 [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse C:\windows\system32\DRIVERS\sermouse.sys
17:56:51.0047 2492 sermouse - ok
17:56:51.0110 2492 [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv C:\windows\system32\sessenv.dll
17:56:51.0203 2492 SessionEnv - ok
17:56:51.0250 2492 [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk C:\windows\system32\drivers\sffdisk.sys
17:56:51.0313 2492 sffdisk - ok
17:56:51.0313 2492 [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc C:\windows\system32\drivers\sffp_mmc.sys
17:56:51.0359 2492 sffp_mmc - ok
17:56:51.0391 2492 [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd C:\windows\system32\drivers\sffp_sd.sys
17:56:51.0422 2492 sffp_sd - ok
17:56:51.0453 2492 [ DB96666CC8312EBC45032F30B007A547 ] sfloppy C:\windows\system32\DRIVERS\sfloppy.sys
17:56:51.0500 2492 sfloppy - ok
17:56:51.0547 2492 [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess C:\windows\System32\ipnathlp.dll
17:56:51.0640 2492 SharedAccess - ok
17:56:51.0687 2492 [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\windows\System32\shsvcs.dll
17:56:51.0765 2492 ShellHWDetection - ok
17:56:51.0812 2492 [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp C:\windows\system32\drivers\sisagp.sys
17:56:51.0843 2492 sisagp - ok
17:56:51.0874 2492 [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2 C:\windows\system32\DRIVERS\SiSRaid2.sys
17:56:51.0921 2492 SiSRaid2 - ok
17:56:51.0937 2492 [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4 C:\windows\system32\DRIVERS\sisraid4.sys
17:56:51.0968 2492 SiSRaid4 - ok
17:56:52.0015 2492 [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb C:\windows\system32\DRIVERS\smb.sys
17:56:52.0093 2492 Smb - ok
17:56:52.0155 2492 [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP C:\windows\System32\snmptrap.exe
17:56:52.0202 2492 SNMPTRAP - ok
17:56:52.0233 2492 [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr C:\windows\system32\drivers\spldr.sys
17:56:52.0264 2492 spldr - ok
17:56:52.0311 2492 [ 9AEA093B8F9C37CF45538382CABA2475 ] Spooler C:\windows\System32\spoolsv.exe
17:56:52.0389 2492 Spooler - ok
17:56:52.0498 2492 [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc C:\windows\system32\sppsvc.exe
17:56:52.0717 2492 sppsvc - ok
17:56:52.0763 2492 [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify C:\windows\system32\sppuinotify.dll
17:56:52.0841 2492 sppuinotify - ok
17:56:52.0873 2492 [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv C:\windows\system32\DRIVERS\srv.sys
17:56:52.0935 2492 srv - ok
17:56:52.0951 2492 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2 C:\windows\system32\DRIVERS\srv2.sys
17:56:52.0997 2492 srv2 - ok
17:56:53.0029 2492 [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet C:\windows\system32\DRIVERS\srvnet.sys
17:56:53.0075 2492 srvnet - ok
17:56:53.0107 2492 [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV C:\windows\System32\ssdpsrv.dll
17:56:53.0200 2492 SSDPSRV - ok
17:56:53.0263 2492 [ A36EE93698802CD899F98BFD553D8185 ] ssmdrv C:\windows\system32\DRIVERS\ssmdrv.sys
17:56:53.0278 2492 ssmdrv - ok
17:56:53.0309 2492 [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc C:\windows\system32\sstpsvc.dll
17:56:53.0403 2492 SstpSvc - ok
17:56:53.0419 2492 [ DB32D325C192B801DF274BFD12A7E72B ] stexstor C:\windows\system32\DRIVERS\stexstor.sys
17:56:53.0450 2492 stexstor - ok
17:56:53.0528 2492 [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc C:\windows\System32\wiaservc.dll
17:56:53.0590 2492 StiSvc - ok
17:56:53.0621 2492 [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum C:\windows\system32\drivers\swenum.sys
17:56:53.0653 2492 swenum - ok
17:56:53.0699 2492 [ A28BD92DF340E57B024BA433165D34D7 ] swprv C:\windows\System32\swprv.dll
17:56:53.0793 2492 swprv - ok
17:56:53.0855 2492 [ 8BD10DC8809DC69A1C5A795CB10ADD76 ] SynTP C:\windows\system32\DRIVERS\SynTP.sys
17:56:53.0887 2492 SynTP - ok
17:56:53.0965 2492 [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain C:\windows\system32\sysmain.dll
17:56:54.0058 2492 SysMain - ok
17:56:54.0105 2492 [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\windows\System32\TabSvc.dll
17:56:54.0183 2492 TabletInputService - ok
17:56:54.0245 2492 [ 613BF4820361543956909043A265C6AC ] TapiSrv C:\windows\System32\tapisrv.dll
17:56:54.0339 2492 TapiSrv - ok
17:56:54.0370 2492 [ B799D9FDB26111737F58288D8DC172D9 ] TBS C:\windows\System32\tbssvc.dll
17:56:54.0448 2492 TBS - ok
17:56:54.0526 2492 [ 7FA2E0F8B072BD04B77B421480B6CC22 ] Tcpip C:\windows\system32\drivers\tcpip.sys
17:56:54.0620 2492 Tcpip - ok
17:56:54.0682 2492 [ 7FA2E0F8B072BD04B77B421480B6CC22 ] TCPIP6 C:\windows\system32\DRIVERS\tcpip.sys
17:56:54.0745 2492 TCPIP6 - ok
17:56:54.0807 2492 [ CCA24162E055C3714CE5A88B100C64ED ] tcpipreg C:\windows\system32\drivers\tcpipreg.sys
17:56:54.0885 2492 tcpipreg - ok
17:56:54.0932 2492 [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE C:\windows\system32\drivers\tdpipe.sys
17:56:54.0979 2492 TDPIPE - ok
17:56:54.0979 2492 [ 2C2C5AFE7EE4F620D69C23C0617651A8 ] TDTCP C:\windows\system32\drivers\tdtcp.sys
17:56:55.0025 2492 TDTCP - ok
17:56:55.0072 2492 [ B459575348C20E8121D6039DA063C704 ] tdx C:\windows\system32\DRIVERS\tdx.sys
17:56:55.0150 2492 tdx - ok
17:56:55.0181 2492 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD C:\windows\system32\drivers\termdd.sys
17:56:55.0213 2492 TermDD - ok
17:56:55.0275 2492 [ 382C804C92811BE57829D8E550A900E2 ] TermService C:\windows\System32\termsrv.dll
17:56:55.0353 2492 TermService - ok
17:56:55.0400 2492 [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes C:\windows\system32\themeservice.dll
17:56:55.0447 2492 Themes - ok
17:56:55.0462 2492 [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER C:\windows\system32\mmcss.dll
17:56:55.0540 2492 THREADORDER - ok
17:56:55.0571 2492 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks C:\windows\System32\trkwks.dll
17:56:55.0649 2492 TrkWks - ok
17:56:55.0712 2492 [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
17:56:55.0805 2492 TrustedInstaller - ok
17:56:55.0852 2492 [ 254BB140EEE3C59D6114C1A86B636877 ] tssecsrv C:\windows\system32\DRIVERS\tssecsrv.sys
17:56:55.0946 2492 tssecsrv - ok
17:56:55.0993 2492 [ FD1D6C73E6333BE727CBCC6054247654 ] TsUsbFlt C:\windows\system32\drivers\tsusbflt.sys
17:56:56.0071 2492 TsUsbFlt - ok
17:56:56.0117 2492 [ 06473A1E8E7BDC17CC8592E493CC9B1F ] TuneUp.Defrag C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe
17:56:56.0164 2492 TuneUp.Defrag - ok
17:56:56.0242 2492 [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel C:\windows\system32\DRIVERS\tunnel.sys
17:56:56.0336 2492 tunnel - ok
17:56:56.0367 2492 [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35 C:\windows\system32\DRIVERS\uagp35.sys
17:56:56.0398 2492 uagp35 - ok
17:56:56.0429 2492 [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs C:\windows\system32\DRIVERS\udfs.sys
17:56:56.0492 2492 udfs - ok
17:56:56.0554 2492 [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect C:\windows\system32\UI0Detect.exe
17:56:56.0601 2492 UI0Detect - ok
17:56:56.0648 2492 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx C:\windows\system32\drivers\uliagpkx.sys
17:56:56.0679 2492 uliagpkx - ok
17:56:56.0726 2492 [ D295BED4B898F0FD999FCFA9B32B071B ] umbus C:\windows\system32\drivers\umbus.sys
17:56:56.0773 2492 umbus - ok
17:56:56.0804 2492 [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass C:\windows\system32\DRIVERS\umpass.sys
17:56:56.0851 2492 UmPass - ok
17:56:56.0882 2492 [ 833FBB672460EFCE8011D262175FAD33 ] upnphost C:\windows\System32\upnphost.dll
17:56:56.0991 2492 upnphost - ok
17:56:57.0022 2492 [ BD9C55D7023C5DE374507ACC7A14E2AC ] usbccgp C:\windows\system32\DRIVERS\usbccgp.sys
17:56:57.0100 2492 usbccgp - ok
17:56:57.0131 2492 [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir C:\windows\system32\drivers\usbcir.sys
17:56:57.0163 2492 usbcir - ok
17:56:57.0194 2492 [ F92DE757E4B7CE9C07C5E65423F3AE3B ] usbehci C:\windows\system32\drivers\usbehci.sys
17:56:57.0225 2492 usbehci - ok
17:56:57.0256 2492 [ 8DC94AEC6A7E644A06135AE7506DC2E9 ] usbhub C:\windows\system32\DRIVERS\usbhub.sys
17:56:57.0319 2492 usbhub - ok
17:56:57.0350 2492 [ E185D44FAC515A18D9DEDDC23C2CDF44 ] usbohci C:\windows\system32\drivers\usbohci.sys
17:56:57.0397 2492 usbohci - ok
17:56:57.0428 2492 [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint C:\windows\system32\DRIVERS\usbprint.sys
17:56:57.0475 2492 usbprint - ok
17:56:57.0490 2492 [ F991AB9CC6B908DB552166768176896A ] USBSTOR C:\windows\system32\DRIVERS\USBSTOR.SYS
17:56:57.0568 2492 USBSTOR - ok
17:56:57.0584 2492 [ 68DF884CF41CDADA664BEB01DAF67E3D ] usbuhci C:\windows\system32\drivers\usbuhci.sys
17:56:57.0646 2492 usbuhci - ok
17:56:57.0677 2492 [ 45F4E7BF43DB40A6C6B4D92C76CBC3F2 ] usbvideo C:\windows\System32\Drivers\usbvideo.sys
17:56:57.0740 2492 usbvideo - ok
17:56:57.0787 2492 [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms C:\windows\System32\uxsms.dll
17:56:57.0849 2492 UxSms - ok
17:56:57.0880 2492 [ 81951F51E318AECC2D68559E47485CC4 ] VaultSvc C:\windows\system32\lsass.exe
17:56:57.0911 2492 VaultSvc - ok
17:56:57.0974 2492 [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot C:\windows\system32\drivers\vdrvroot.sys
17:56:58.0005 2492 vdrvroot - ok
17:56:58.0067 2492 [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds C:\windows\System32\vds.exe
17:56:58.0161 2492 vds - ok
17:56:58.0208 2492 [ 17C408214EA61696CEC9C66E388B14F3 ] vga C:\windows\system32\DRIVERS\vgapnp.sys
17:56:58.0270 2492 vga - ok
17:56:58.0301 2492 [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave C:\windows\System32\drivers\vga.sys
17:56:58.0379 2492 VgaSave - ok
17:56:58.0426 2492 [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp C:\windows\system32\drivers\vhdmp.sys
17:56:58.0457 2492 vhdmp - ok
17:56:58.0473 2492 [ C829317A37B4BEA8F39735D4B076E923 ] viaagp C:\windows\system32\drivers\viaagp.sys
17:56:58.0504 2492 viaagp - ok
17:56:58.0551 2492 [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7 C:\windows\system32\DRIVERS\viac7.sys
17:56:58.0598 2492 ViaC7 - ok
17:56:58.0629 2492 [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide C:\windows\system32\drivers\viaide.sys
17:56:58.0660 2492 viaide - ok
17:56:58.0676 2492 [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr C:\windows\system32\drivers\volmgr.sys
17:56:58.0707 2492 volmgr - ok
17:56:58.0738 2492 [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx C:\windows\system32\drivers\volmgrx.sys
17:56:58.0785 2492 volmgrx - ok
17:56:58.0832 2492 [ F497F67932C6FA693D7DE2780631CFE7 ] volsnap C:\windows\system32\drivers\volsnap.sys
17:56:58.0863 2492 volsnap - ok
17:56:58.0910 2492 [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid C:\windows\system32\DRIVERS\vsmraid.sys
17:56:58.0957 2492 vsmraid - ok
17:56:59.0019 2492 [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS C:\windows\system32\vssvc.exe
17:56:59.0159 2492 VSS - ok
17:56:59.0191 2492 [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus C:\windows\system32\DRIVERS\vwifibus.sys
17:56:59.0237 2492 vwifibus - ok
17:56:59.0269 2492 [ 7090D3436EEB4E7DA3373090A23448F7 ] vwififlt C:\windows\system32\DRIVERS\vwififlt.sys
17:56:59.0315 2492 vwififlt - ok
17:56:59.0362 2492 [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time C:\windows\system32\w32time.dll
17:56:59.0471 2492 W32Time - ok
17:56:59.0518 2492 [ DE3721E89C653AA281428C8A69745D90 ] WacomPen C:\windows\system32\DRIVERS\wacompen.sys
17:56:59.0549 2492 WacomPen - ok
17:56:59.0612 2492 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP C:\windows\system32\DRIVERS\wanarp.sys
17:56:59.0690 2492 WANARP - ok
17:56:59.0705 2492 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6 C:\windows\system32\DRIVERS\wanarp.sys
17:56:59.0783 2492 Wanarpv6 - ok
17:56:59.0846 2492 [ 691E3285E53DCA558E1A84667F13E15A ] wbengine C:\windows\system32\wbengine.exe
17:57:00.0002 2492 wbengine - ok
17:57:00.0064 2492 [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc C:\windows\System32\wbiosrvc.dll
17:57:00.0127 2492 WbioSrvc - ok
17:57:00.0189 2492 [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc C:\windows\System32\wcncsvc.dll
17:57:00.0251 2492 wcncsvc - ok
17:57:00.0283 2492 [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
17:57:00.0329 2492 WcsPlugInService - ok
17:57:00.0376 2492 [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd C:\windows\system32\DRIVERS\wd.sys
17:57:00.0407 2492 Wd - ok
17:57:00.0439 2492 [ 9950E3D0F08141C7E89E64456AE7DC73 ] Wdf01000 C:\windows\system32\drivers\Wdf01000.sys
17:57:00.0485 2492 Wdf01000 - ok
17:57:00.0532 2492 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost C:\windows\system32\wdi.dll
17:57:00.0626 2492 WdiServiceHost - ok
17:57:00.0641 2492 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost C:\windows\system32\wdi.dll
17:57:00.0688 2492 WdiSystemHost - ok
17:57:00.0735 2492 [ A9D880F97530D5B8FEE278923349929D ] WebClient C:\windows\System32\webclnt.dll
17:57:00.0797 2492 WebClient - ok
17:57:00.0844 2492 [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc C:\windows\system32\wecsvc.dll
17:57:00.0938 2492 Wecsvc - ok
17:57:00.0953 2492 [ AC804569BB2364FB6017370258A4091B ] wercplsupport C:\windows\System32\wercplsupport.dll
17:57:01.0031 2492 wercplsupport - ok
17:57:01.0063 2492 [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc C:\windows\System32\WerSvc.dll
17:57:01.0156 2492 WerSvc - ok
17:57:01.0187 2492 [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf C:\windows\system32\DRIVERS\wfplwf.sys
17:57:01.0265 2492 WfpLwf - ok
17:57:01.0297 2492 [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount C:\windows\system32\drivers\wimmount.sys
17:57:01.0328 2492 WIMMount - ok
17:57:01.0406 2492 [ 3FAE8F94296001C32EAB62CD7D82E0FD ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
17:57:01.0484 2492 WinDefend - ok
17:57:01.0499 2492 WinHttpAutoProxySvc - ok
17:57:01.0577 2492 [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt C:\windows\system32\wbem\WMIsvc.dll
17:57:01.0640 2492 Winmgmt - ok
17:57:01.0718 2492 [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] WinRM C:\windows\system32\WsmSvc.dll
17:57:01.0827 2492 WinRM - ok
17:57:01.0936 2492 [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc C:\windows\System32\wlansvc.dll
17:57:02.0014 2492 Wlansvc - ok
17:57:02.0045 2492 [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi C:\windows\system32\drivers\wmiacpi.sys
17:57:02.0092 2492 WmiAcpi - ok
17:57:02.0139 2492 [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv C:\windows\system32\wbem\WmiApSrv.exe
17:57:02.0201 2492 wmiApSrv - ok
17:57:02.0279 2492 [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
17:57:02.0373 2492 WMPNetworkSvc - ok
17:57:02.0404 2492 [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc C:\windows\System32\wpcsvc.dll
17:57:02.0467 2492 WPCSvc - ok
17:57:02.0513 2492 [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum C:\windows\system32\wpdbusenum.dll
17:57:02.0591 2492 WPDBusEnum - ok
17:57:02.0623 2492 [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl C:\windows\system32\drivers\ws2ifsl.sys
17:57:02.0716 2492 ws2ifsl - ok
17:57:02.0747 2492 [ 6F5D49EFE0E7164E03AE773A3FE25340 ] wscsvc C:\windows\System32\wscsvc.dll
17:57:02.0810 2492 wscsvc - ok
17:57:02.0825 2492 WSearch - ok
17:57:02.0919 2492 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\windows\system32\wuaueng.dll
17:57:03.0044 2492 wuauserv - ok
17:57:03.0091 2492 [ E714A1C0354636837E20CCBF00888EE7 ] WudfPf C:\windows\system32\drivers\WudfPf.sys
17:57:03.0184 2492 WudfPf - ok
17:57:03.0215 2492 [ 1023EE888C9B47178C5293ED5336AB69 ] WUDFRd C:\windows\system32\DRIVERS\WUDFRd.sys
17:57:03.0293 2492 WUDFRd - ok
17:57:03.0356 2492 [ 8D1E1E529A2C9E9B6A85B55A345F7629 ] wudfsvc C:\windows\System32\WUDFSvc.dll
17:57:03.0434 2492 wudfsvc - ok
17:57:03.0465 2492 [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc C:\windows\System32\wwansvc.dll
17:57:03.0527 2492 WwanSvc - ok
17:57:03.0574 2492 ================ Scan global ===============================
17:57:03.0605 2492 [ DAB748AE0439955ED2FA22357533DDDB ] C:\windows\system32\basesrv.dll
17:57:03.0652 2492 [ 183B4188D5D91B271613EC3EFD1B3CEF ] C:\windows\system32\winsrv.dll
17:57:03.0668 2492 [ 183B4188D5D91B271613EC3EFD1B3CEF ] C:\windows\system32\winsrv.dll
17:57:03.0699 2492 [ 364455805E64882844EE9ACB72522830 ] C:\windows\system32\sxssrv.dll
17:57:03.0746 2492 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\windows\system32\services.exe
17:57:03.0746 2492 [Global] - ok
17:57:03.0761 2492 ================ Scan MBR ==================================
17:57:03.0777 2492 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
17:57:04.0089 2492 \Device\Harddisk0\DR0 - ok
17:57:04.0089 2492 ================ Scan VBR ==================================
17:57:04.0105 2492 [ C35AE5C87D99CC6E95E030C93C69B525 ] \Device\Harddisk0\DR0\Partition1
17:57:04.0120 2492 \Device\Harddisk0\DR0\Partition1 - ok
17:57:04.0151 2492 [ FC2C98DD2EC94A43BC19445F1C0DC14D ] \Device\Harddisk0\DR0\Partition2
17:57:04.0151 2492 \Device\Harddisk0\DR0\Partition2 - ok
17:57:04.0151 2492 ============================================================
17:57:04.0151 2492 Scan finished
17:57:04.0151 2492 ============================================================
17:57:04.0183 2792 Detected object count: 3
17:57:04.0183 2792 Actual detected object count: 3
17:57:36.0568 2792 AsusService ( UnsignedFile.Multi.Generic ) - skipped by user
17:57:36.0568 2792 AsusService ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:57:36.0568 2792 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
17:57:36.0568 2792 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:57:36.0568 2792 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
17:57:36.0568 2792 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
|
|
12.09.2012, 20:14
| #20 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Systemcheck! Kein Verdacht! Prophilaxe! Dann bitte jetzt CF ausführen: ComboFix Ein Leitfaden und Tutorium zur Nutzung von ComboFix
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat! Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie Zitat:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
12.09.2012, 21:17
| #21 |
| | Systemcheck! Kein Verdacht! Prophilaxe! Combofix Logfile: Code:
ATTFilter ComboFix 12-09-12.03 - unzares 12.09.2012 21:57:03.1.2 - x86
Microsoft Windows 7 Starter 6.1.7601.1.1252.49.1031.18.1014.383 [GMT 2:00]
ausgeführt von:: c:\users\unzares\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\FullRemove.exe
.
.
((((((((((((((((((((((( Dateien erstellt von 2012-08-12 bis 2012-09-12 ))))))))))))))))))))))))))))))
.
.
2012-09-12 20:09 . 2012-09-12 20:09 -------- d-----w- c:\users\unzares\AppData\Local\temp
2012-09-12 20:09 . 2012-09-12 20:09 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-09-11 13:59 . 2012-08-23 07:15 7022536 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{71750FEF-BF02-4D3D-9FD4-106BE6A5936D}\mpengine.dll
2012-09-11 13:47 . 2012-09-11 13:47 -------- d-----w- C:\_OTL
2012-09-05 11:03 . 2012-09-05 11:03 -------- d-----w- c:\program files\ESET
2012-08-20 17:54 . 2012-07-06 19:23 393728 ----a-w- c:\windows\system32\drivers\bthport.sys
2012-08-15 16:47 . 2012-05-05 07:46 400896 ----a-w- c:\windows\system32\srcore.dll
2012-08-15 16:47 . 2012-07-18 17:47 2345984 ----a-w- c:\windows\system32\win32k.sys
2012-08-15 16:47 . 2012-02-11 05:43 492032 ----a-w- c:\windows\system32\win32spl.dll
2012-08-15 16:47 . 2012-02-11 05:37 317440 ----a-w- c:\windows\system32\spoolsv.exe
2012-08-15 16:47 . 2012-07-04 21:14 102912 ----a-w- c:\windows\system32\browser.dll
2012-08-15 16:47 . 2012-07-04 21:14 41984 ----a-w- c:\windows\system32\browcli.dll
2012-08-15 16:47 . 2012-05-14 04:33 769024 ----a-w- c:\windows\system32\localspl.dll
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-08-01 18:55 . 2009-07-14 02:05 152576 ----a-w- c:\windows\system32\msclmd.dll
2012-08-01 13:00 . 2012-08-01 13:00 74752 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2012-08-01 13:00 . 2012-08-01 13:00 86528 ----a-w- c:\windows\system32\iesysprep.dll
2012-08-01 13:00 . 2012-08-01 13:00 76800 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2012-08-01 13:00 . 2012-08-01 13:00 48640 ----a-w- c:\windows\system32\mshtmler.dll
2012-08-01 13:00 . 2012-08-01 13:00 161792 ----a-w- c:\windows\system32\msls31.dll
2012-08-01 13:00 . 2012-08-01 13:00 110592 ----a-w- c:\windows\system32\IEAdvpack.dll
2012-08-01 13:00 . 2012-08-01 13:00 74752 ----a-w- c:\windows\system32\iesetup.dll
2012-08-01 13:00 . 2012-08-01 13:00 63488 ----a-w- c:\windows\system32\tdc.ocx
2012-08-01 13:00 . 2012-08-01 13:00 420864 ----a-w- c:\windows\system32\vbscript.dll
2012-08-01 13:00 . 2012-08-01 13:00 367104 ----a-w- c:\windows\system32\html.iec
2012-08-01 13:00 . 2012-08-01 13:00 23552 ----a-w- c:\windows\system32\licmgr10.dll
2012-08-01 13:00 . 2012-08-01 13:00 152064 ----a-w- c:\windows\system32\wextract.exe
2012-08-01 13:00 . 2012-08-01 13:00 150528 ----a-w- c:\windows\system32\iexpress.exe
2012-08-01 13:00 . 2012-08-01 13:00 11776 ----a-w- c:\windows\system32\mshta.exe
2012-08-01 13:00 . 2012-08-01 13:00 101888 ----a-w- c:\windows\system32\admparse.dll
2012-08-01 13:00 . 2012-08-01 13:00 35840 ----a-w- c:\windows\system32\imgutil.dll
2012-07-03 11:46 . 2012-08-12 19:17 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-06-25 14:04 . 2012-06-25 14:04 1394248 ----a-w- c:\windows\system32\msxml4.dll
2012-06-22 14:32 . 2012-07-28 10:29 405144 ----a-w- c:\windows\system32\Newtonsoft.Json.Net20.dll
2012-09-07 20:54 . 2012-09-07 20:54 266720 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-06-05 186904]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2009-07-20 1545512]
"HotkeyMon"="AsusSender.exe" [2009-09-11 33768]
"HotkeyService"="AsusSender.exe" [2009-09-11 33768]
"SuperHybridEngine"="AsusSender.exe" [2009-09-11 33768]
"SynAsusAcpi"="c:\program files\Synaptics\SynTP\SynAsusAcpi.exe" [2009-07-20 83240]
"ASUS Screen Saver Protector"="c:\windows\AsScrPro.exe" [2010-01-06 3058304]
"UCam_Menu"="c:\program files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-10-05 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-10-05 173592]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-10-05 150552]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2009-09-29 7744032]
"ASUSPRP"="c:\program files\ASUS\APRP\APRP.EXE" [2010-01-06 2018032]
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2012-08-13 348664]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe"
.
R2 AsusService;Asus Launcher Service;c:\windows\System32\AsusService.exe [x]
R3 btusbflt;Bluetooth USB Filter;c:\windows\system32\drivers\btusbflt.sys [x]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [x]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
S1 AsUpIO;AsUpIO;c:\windows\system32\drivers\AsUpIO.sys [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AntiVirSchedulerService;Avira Planer;c:\program files\Avira\AntiVir Desktop\sched.exe [x]
S3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20);c:\windows\system32\DRIVERS\L1C62x86.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - 40705430
*Deregistered* - 40705430
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr TBS FontCache fdrespub AppIDSvc QWAVE wcncsvc
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.google.de/
IE: Free YouTube to MP3 Converter - c:\users\unzares\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
TCP: DhcpNameServer = 192.168.0.1
FF - ProfilePath - c:\users\unzares\AppData\Roaming\Mozilla\Firefox\Profiles\wqs11u8d.default\
FF - prefs.js: browser.search.selectedEngine - Yahoo
FF - prefs.js: network.proxy.type - 0
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2012-09-12 22:14:26
ComboFix-quarantined-files.txt 2012-09-12 20:14
.
Vor Suchlauf: 9 Verzeichnis(se), 79.288.664.064 Bytes frei
Nach Suchlauf: 14 Verzeichnis(se), 79.197.446.144 Bytes frei
.
- - End Of File - - E8B7C7E25285C9AECB8919FB24B9CE1D
|
|
13.09.2012, 15:18
| #22 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Systemcheck! Kein Verdacht! Prophilaxe! Bitte nun Logs mit GMER und OSAM erstellen und posten. GMER stürzt häufiger ab, wenn das Tool auch beim 2. Mal nicht will, lass es einfach weg und führ nur OSAM aus - die Online-Abfrage durch OSAM bitte überspringen. Bei OSAM bitte darauf auch achten, dass Du das Log auch als *.log und nicht *.html oder so abspeicherst. Hinweis: Zum Entpacken von OSAM bitte WinRAR oder 7zip verwenden! Stell auch unbedingt den Virenscanner ab, besonders der Scanner von McAfee meldet oft einen Fehalarm in OSAM! Downloade dir bitte  aswMBR.exe und speichere die Datei auf deinem Desktop.
Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none). Noch ein Hinweis: Sollte aswMBR abstürzen und es kommt eine Meldung wie "aswMBR.exe funktioniert nicht mehr, dann mach Folgendes: Starte aswMBR neu, wähle unten links im Drop-Down-Menü (unten links im Fenster von aswMBR) bei "AV scan" (none) aus und klick nochmal auf den Scan-Button.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
17.09.2012, 16:34
| #23 |
| | Systemcheck! Kein Verdacht! Prophilaxe!Code:
ATTFilter GMER 1.0.15.15641 - hxxp://www.gmer.net
Rootkit scan 2012-09-17 17:27:24
Windows 6.1.7601 Service Pack 1 Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0 Hitachi_ rev.PB2O
Running: tvo31zbs.exe; Driver: C:\Users\unzares\AppData\Local\Temp\kwtiafow.sys
---- System - GMER 1.0.15 ----
SSDT 89D90DBE ZwCreateSection
SSDT 89D90DC8 ZwRequestWaitReplyPort
SSDT 89D90DC3 ZwSetContextThread
SSDT 89D90DCD ZwSetSecurityObject
SSDT 89D90DD2 ZwSystemDebugControl
SSDT 89D90D5F ZwTerminateProcess
---- Kernel code sections - GMER 1.0.15 ----
.text ntkrnlpa.exe!ZwRollbackEnlistment + 140D 81C463C9 1 Byte [06]
.text ntkrnlpa.exe!KiDispatchInterrupt + 5A2 81C7FD52 19 Bytes [E0, 0F, BA, F0, 07, 73, 09, ...] {LOOPNZ 0x11; MOV EDX, 0x97307f0; MOV CR4, EAX; OR AL, 0x80; MOV CR4, EAX; RET ; MOV ECX, CR3}
.text ntkrnlpa.exe!KeRemoveQueueEx + 11F7 81C86EAC 4 Bytes [BE, 0D, D9, 89]
.text ntkrnlpa.exe!KeRemoveQueueEx + 1553 81C87208 4 Bytes [C8, 0D, D9, 89] {ENTER 0xd90d, 0x89}
.text ntkrnlpa.exe!KeRemoveQueueEx + 1597 81C8724C 4 Bytes [C3, 0D, D9, 89]
.text ntkrnlpa.exe!KeRemoveQueueEx + 1613 81C872C8 4 Bytes [CD, 0D, D9, 89]
.text ntkrnlpa.exe!KeRemoveQueueEx + 1667 81C8731C 4 Bytes [D2, 0D, D9, 89]
.text ...
? C:\Users\unzares\AppData\Local\Temp\aswMBR.sys Das System kann die angegebene Datei nicht finden. !
---- User code sections - GMER 1.0.15 ----
.text C:\Program Files\Mozilla Firefox\firefox.exe[2692] ntdll.dll!LdrGetProcedureAddress + 26 77DD2239 7 Bytes JMP 69970C00 C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation)
.text C:\Program Files\Mozilla Firefox\firefox.exe[2692] kernel32.dll!K32GetDeviceDriverBaseNameW + 5D 773E93D6 7 Bytes JMP 69BA7B29 C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation)
.text C:\Program Files\Mozilla Firefox\firefox.exe[2692] kernel32.dll!QueryPerformanceCounter + 13 773EC435 7 Bytes JMP 69BA7B4C C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation)
.text C:\Program Files\Mozilla Firefox\firefox.exe[2692] kernel32.dll!LoadAppInitDlls + 355 773EF4F6 7 Bytes JMP 69973FAC C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation)
.text C:\Program Files\Mozilla Firefox\firefox.exe[2692] GDI32.dll!GetViewportOrgEx + 26C 7622884B 7 Bytes JMP 69BA7AAA C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation)
---- Devices - GMER 1.0.15 ----
AttachedDevice \Driver\kbdclass \Device\KeyboardClass0 Wdf01000.sys (Kernelmodustreiber-Frameworklaufzeit/Microsoft Corporation)
AttachedDevice \Driver\kbdclass \Device\KeyboardClass1 Wdf01000.sys (Kernelmodustreiber-Frameworklaufzeit/Microsoft Corporation)
Device \Driver\ACPI_HAL \Device\00000048 halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume1 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume1 rdyboost.sys (ReadyBoost Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume2 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume2 rdyboost.sys (ReadyBoost Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume3 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume3 rdyboost.sys (ReadyBoost Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume4 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume4 rdyboost.sys (ReadyBoost Driver/Microsoft Corporation)
AttachedDevice \FileSystem\fastfat \Fat fltmgr.sys (Microsoft Dateisystem-Filter-Manager/Microsoft Corporation)
---- Registry - GMER 1.0.15 ----
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\002243d1ad91
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\002243d1ad91 (not active ControlSet)
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartPage\NewShortcuts@C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Intel\xae Matrix Storage Manager\Intel\xae Matrix Storage Console.lnk 1
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartPage\NewShortcuts@C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel\xae Matrix Storage Manager\Intel\xae Matrix Storage Console.lnk 1
---- EOF - GMER 1.0.15 ----
Code:
ATTFilter Report of OSAM: Autorun Manager v5.0.11926.0 hxxp://www.online-solutions.ru/en/ Saved at 15:57:48 on 17.09.2012 OS: Windows 7 Starter Edition Service Pack 1 (Build 7601), 32-bit Default Browser: Mozilla Corporation Firefox 15.0.1 Scanner Settings [x] Rootkits detection (hidden registry) [x] Rootkits detection (hidden files) [x] Retrieve files information [x] Check Microsoft signatures Filters [ ] Trusted entries [ ] Empty entries [x] Hidden registry entries (rootkit activity) [x] Exclusively opened files [x] Not found files [x] Files without detailed information [x] Existing files [ ] Non-startable services [ ] Non-startable drivers [x] Active entries [x] Disabled entries [Control Panel Objects] -----( %SystemRoot%\system32 )----- "DivXControlPanelApplet.cpl" - "DivX, Inc." - C:\windows\system32\DivXControlPanelApplet.cpl "FlashPlayerCPLApp.cpl" - "Adobe Systems Incorporated" - C:\windows\system32\FlashPlayerCPLApp.cpl [Drivers] -----( HKLM\SYSTEM\CurrentControlSet\Services )----- "AsUpIO" (AsUpIO) - ? - C:\windows\System32\drivers\AsUpIO.sys (File found, but it contains no detailed information) "avgntflt" (avgntflt) - "Avira GmbH" - C:\windows\System32\DRIVERS\avgntflt.sys "avipbb" (avipbb) - "Avira GmbH" - C:\windows\System32\DRIVERS\avipbb.sys "avkmgr" (avkmgr) - "Avira GmbH" - C:\windows\System32\DRIVERS\avkmgr.sys "Bluetooth Audio Device Service" (btwaudio) - ? - C:\windows\System32\drivers\btwaudio.sys (File not found) "Bluetooth AVDT" (btwavdt) - ? - C:\windows\system32\DRIVERS\btwavdt.sys (File not found) "Bluetooth L2CAP Service" (btwl2cap) - ? - C:\windows\System32\DRIVERS\btwl2cap.sys (File not found) "btwrchid" (btwrchid) - ? - C:\windows\system32\DRIVERS\btwrchid.sys (File not found) "catchme" (catchme) - ? - C:\Users\unzares\AppData\Local\Temp\catchme.sys (File not found) "kwtiafow" (kwtiafow) - ? - C:\Users\unzares\AppData\Local\Temp\kwtiafow.sys (Hidden registry entry, rootkit activity | File not found) "ssmdrv" (ssmdrv) - "Avira GmbH" - C:\windows\System32\DRIVERS\ssmdrv.sys [Explorer] -----( HKLM\Software\Classes\Folder\shellex\ColumnHandlers )----- {F9DB5320-233E-11D1-9F84-707F02C10627} "PDF Shell Extension" - "Adobe Systems, Inc." - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )----- {D8D1CE8C-B1EB-4E95-B63B-1531BA60E992} "DivX Property Handler" - "DivX, Inc." - C:\Program Files\DivX\DivX Plus Media Foundation Components\DivXPropertyHandler.dll {83238FAE-D346-4E12-8734-D42F7554B3E6} "DivX Thumbnail Provider" - "DivX, Inc." - C:\Program Files\DivX\DivX Plus Media Foundation Components\DivXThumbnailProvider.dll {42042206-2D85-11D3-8CFF-005004838597} "Microsoft Office HTML Icon Handler" - ? - (File not found | COM-object registry key not found) {993BE281-6695-4BA5-8A2A-7AACBFAAB69E} "Microsoft Office Metadata Handler" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll {C41662BB-1FA0-4CE0-8DC5-9B7F8279FF97} "Microsoft Office Thumbnail Handler" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll {45AC2688-0253-4ED8-97DE-B5370FA7D48A} "Shell Extension for Malware scanning" - "Avira Operations GmbH & Co. KG" - C:\Program Files\Avira\AntiVir Desktop\shlext.dll [Internet Explorer] -----( HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser )----- ITBar7Height "ITBar7Height" - ? - (File not found | COM-object registry key not found) <binary data> "ITBar7Layout" - ? - (File not found | COM-object registry key not found) -----( HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units )----- {8AD9C840-044E-11D1-B3E9-00805F499D93} "Java Plug-in 1.6.0_22" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} "Java Plug-in 1.6.0_22" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} "Java Plug-in 1.6.0_22" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\npjpi160_22.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects )----- {18DF081C-E8AD-4283-A596-FA578C2EBDC3} "Adobe PDF Link Helper" - "Adobe Systems Incorporated" - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll {326E768D-4182-46FD-9C16-1449A49795F4} "DivX Plus Web Player HTML5 <video>" - "DivX, LLC" - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll {DBC80044-A445-435b-BC74-9C25C1C588A9} "Java(tm) Plug-In 2 SSV Helper" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2ssv.dll [Logon] -----( %APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup )----- "desktop.ini" - ? - C:\Users\unzares\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini -----( %AllUsersProfile%\Microsoft\Windows\Start Menu\Programs\Startup )----- "desktop.ini" - ? - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini -----( HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server\Wds\rdpwd )----- "StartupPrograms" - ? - rdpclip (File not found) -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Run )----- "ASUS Screen Saver Protector" - "ASUS" - C:\Windows\AsScrPro.exe "ASUSPRP" - "ASUSTek Computer Inc." - C:\Program Files\ASUS\APRP\APRP.EXE "avgnt" - "Avira Operations GmbH & Co. KG" - "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min "DivXUpdate" - ? - "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW "HotkeyMon" - "ASUSTek Computer Inc." - AsusSender.exe C:\Program Files\EeePC\HotkeyService\HotKeyMon.exe "HotkeyService" - "ASUSTek Computer Inc." - AsusSender.exe C:\Program Files\EeePC\HotkeyService\HotkeyService.exe "IAAnotif" - "Intel Corporation" - C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe "SuperHybridEngine" - "ASUSTek Computer Inc." - AsusSender.exe C:\Program Files\EeePC\SHE\SuperHybridEngine.exe "UCam_Menu" - "CyberLink Corp." - "C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\2.0" [Services] -----( HKLM\SYSTEM\CurrentControlSet\Services )----- "@C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe,-1" (TuneUp.Defrag) - "TuneUp Software" - C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe "ASP.NET-Zustandsdienst" (aspnet_state) - "Microsoft Corporation" - C:\windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe "Asus Launcher Service" (AsusService) - ? - C:\Windows\System32\AsusService.exe (File found, but it contains no detailed information) "Avira Echtzeit Scanner" (AntiVirService) - "Avira Operations GmbH & Co. KG" - C:\Program Files\Avira\AntiVir Desktop\avguard.exe "Avira Planer" (AntiVirSchedulerService) - "Avira Operations GmbH & Co. KG" - C:\Program Files\Avira\AntiVir Desktop\sched.exe "Intel(R) Matrix Storage Event Monitor" (IAANTMON) - "Intel Corporation" - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe "Microsoft .NET Framework NGEN v4.0.30319_X86" (clr_optimization_v4.0.30319_32) - "Microsoft Corporation" - C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe "Mozilla Maintenance Service" (MozillaMaintenance) - "Mozilla Foundation" - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe "Net Driver HPZ12" (Net Driver HPZ12) - "Hewlett-Packard" - C:\Windows\system32\HPZinw12.dll "Office Source Engine" (ose) - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE "Pml Driver HPZ12" (Pml Driver HPZ12) - "Hewlett-Packard" - C:\Windows\system32\HPZipm12.dll ===[ Logfile end ]=========================================[ Logfile end ]=== If You have questions or want to get some help, You can visit hxxp://forum.online-solutions.ru Code:
ATTFilter aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-09-17 16:00:08
-----------------------------
16:00:08.301 OS Version: Windows 6.1.7601 Service Pack 1
16:00:08.301 Number of processors: 2 586 0x1C0A
16:00:08.301 ComputerName: UNZARES-PC UserName: unzares
16:00:09.581 Initialize success
16:01:23.315 AVAST engine defs: 12091400
16:01:53.657 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0
16:01:53.672 Disk 0 Vendor: Hitachi_ PB2O Size: 238475MB BusType: 3
16:01:53.704 Disk 0 MBR read successfully
16:01:53.704 Disk 0 MBR scan
16:01:53.844 Disk 0 Windows 7 default MBR code
16:01:53.891 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 102400 MB offset 2048
16:01:53.938 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 125815 MB offset 209717248
16:01:54.047 Disk 0 Partition 3 00 1B Hidd FAT32 MSDOS5.0 10240 MB offset 467386368
16:01:54.125 Disk 0 Partition 4 00 EF EFI FAT 16 MB offset 488357888
16:01:54.187 Disk 0 scanning sectors +488392065
16:01:54.390 Disk 0 scanning C:\windows\system32\drivers
16:02:19.646 Service scanning
16:03:04.278 Modules scanning
16:03:18.989 Disk 0 trace - called modules:
16:03:19.020
16:03:19.551 AVAST engine scan C:\windows
16:03:26.290 AVAST engine scan C:\windows\system32
16:10:42.981 AVAST engine scan C:\windows\system32\drivers
16:11:09.751 AVAST engine scan C:\Users\unzares
16:19:19.826 AVAST engine scan C:\ProgramData
16:19:46.954 Scan finished successfully
16:59:11.575 Disk 0 MBR has been saved successfully to "C:\Users\unzares\Desktop\MBR.dat"
16:59:11.606 The log file has been saved successfully to "C:\Users\unzares\Desktop\aswMBR.txt"
|
|
17.09.2012, 20:38
| #24 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Systemcheck! Kein Verdacht! Prophilaxe! Sieht ok aus. Wir sollten fast durch sein. Mach bitte zur Kontrolle Vollscans mit Malwarebytes und SUPERAntiSpyware und poste die Logs. Denk dran beide Tools zu updaten vor dem Scan!!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
19.09.2012, 17:00
| #25 |
| | Systemcheck! Kein Verdacht! Prophilaxe!Code:
ATTFilter SUPERAntiSpyware Scan Log
hxxp://www.superantispyware.com
Generated 09/19/2012 at 04:11 PM
Application Version : 5.5.1016
Core Rules Database Version : 9252
Trace Rules Database Version: 7064
Scan type : Complete Scan
Total Scan Time : 01:23:49
Operating System Information
Windows 7 Starter 32-bit, Service Pack 1 (Build 6.01.7601)
UAC On - Limited User
Memory items scanned : 556
Memory threats detected : 0
Registry items scanned : 33146
Registry threats detected : 0
File items scanned : 80819
File threats detected : 455
Adware.Tracking Cookie
C:\Users\unzares\AppData\Roaming\Microsoft\Windows\Cookies\AJ0Y7AZL.txt [ /mediaplex.com ]
C:\Users\unzares\AppData\Roaming\Microsoft\Windows\Cookies\F82OLEEP.txt [ /ad1.adfarm1.adition.com ]
C:\Users\unzares\AppData\Roaming\Microsoft\Windows\Cookies\V8HAM8FJ.txt [ /smartadserver.com ]
C:\Users\unzares\AppData\Roaming\Microsoft\Windows\Cookies\SJX7XWR0.txt [ /atdmt.com ]
C:\Users\unzares\AppData\Roaming\Microsoft\Windows\Cookies\M43XHZ1F.txt [ /tracking.quisma.com ]
C:\Users\unzares\AppData\Roaming\Microsoft\Windows\Cookies\5GXAHSP9.txt [ /www.zanox-affiliate.de ]
C:\Users\unzares\AppData\Roaming\Microsoft\Windows\Cookies\OSIJ9OG9.txt [ /fastclick.net ]
C:\Users\unzares\AppData\Roaming\Microsoft\Windows\Cookies\INNHAWO8.txt [ /zanox.com ]
C:\Users\unzares\AppData\Roaming\Microsoft\Windows\Cookies\GMR3M709.txt [ /imrworldwide.com ]
C:\Users\unzares\AppData\Roaming\Microsoft\Windows\Cookies\SNW9A1KV.txt [ /ad.zanox.com ]
C:\Users\unzares\AppData\Roaming\Microsoft\Windows\Cookies\SGY4GH7Y.txt [ /adform.net ]
C:\Users\unzares\AppData\Roaming\Microsoft\Windows\Cookies\CWERN7V9.txt [ /zanox-affiliate.de ]
C:\Users\unzares\AppData\Roaming\Microsoft\Windows\Cookies\4RCN7K12.txt [ /doubleclick.net ]
C:\Users\unzares\AppData\Roaming\Microsoft\Windows\Cookies\2JTWXHK8.txt [ /adfarm1.adition.com ]
C:\Users\unzares\AppData\Roaming\Microsoft\Windows\Cookies\5EEYO6GI.txt [ /apmebf.com ]
C:\Users\unzares\AppData\Roaming\Microsoft\Windows\Cookies\IH2VRWXY.txt [ /track.adform.net ]
C:\Users\unzares\AppData\Roaming\Microsoft\Windows\Cookies\LBD1WQXV.txt [ /tradedoubler.com ]
C:\USERS\UNZARES\AppData\Roaming\Microsoft\Windows\Cookies\Low\478JCCD8.txt [ Cookie:unzares@atdmt.com/ ]
C:\USERS\UNZARES\AppData\Roaming\Microsoft\Windows\Cookies\Low\LGQEY9XE.txt [ Cookie:unzares@ad.yieldmanager.com/ ]
C:\USERS\UNZARES\AppData\Roaming\Microsoft\Windows\Cookies\Low\4YR9NALQ.txt [ Cookie:unzares@clickfuse.com/ ]
C:\USERS\UNZARES\AppData\Roaming\Microsoft\Windows\Cookies\Low\TE8J2GLW.txt [ Cookie:unzares@adfarm1.adition.com/ ]
C:\USERS\UNZARES\Cookies\AJ0Y7AZL.txt [ Cookie:unzares@mediaplex.com/ ]
C:\USERS\UNZARES\Cookies\F82OLEEP.txt [ Cookie:unzares@ad1.adfarm1.adition.com/ ]
C:\USERS\UNZARES\Cookies\V8HAM8FJ.txt [ Cookie:unzares@smartadserver.com/ ]
C:\USERS\UNZARES\Cookies\SJX7XWR0.txt [ Cookie:unzares@atdmt.com/ ]
C:\USERS\UNZARES\Cookies\M43XHZ1F.txt [ Cookie:unzares@tracking.quisma.com/ ]
C:\USERS\UNZARES\Cookies\INNHAWO8.txt [ Cookie:unzares@zanox.com/ ]
C:\USERS\UNZARES\Cookies\GMR3M709.txt [ Cookie:unzares@imrworldwide.com/cgi-bin ]
C:\USERS\UNZARES\Cookies\SNW9A1KV.txt [ Cookie:unzares@ad.zanox.com/ ]
C:\USERS\UNZARES\Cookies\SGY4GH7Y.txt [ Cookie:unzares@adform.net/ ]
C:\USERS\UNZARES\Cookies\CWERN7V9.txt [ Cookie:unzares@zanox-affiliate.de/ ]
C:\USERS\UNZARES\Cookies\2JTWXHK8.txt [ Cookie:unzares@adfarm1.adition.com/ ]
C:\USERS\UNZARES\Cookies\5EEYO6GI.txt [ Cookie:unzares@apmebf.com/ ]
C:\USERS\UNZARES\Cookies\IH2VRWXY.txt [ Cookie:unzares@track.adform.net/ ]
C:\USERS\UNZARES\Cookies\LBD1WQXV.txt [ Cookie:unzares@tradedoubler.com/ ]
delivery.ibanner.de [ C:\USERS\UNZARES\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\34J5X953 ]
.microsoftwllivemkt.112.2o7.net [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.atdmt.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.mediaplex.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
eas.apm.emediate.eu [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.adbrite.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.imrworldwide.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.imrworldwide.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.im.banner.t-online.de [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.xiti.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.mediaplex.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.advertising.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.apmebf.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.apmebf.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.eyewonder.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.eyewonder.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.server.cpmstar.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.zedo.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.ad.adnet.de [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.youporn.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.a.revenuemax.de [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
tracking.tchibo.de [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.ad.yieldmanager.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.amazon-adsystem.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.amazon-adsystem.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.partypoker.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.game-advertising-online.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.ad.adnet.de [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.ad-emea.doubleclick.net [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.ru4.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.aka-cdn-ns.adtech.de [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.opodo.122.2o7.net [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.ehg-crossfit.hitbox.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.hitbox.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
www.usenext.de [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.advertising.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.cunda.122.2o7.net [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.ero-advertising.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
7.rotator.wigetmedia.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.liveperson.net [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
mediathek.daserste.de [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.youporn.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.ad-emea.doubleclick.net [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.ad-emea.doubleclick.net [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.tracking.quisma.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.histats.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.histats.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.adbrite.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
tracker.bmtsystem.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.bwincom.122.2o7.net [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
tradefx.advertserve.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.specificclick.net [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
uk.sitestat.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
uk.sitestat.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.advertstream.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
www.visit-tracker.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
trackstatsnow.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
trackstatsnow.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.gostats.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.www4.smartadserver.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.comvelgmbh.112.2o7.net [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
www.bannerreport.org [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
webstats.usz.ch [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
webstats.usz.ch [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.guj.122.2o7.net [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.cpvadverts.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.cpvadverts.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.businessenhanced.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.businessenhanced.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.accounts.google.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.accounts.google.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
stat.ed.cupidplc.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.ero-advertising.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.ero-advertising.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.ero-advertising.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
traffic.brokerbabe.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
traffic.brokerbabe.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.ero-advertising.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.atdmt.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.atdmt.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.doubleclick.net [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.ero-advertising.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.ero-advertising.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.pornofilmpjes.nl [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.pornofilmpjes.nl [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.apmebf.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.clicksor.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.clicksor.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.clicksor.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.clicksor.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.technoratimedia.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.technoratimedia.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.apmebf.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.ru4.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.quartermedia.de [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.estat.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.advertising.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.crackajack.de [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.archive.crackajack.de [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.archive.crackajack.de [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.archive.crackajack.de [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.unister-adservices.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
server.adform.net [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.thomascookag.122.2o7.net [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.adbrite.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.zedo.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.traffictrack.de [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.partypoker.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.partypoker.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.partypoker.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.burstnet.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
ad.adserver01.de [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
track.zalando.de [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
statse.webtrendslive.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.bs.serving-sys.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.e-2dj6wnloenc5kdp.stats.esomniture.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
track.effiliation.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.tuiinteractive.122.2o7.net [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.pumaonlinestorede.112.2o7.net [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.overture.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
be.sitestat.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.burstnet.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
www.easyclicktravel.de [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.easyclicktravel.de [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.adbrite.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
adserver.flughafen-stuttgart.de [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.yieldmanager.net [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
7.rotator.wigetmedia.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.easyclicktravel.de [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.easyclicktravel.de [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
tracking.klicktel.de [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.autoscout24.112.2o7.net [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.zedo.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
www.zanox-affiliate.de [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
eas.apm.emediate.eu [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
eas.apm.emediate.eu [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
eas.apm.emediate.eu [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
eas4.emediate.eu [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.liveperson.net [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.burstnet.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.partypoker.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.partypoker.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
rts.pgmediaserve.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
rts.pgmediaserve.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
rts.pgmediaserve.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.im.banner.t-online.de [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
partners.webmasterplan.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
adserver.euronics.de [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
track.popmog.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
rotator.hadj7.adjuggler.net [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.adviva.net [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.adviva.net [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
server.adformdsp.net [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.adformdsp.net [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.adform.net [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.lucidmedia.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
server.adform.net [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.server.cpmstar.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
tracking.affiliates.de [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
adserver.fachschriften.de [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.statcounter.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
ad.zanox.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
media.gan-online.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.kaspersky.122.2o7.net [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
targeting.revenuemax.de [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.zanox.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
track.effiliation.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
track.effiliation.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
track.effiliation.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
track.effiliation.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
track.effiliation.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.zanox-affiliate.de [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.e-2dj6wfkiohcjeeo.stats.esomniture.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
adserving.avazudsp.net [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
adserving.avazudsp.net [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
adfarm1.adition.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.unrulymedia.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.at.atwola.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.adbrite.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.mediaplex.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.stats.paypal.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.paypal.112.2o7.net [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.bs.serving-sys.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
accounts.google.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.c.atdmt.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.c.atdmt.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.c.atdmt.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.c.atdmt.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.c.atdmt.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.c.atdmt.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.h.atdmt.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.h.atdmt.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.h.atdmt.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.h.atdmt.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.tribalfusion.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
adx.chip.de [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
adx.chip.de [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.ad.adnet.de [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
ads1.solocpm.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
ads1.solocpm.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
tracking.publicidees.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.ad.adnet.de [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
dk-adserver.de [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
banner.testberichte.de [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.tvtv.122.2o7.net [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.doubleclick.net [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.im.banner.t-online.de [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.im.banner.t-online.de [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
track.adform.net [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.im.banner.t-online.de [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.clickfuse.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.clickfuse.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.germanwings.112.2o7.net [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
fr.sitestat.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
fr.sitestat.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
adserver.flughafen-stuttgart.de [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.toplist.cz [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.questionmarket.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.questionmarket.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.tracking.mindshare.de [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
tracking.mobile.de [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.im.banner.t-online.de [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.im.banner.t-online.de [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.im.banner.t-online.de [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.im.banner.t-online.de [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.im.banner.t-online.de [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
ad1.adfarm1.adition.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.clickfuse.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.fastclick.net [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
ad.zanox.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.zanox-affiliate.de [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
ad4.adfarm1.adition.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
ad2.adfarm1.adition.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.tracking.quisma.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.zanox.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
ad.adserver01.de [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.advertising.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.advertising.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.kontera.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.atdmt.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.c1.atdmt.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.c1.atdmt.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
ww251.smartadserver.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.tracker.vinsight.de [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
adx.chip.de [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
adx.chip.de [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.mediaplex.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
adx.chip.de [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
adx.chip.de [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
adx.chip.de [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
adx.chip.de [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
adx.chip.de [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
track.adform.net [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.adviva.net [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
eas.apm.emediate.eu [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.im.banner.t-online.de [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
eas.apm.emediate.eu [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
ad3.adfarm1.adition.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.doubleclick.net [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
track.adform.net [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
.adform.net [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
eas4.emediate.eu [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
eas4.emediate.eu [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\UNZARES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WQS11U8D.DEFAULT\COOKIES.SQLITE ]
Trojan.Agent/Gen-Yoddos
C:\PROGRAM FILES\WINRAR\DEFAULT.SFX
Code:
ATTFilter Malwarebytes Anti-Malware 1.65.0.1400 www.malwarebytes.org Datenbank Version: v2012.09.19.09 Windows 7 Service Pack 1 x86 NTFS Internet Explorer 9.0.8112.16421 unzares :: UNZARES-PC [Administrator] 19.09.2012 16:20:01 mbam-log-2012-09-19 (17-53-24).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|) Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 280903 Laufzeit: 1 Stunde(n), 29 Minute(n), 15 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 1 C:\_OTL\MovedFiles\09112012_154710\C_Program Files\mozilla firefox\plugins\npmieze.dll (PUP.LoadTubes) -> Keine Aktion durchgeführt. (Ende) |
|
19.09.2012, 21:28
| #26 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Systemcheck! Kein Verdacht! Prophilaxe! Sieht ok aus, da wurden nur Cookies gefunden, der angebliche Fund bei WinRAR ist ein Fehalarm. Der Fund bei Malwarebytes ist nur ein Element in der Quarantäne von OTL. Harmlos. Cookies sind keine Schädlinge direkt, aber es besteht die Gefahr der missbräuchlichen Verwendung (eindeutige Wiedererkennung zB für gezielte Werbung o.ä. => HTTP-Cookie ) Wegen Cookies und anderer Dinge im Web: Um die Pest von vornherein zu blocken (also TrackingCookies, Werbebanner etc.) müsstest du dir mal sowas wie MVPS Hosts File anschauen => Blocking Unwanted Parasites with a Hosts File - sinnvollerweise solltest du alle 4 Wochen mal bei MVPS nachsehen, ob er eine neue Hosts Datei herausgebracht hat. Ansonsten gibt es noch gute Cookiemanager, Erweiterungen für den Firefox zB wäre da CookieCuller http://filepony.de/download-cookie_culler/ Wenn du aber damit leben kannst, dich bei jeder Browsersession überall neu einzuloggen (zB Facebook, Ebay, GMX, oder auch Trojaner-Board) dann stell den Browser einfach so ein, dass einfach alles beim Beenden des Browser inkl. Cookies gelöscht wird. Ich halte es so, dass ich zum "wilden Surfen" den Opera-Browser oder Chromium unter meinem Linux verwende. Mein Hauptbrowser (Firefox) speichert nur die Cookies von den Sites die ich auch will, alles andere lehne ich manuell ab (der FF fragt mich immer) - die anderen Browser nehmen alles an Cookies zwar an, aber spätestens beim nächsten Start von Opera oder Chromium sind keine Cookies mehr da. Ist dein System nun wieder in Ordnung oder gibt's noch andere Funde oder Probleme?
__________________ Logfiles bitte immer in CODE-Tags posten |
|
20.09.2012, 05:02
| #27 |
| | Systemcheck! Kein Verdacht! Prophilaxe! Hallo, na da bin ich aber beruhigt. besten dank! ohne dieses forum hätte ich das sicher nicht hin bekommen. großes lob! ich werde zuerst mal cookieculler probieren. zur not lösche ich alle cookies permanent. das system läuft wie gewohnt. es gibt keine probleme. höchstens der systemstart dauert etwas. muss da meine autostartliste mal überarbeiten. würdest du xp antispy empfehlen? aso, und kann ich mein desktop wieder frei machen(alles löschen)? |
|
20.09.2012, 14:48
| #28 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Systemcheck! Kein Verdacht! Prophilaxe!Zitat:
Dann wären wir durch!  Die Programme, die hier zum Einsatz kamen, können alle wieder runter. Mit Hilfe von OTL kannst du auch viele Tools entfernen: Starte bitte OTL und klicke auf Bereinigung. Dies wird die meisten Tools entfernen, die wir zur Bereinigung benötigt haben. Sollte etwas bestehen bleiben, bitte mit Rechtsklick --> Löschen entfernen. Malwarebytes zu behalten ist zu empfehlen. Kannst ja 1x im Monat damit einen Vollscan machen, aber immer vorher ans Update denken. Bitte abschließend die Updates prüfen, unten mein Leitfaden dazu. Um in Zukunft die Aktualität der installierten Programme besser im Überblick zu halten, kannst du zB Secunia PSI verwenden. Für noch mehr Sicherheit solltest Du nach der beseitigten Infektion auch möglichst alle Passwörter ändern. Microsoftupdate Windows XP: Besuch mit dem IE die MS-Updateseite und lass Dir alle wichtigen Updates installieren. Windows Vista/7: Anleitung Windows-Update PDF-Reader aktualisieren Ein veralteter AdobeReader stellt ein großes Sicherheitsrisiko dar. Du solltest daher besser alte Versionen vom AdobeReader über Systemsteuerung => Software bzw. Programme und Funktionen deinstallieren, indem Du dort auf "Adobe Reader x.0" klickst und das Programm entfernst. (falls du AdobeReader installiert hast) Ich empfehle einen alternativen PDF-Reader wie PDF Xchange Viewer, SumatraPDF oder Foxit PDF Reader, die sind sehr viel schlanker und flotter als der AdobeReader. Bitte überprüf bei der Gelegenheit auch die Aktualität des Flashplayers: Prüfen => Adobe - Flash Player Downloadlinks => Adobe Flash Player Distribution | Adobe Natürlich auch darauf achten, dass andere installierte Browser wie zB Firefox, Opera oder Chrome aktuell sind. Java-Update Veraltete Java-Installationen sind ein Sicherheitsrisiko, daher solltest Du die alten Versionen löschen (falls vorhanden, am besten mit JavaRa) und auf die neuste aktualisieren. Beende dazu alle Programme (v.a. die Browser), klick danach auf Start, Systemsteuerung, Software und deinstalliere darüber alle aufgelisteten Java-Versionen. Lad Dir danach von hier das aktuelle Java SE Runtime Environment (JRE) herunter und installiere es.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
20.09.2012, 16:53
| #29 |
| | Systemcheck! Kein Verdacht! Prophilaxe! Desktop ist aufgeräumt! Updates sind gemacht! Sumatra PDF ist drauf! Passwörter werden nach und nach geändert! Alles läuft gut! bleibt abschließend nur noch eines zu sagen: DAAAAANKEEEE!!!!!!!!!!!!!!!!!! und alles gute!!! mfg unzares |
|
| Themen zu Systemcheck! Kein Verdacht! Prophilaxe! |
| anderes, applaus, bereinigt, blick, dankbar, direkter, erfolgreich, hallo zusammen, herausgeber konnte nicht verifiziert werden, system, systemcheck, verdacht, wahrscheinlich, werfen, woche, zusammen |
Linear-Darstellung
