| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: rkit/agent.dfjvWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
16.09.2012, 12:08
| #16 |
 |  rkit/agent.dfjvCode:
ATTFilter All processes killed
========== OTL ==========
Prefs.js: software@loadtubes.com:1.01 removed from extensions.enabledAddons
Prefs.js: "hxxp://www.browsersafesearch.com?client=mozilla-firefox&cd=UTF-8&search=1&q=" removed from keyword.URL
Prefs.js: 0 removed from network.proxy.type
C:\Users\Rüger\AppData\Roaming\mozilla\Firefox\Profiles\7rfl6bik.default\extensions\software@loadtubes.com\chrome\skin folder moved successfully.
C:\Users\Rüger\AppData\Roaming\mozilla\Firefox\Profiles\7rfl6bik.default\extensions\software@loadtubes.com\chrome\content folder moved successfully.
C:\Users\Rüger\AppData\Roaming\mozilla\Firefox\Profiles\7rfl6bik.default\extensions\software@loadtubes.com\chrome folder moved successfully.
C:\Users\Rüger\AppData\Roaming\mozilla\Firefox\Profiles\7rfl6bik.default\extensions\software@loadtubes.com folder moved successfully.
C:\Users\Rüger\AppData\Roaming\mozilla\firefox\profiles\7rfl6bik.default\extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}.xpi moved successfully.
C:\Users\Rüger\AppData\Roaming\mozilla\Firefox\Profiles\7rfl6bik.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\plugins folder moved successfully.
C:\Users\Rüger\AppData\Roaming\mozilla\Firefox\Profiles\7rfl6bik.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\META-INF folder moved successfully.
C:\Users\Rüger\AppData\Roaming\mozilla\Firefox\Profiles\7rfl6bik.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\defaults\preferences folder moved successfully.
C:\Users\Rüger\AppData\Roaming\mozilla\Firefox\Profiles\7rfl6bik.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\defaults folder moved successfully.
C:\Users\Rüger\AppData\Roaming\mozilla\Firefox\Profiles\7rfl6bik.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\chrome\skin\images folder moved successfully.
C:\Users\Rüger\AppData\Roaming\mozilla\Firefox\Profiles\7rfl6bik.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\chrome\skin folder moved successfully.
C:\Users\Rüger\AppData\Roaming\mozilla\Firefox\Profiles\7rfl6bik.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\chrome\locale\ro-RO folder moved successfully.
C:\Users\Rüger\AppData\Roaming\mozilla\Firefox\Profiles\7rfl6bik.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\chrome\locale\en-US folder moved successfully.
C:\Users\Rüger\AppData\Roaming\mozilla\Firefox\Profiles\7rfl6bik.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\chrome\locale folder moved successfully.
C:\Users\Rüger\AppData\Roaming\mozilla\Firefox\Profiles\7rfl6bik.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\chrome\content folder moved successfully.
C:\Users\Rüger\AppData\Roaming\mozilla\Firefox\Profiles\7rfl6bik.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\chrome folder moved successfully.
C:\Users\Rüger\AppData\Roaming\mozilla\Firefox\Profiles\7rfl6bik.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360} folder moved successfully.
C:\Program Files (x86)\mozilla firefox\plugins\npmieze.dll moved successfully.
C:\Program Files (x86)\mozilla firefox\searchplugins\Search the web.src moved successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktop deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktopChanges deleted successfully.
Registry value HKEY_USERS\S-1-5-21-3039713790-2786281700-3225123238-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1ec456e3-c78f-11e1-9943-b870f47f33c2}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1ec456e3-c78f-11e1-9943-b870f47f33c2}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1ec456e3-c78f-11e1-9943-b870f47f33c2}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1ec456e3-c78f-11e1-9943-b870f47f33c2}\ not found.
File E:\setup_vmc_lite.exe /checkApplicationPresence not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{eeb015e5-8caf-11e1-b882-b870f47f33c2}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{eeb015e5-8caf-11e1-b882-b870f47f33c2}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{eeb015e5-8caf-11e1-b882-b870f47f33c2}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{eeb015e5-8caf-11e1-b882-b870f47f33c2}\ not found.
File E:\pushinst.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{eeb015ec-8caf-11e1-b882-b870f47f33c2}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{eeb015ec-8caf-11e1-b882-b870f47f33c2}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{eeb015ec-8caf-11e1-b882-b870f47f33c2}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{eeb015ec-8caf-11e1-b882-b870f47f33c2}\ not found.
File E:\setup_vmc_lite.exe /checkApplicationPresence not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{eeb01681-8caf-11e1-b882-b870f47f33c2}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{eeb01681-8caf-11e1-b882-b870f47f33c2}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{eeb01681-8caf-11e1-b882-b870f47f33c2}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{eeb01681-8caf-11e1-b882-b870f47f33c2}\ not found.
File E:\setup_vmc_lite.exe /checkApplicationPresence not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f3655bfd-c798-11e1-87ac-b870f47f33c2}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{f3655bfd-c798-11e1-87ac-b870f47f33c2}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f3655bfd-c798-11e1-87ac-b870f47f33c2}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{f3655bfd-c798-11e1-87ac-b870f47f33c2}\ not found.
File E:\setup_vmc_lite.exe /checkApplicationPresence not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\E\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\E\ not found.
File E:\pushinst.exe not found.
ADS C:\ProgramData\Temp:5925E400 deleted successfully.
ADS C:\ProgramData\Temp:798A3728 deleted successfully.
ADS C:\ProgramData\Temp:4D066AD2 deleted successfully.
ADS C:\ProgramData\Temp:E79EFDA4 deleted successfully.
ADS C:\ProgramData\Temp:C46995DA deleted successfully.
ADS C:\ProgramData\Temp:9B750A13 deleted successfully.
ADS C:\ProgramData\Temp:5D458568 deleted successfully.
ADS C:\ProgramData\Temp:2430E4FC deleted successfully.
========== FILES ==========
C:\Users\Rüger\AppData\Local\{0740C121-0CD3-4F4E-A0B8-EA5607EDF4B7} folder moved successfully.
C:\Users\Rüger\AppData\Local\{083D8924-BC1F-4CDB-B4E6-C45A7562C291} folder moved successfully.
C:\Users\Rüger\AppData\Local\{0CCDCB64-3837-444F-98A7-380773FF8BFC} folder moved successfully.
C:\Users\Rüger\AppData\Local\{0E652692-6A9C-4868-99DB-85153DE0D003} folder moved successfully.
C:\Users\Rüger\AppData\Local\{16490AAC-AB31-4C90-9227-39F5D3EDE69E} folder moved successfully.
C:\Users\Rüger\AppData\Local\{16B80A3B-4408-403C-B423-524E2E7E1DA8} folder moved successfully.
C:\Users\Rüger\AppData\Local\{18863F93-432A-42D5-BD4D-D826E0C02573} folder moved successfully.
C:\Users\Rüger\AppData\Local\{26962DDB-E93E-4F0F-806E-35EFBD8519B2} folder moved successfully.
C:\Users\Rüger\AppData\Local\{31C8E1B6-28B1-48F0-B4E9-A420F96BCE56} folder moved successfully.
C:\Users\Rüger\AppData\Local\{363D92CA-5B74-4AB2-A262-981046212A2D} folder moved successfully.
C:\Users\Rüger\AppData\Local\{38B3AB3A-EDF8-4A31-B01C-99AEA999DB59} folder moved successfully.
C:\Users\Rüger\AppData\Local\{3A37F08C-C0CD-400C-A2B8-69C11A33802F} folder moved successfully.
C:\Users\Rüger\AppData\Local\{3C9C6D64-4DDE-44F6-B34E-8DF78E9EFB0D} folder moved successfully.
C:\Users\Rüger\AppData\Local\{4022F79A-526A-4CC4-9700-176A2F800234} folder moved successfully.
C:\Users\Rüger\AppData\Local\{40EC7AA0-6F19-4624-BAF8-66AC8AD68B05} folder moved successfully.
C:\Users\Rüger\AppData\Local\{4CD420F8-02B6-4297-B7CD-389426AEDE2E} folder moved successfully.
C:\Users\Rüger\AppData\Local\{4DA1F2B3-2B36-4CC7-916A-032E5E640BE3} folder moved successfully.
C:\Users\Rüger\AppData\Local\{4FF52694-160B-4B2B-B32C-F5F01C04C0D4} folder moved successfully.
C:\Users\Rüger\AppData\Local\{5DA549AE-1FC7-484E-BFFF-25E55EAE161F} folder moved successfully.
C:\Users\Rüger\AppData\Local\{603CAED3-E762-4C76-A6E6-F00A88843D5C} folder moved successfully.
C:\Users\Rüger\AppData\Local\{627869D0-21E4-4737-9104-B83A7B30730B} folder moved successfully.
C:\Users\Rüger\AppData\Local\{63936BF7-BDCB-4B37-B2A6-EEC2AEDCAE6C} folder moved successfully.
C:\Users\Rüger\AppData\Local\{65AB6A6D-765F-4E42-BF7C-B736A386A81E} folder moved successfully.
C:\Users\Rüger\AppData\Local\{65EBEA93-E073-475F-8411-71B1192F844B} folder moved successfully.
C:\Users\Rüger\AppData\Local\{687DB807-1541-4D6B-A0CE-0C45C87674CB} folder moved successfully.
C:\Users\Rüger\AppData\Local\{689F1DEE-BB16-4219-9C5C-7268F0BA4041} folder moved successfully.
C:\Users\Rüger\AppData\Local\{6F8DEBAA-3E68-464A-A001-5AABA5A5B793} folder moved successfully.
C:\Users\Rüger\AppData\Local\{70378AD8-F73A-4A73-9AC6-BF6BB67BFFFB} folder moved successfully.
C:\Users\Rüger\AppData\Local\{7180C381-B2CD-4E03-87F3-146B62FA2A52} folder moved successfully.
C:\Users\Rüger\AppData\Local\{7260F5B6-79C3-4BE9-823A-4DDF913F1F79} folder moved successfully.
C:\Users\Rüger\AppData\Local\{7B26EA46-F748-4298-91A1-DCA49E1B4A92} folder moved successfully.
C:\Users\Rüger\AppData\Local\{7B35A3F4-F963-4817-83DF-3436A451F47B} folder moved successfully.
C:\Users\Rüger\AppData\Local\{7BE3A5DD-C83F-4A80-98B1-2563DE048864} folder moved successfully.
C:\Users\Rüger\AppData\Local\{7EC2AAF2-C0E0-4DA7-90ED-3567D36BBCF9} folder moved successfully.
C:\Users\Rüger\AppData\Local\{7F5D340A-CF44-4BD5-BDD9-6612DF12705A} folder moved successfully.
C:\Users\Rüger\AppData\Local\{8077C02E-B356-4B90-B313-40A0791E8F9F} folder moved successfully.
C:\Users\Rüger\AppData\Local\{80EC94E3-C09D-45B0-A28C-F0685EEDD578} folder moved successfully.
C:\Users\Rüger\AppData\Local\{818D76B9-DAD0-46C3-998B-2601D1A5606F} folder moved successfully.
C:\Users\Rüger\AppData\Local\{8217FF58-ED4E-4284-B60A-45B341D2607C} folder moved successfully.
C:\Users\Rüger\AppData\Local\{85BDB59E-84DD-4322-B510-60346A600933} folder moved successfully.
C:\Users\Rüger\AppData\Local\{86278ECA-F0D5-47C9-AB52-C3C1D7FFE2D7} folder moved successfully.
C:\Users\Rüger\AppData\Local\{866157A5-460A-4B07-9FFD-816FCEC0CCB3} folder moved successfully.
C:\Users\Rüger\AppData\Local\{86DD38A2-C8BD-404A-A1BD-907F6B69C913} folder moved successfully.
C:\Users\Rüger\AppData\Local\{86FA00F2-B093-442E-92B4-B42E10396CF6} folder moved successfully.
C:\Users\Rüger\AppData\Local\{8815E1E2-E7D0-43C1-9A04-50F40D818566} folder moved successfully.
C:\Users\Rüger\AppData\Local\{91A66A11-F21C-4024-8E8C-A157E89B4E32} folder moved successfully.
C:\Users\Rüger\AppData\Local\{923761F0-555F-435E-A525-5F3727346C2A} folder moved successfully.
C:\Users\Rüger\AppData\Local\{962F37CD-B00A-4D4F-AEF7-F8AC2D6A2BA2} folder moved successfully.
C:\Users\Rüger\AppData\Local\{97BF1A44-0CF8-40A1-9036-B690E95C5296} folder moved successfully.
C:\Users\Rüger\AppData\Local\{99C07902-E59C-4191-93D9-3A56520C2A20} folder moved successfully.
C:\Users\Rüger\AppData\Local\{9A2C32A3-5B22-4D3B-A6EB-7738EB9A13A0} folder moved successfully.
C:\Users\Rüger\AppData\Local\{9B00171E-79FA-412E-97C2-D24506921F94} folder moved successfully.
C:\Users\Rüger\AppData\Local\{9D5BDA98-2B3B-494D-8D48-961507D4FCF1} folder moved successfully.
C:\Users\Rüger\AppData\Local\{A15C9E63-4876-45B5-9334-ADA45A681677} folder moved successfully.
C:\Users\Rüger\AppData\Local\{A4E972BD-F9F6-453D-B9C3-CF16A613DBC4} folder moved successfully.
C:\Users\Rüger\AppData\Local\{A66F1D6E-238A-4B6D-A96F-41D517C9533A} folder moved successfully.
C:\Users\Rüger\AppData\Local\{A86AABE7-CE39-4464-9875-12F5B4DFEEA6} folder moved successfully.
C:\Users\Rüger\AppData\Local\{A98180CE-1D02-4B78-8FD1-A5D7EBFE25C4} folder moved successfully.
C:\Users\Rüger\AppData\Local\{AC7822EC-7233-451C-B894-5A5F1950C2AA} folder moved successfully.
C:\Users\Rüger\AppData\Local\{ACD7FB51-BC87-48B8-A53C-9F0EE7567281} folder moved successfully.
C:\Users\Rüger\AppData\Local\{ADF3E670-DC31-4ADF-8CAF-71DF508F9F59} folder moved successfully.
C:\Users\Rüger\AppData\Local\{AF150881-7F34-4D35-BC36-4A89A42B58A4} folder moved successfully.
C:\Users\Rüger\AppData\Local\{AF5EC090-F998-49A5-B0FE-C5C6A354373B} folder moved successfully.
C:\Users\Rüger\AppData\Local\{B072CC95-6390-48CD-AE5A-2988EB45014F} folder moved successfully.
C:\Users\Rüger\AppData\Local\{B43B2530-324A-46CF-9679-550C93E90F0E} folder moved successfully.
C:\Users\Rüger\AppData\Local\{BBAAFD00-7A36-478D-89A4-3680B9BF5120} folder moved successfully.
C:\Users\Rüger\AppData\Local\{C2C2A09C-1DED-41BC-A0BE-5932B5ABB6F2} folder moved successfully.
C:\Users\Rüger\AppData\Local\{C4897090-B1DF-41AC-8FAC-5193F58EEC87} folder moved successfully.
C:\Users\Rüger\AppData\Local\{C6090B98-3C14-42AF-9E2D-021456F78504} folder moved successfully.
C:\Users\Rüger\AppData\Local\{CA8C0C9C-4212-49FD-BA03-D5E879318940} folder moved successfully.
C:\Users\Rüger\AppData\Local\{D878B426-97AC-47D1-8E9F-3377111CEB5F} folder moved successfully.
C:\Users\Rüger\AppData\Local\{D8E2D0BE-FE0E-4AA5-99FB-5D1E449BB667} folder moved successfully.
C:\Users\Rüger\AppData\Local\{D93B08A5-7514-439A-B1D0-DAE42FC5BC1A} folder moved successfully.
C:\Users\Rüger\AppData\Local\{DBFBB9FF-F78F-46E0-BA6D-A7A683E8B42A} folder moved successfully.
C:\Users\Rüger\AppData\Local\{E22BD6C4-9785-425C-8061-B067969CC8B5} folder moved successfully.
C:\Users\Rüger\AppData\Local\{E2C82EBC-70E5-4D59-AF5E-1DF8575A1296} folder moved successfully.
C:\Users\Rüger\AppData\Local\{E2C87EBB-EA42-439E-BDC8-C07DA3112C13} folder moved successfully.
C:\Users\Rüger\AppData\Local\{E4FB0E7D-42B5-4CC4-8E8F-F74B9266B509} folder moved successfully.
C:\Users\Rüger\AppData\Local\{E648A7F8-9273-404A-ACCC-162D2B2A606E} folder moved successfully.
C:\Users\Rüger\AppData\Local\{E92131CA-9D21-4E95-B8BE-8B5164B5B910} folder moved successfully.
C:\Users\Rüger\AppData\Local\{F074A979-8515-4B8F-8B58-D966A7BD9858} folder moved successfully.
C:\Users\Rüger\AppData\Local\{F0E3E4CA-7D17-4A00-9CEE-DB1021630E52} folder moved successfully.
C:\Users\Rüger\AppData\Local\{F17CF7E7-B988-4EB3-8023-3F4A01C1B047} folder moved successfully.
C:\Users\Rüger\AppData\Local\{F19E2ACE-6D4E-4273-9DBB-4B3399D19A04} folder moved successfully.
C:\Users\Rüger\AppData\Local\{F51538E0-EDE6-4993-BBDF-89A246AFDE40} folder moved successfully.
C:\Users\Rüger\AppData\Local\{FDEEFBE0-0CA4-4660-9703-D848297C1345} folder moved successfully.
C:\Users\Rüger\AppData\Local\{FE15539B-2EF9-47F6-996D-696AC1F61AC4} folder moved successfully.
C:\Users\Rüger\AppData\Roaming\14001.006\components folder moved successfully.
C:\Users\Rüger\AppData\Roaming\14001.006 folder moved successfully.
C:\Users\Rüger\AppData\Roaming\14001.007\components folder moved successfully.
C:\Users\Rüger\AppData\Roaming\14001.007 folder moved successfully.
C:\Users\Rüger\AppData\Roaming\14001.008\components folder moved successfully.
C:\Users\Rüger\AppData\Roaming\14001.008 folder moved successfully.
C:\Users\Rüger\AppData\Roaming\14001.009\components folder moved successfully.
C:\Users\Rüger\AppData\Roaming\14001.009 folder moved successfully.
C:\Users\Rüger\AppData\Roaming\14001.010\components folder moved successfully.
C:\Users\Rüger\AppData\Roaming\14001.010 folder moved successfully.
C:\Users\Rüger\AppData\Roaming\14001.011\components folder moved successfully.
C:\Users\Rüger\AppData\Roaming\14001.011 folder moved successfully.
C:\Users\Rüger\AppData\Roaming\14001.012\components folder moved successfully.
C:\Users\Rüger\AppData\Roaming\14001.012 folder moved successfully.
C:\Users\Rüger\AppData\Roaming\14001.013\components folder moved successfully.
C:\Users\Rüger\AppData\Roaming\14001.013 folder moved successfully.
C:\Users\Rüger\AppData\Roaming\14001.014\components folder moved successfully.
C:\Users\Rüger\AppData\Roaming\14001.014 folder moved successfully.
C:\Users\Rüger\AppData\Roaming\14001.015\components folder moved successfully.
C:\Users\Rüger\AppData\Roaming\14001.015 folder moved successfully.
C:\Users\Rüger\AppData\Roaming\14001.016\components folder moved successfully.
C:\Users\Rüger\AppData\Roaming\14001.016 folder moved successfully.
C:\Users\Rüger\AppData\Roaming\14001.017\components folder moved successfully.
C:\Users\Rüger\AppData\Roaming\14001.017 folder moved successfully.
C:\Users\Rüger\AppData\Roaming\14001.018\components folder moved successfully.
C:\Users\Rüger\AppData\Roaming\14001.018 folder moved successfully.
C:\Users\Rüger\AppData\Roaming\14001.019\components folder moved successfully.
C:\Users\Rüger\AppData\Roaming\14001.019 folder moved successfully.
C:\ProgramData\ceisyqggldqqwul moved successfully.
C:\ProgramData\go_0molg.pad moved successfully.
C:\Users\Rüger\AppData\Roaming\kock folder moved successfully.
C:\Users\Rüger\AppData\Roaming\xmldm folder moved successfully.
C:\Users\Rüger\AppData\Roaming\UAs folder moved successfully.
< ipconfig /flushdns /c >
No captured output from command...
C:\Users\Rüger\Desktop\cmd.bat deleted successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 396 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: Public
User: Rüger
->Temp folder emptied: 143507117 bytes
->Temporary Internet Files folder emptied: 82988253 bytes
->Java cache emptied: 5702201 bytes
->FireFox cache emptied: 379012670 bytes
->Google Chrome cache emptied: 8794365 bytes
->Flash cache emptied: 227411 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 5647998 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 52524 bytes
RecycleBin emptied: 362072341 bytes
Total Files Cleaned = 942,00 mb
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
OTL by OldTimer - Version 3.2.61.4 log created on 09162012_125921
Files\Folders moved on Reboot...
C:\Users\Rüger\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
PendingFileRenameOperations files...
Registry entries deleted on Reboot...
|
|
16.09.2012, 18:34
| #17 | |
| /// Winkelfunktion /// TB-Süch-Tiger™   | rkit/agent.dfjvZitat:
__________________ |
|
16.09.2012, 21:33
| #18 |
| | rkit/agent.dfjvCode:
ATTFilter 16.09.2012,17:51:21 [FUND] Enthält Erkennungsmuster des Rootkits RKIT/Agent.dfjv!
C:\Users\Rüger\AppData\Roaming\BAcroIEHelpe205.dll
[INFO] Benutzer: NT-AUTORITÄT\SYSTEM
[INFO] Der Zugriff auf die Datei wurde verweigert!
Code:
ATTFilter Avira Free Antivirus
Erstellungsdatum der Reportdatei: Sonntag, 16. September 2012 22:51
Es wird nach 4225332 Virenstämmen gesucht.
Das Programm läuft als uneingeschränkte Vollversion.
Online-Dienste stehen zur Verfügung.
Lizenznehmer : Avira AntiVir Personal - Free Antivirus
Seriennummer : 0000149996-ADJIE-0000001
Plattform : Windows 7 Home Premium
Windowsversion : (Service Pack 1) [6.1.7601]
Boot Modus : Normal gebootet
Benutzername : Rüger
Computername : RÜGER-PC
Versionsinformationen:
BUILD.DAT : 12.0.0.1199 40869 Bytes 07.09.2012 22:14:00
AVSCAN.EXE : 12.3.0.33 468472 Bytes 08.08.2012 19:30:00
AVSCAN.DLL : 12.3.0.15 66256 Bytes 26.05.2012 12:06:04
LUKE.DLL : 12.3.0.15 68304 Bytes 26.05.2012 12:06:04
AVSCPLR.DLL : 12.3.0.14 97032 Bytes 26.05.2012 12:06:05
AVREG.DLL : 12.3.0.17 232200 Bytes 26.05.2012 12:06:05
VBASE000.VDF : 7.10.0.0 19875328 Bytes 06.11.2009 18:18:34
VBASE001.VDF : 7.11.0.0 13342208 Bytes 14.12.2010 09:07:39
VBASE002.VDF : 7.11.19.170 14374912 Bytes 20.12.2011 19:15:33
VBASE003.VDF : 7.11.21.238 4472832 Bytes 01.02.2012 22:05:01
VBASE004.VDF : 7.11.26.44 4329472 Bytes 28.03.2012 08:06:36
VBASE005.VDF : 7.11.34.116 4034048 Bytes 29.06.2012 19:44:26
VBASE006.VDF : 7.11.41.250 4902400 Bytes 06.09.2012 06:05:07
VBASE007.VDF : 7.11.41.251 2048 Bytes 06.09.2012 06:05:07
VBASE008.VDF : 7.11.41.252 2048 Bytes 06.09.2012 06:05:07
VBASE009.VDF : 7.11.41.253 2048 Bytes 06.09.2012 06:05:08
VBASE010.VDF : 7.11.41.254 2048 Bytes 06.09.2012 06:05:08
VBASE011.VDF : 7.11.41.255 2048 Bytes 06.09.2012 06:05:08
VBASE012.VDF : 7.11.42.0 2048 Bytes 06.09.2012 06:05:08
VBASE013.VDF : 7.11.42.1 2048 Bytes 06.09.2012 06:05:08
VBASE014.VDF : 7.11.42.65 203264 Bytes 09.09.2012 12:54:12
VBASE015.VDF : 7.11.42.125 156672 Bytes 11.09.2012 14:44:12
VBASE016.VDF : 7.11.42.171 187904 Bytes 12.09.2012 14:44:16
VBASE017.VDF : 7.11.42.235 141312 Bytes 13.09.2012 14:43:41
VBASE018.VDF : 7.11.43.35 133632 Bytes 15.09.2012 15:12:11
VBASE019.VDF : 7.11.43.36 2048 Bytes 15.09.2012 15:12:11
VBASE020.VDF : 7.11.43.37 2048 Bytes 15.09.2012 15:12:11
VBASE021.VDF : 7.11.43.38 2048 Bytes 15.09.2012 15:12:11
VBASE022.VDF : 7.11.43.39 2048 Bytes 15.09.2012 15:12:11
VBASE023.VDF : 7.11.43.40 2048 Bytes 15.09.2012 15:12:11
VBASE024.VDF : 7.11.43.41 2048 Bytes 15.09.2012 15:12:11
VBASE025.VDF : 7.11.43.42 2048 Bytes 15.09.2012 15:12:11
VBASE026.VDF : 7.11.43.43 2048 Bytes 15.09.2012 15:12:11
VBASE027.VDF : 7.11.43.44 2048 Bytes 15.09.2012 15:12:11
VBASE028.VDF : 7.11.43.45 2048 Bytes 15.09.2012 15:12:11
VBASE029.VDF : 7.11.43.46 2048 Bytes 15.09.2012 15:12:11
VBASE030.VDF : 7.11.43.47 2048 Bytes 15.09.2012 15:12:11
VBASE031.VDF : 7.11.43.60 52224 Bytes 16.09.2012 15:35:14
Engineversion : 8.2.10.162
AEVDF.DLL : 8.1.2.10 102772 Bytes 13.07.2012 14:05:12
AESCRIPT.DLL : 8.1.4.52 459131 Bytes 14.09.2012 14:43:49
AESCN.DLL : 8.1.8.2 131444 Bytes 27.01.2012 20:39:38
AESBX.DLL : 8.2.5.12 606578 Bytes 14.06.2012 18:05:37
AERDL.DLL : 8.1.9.15 639348 Bytes 08.09.2011 21:16:06
AEPACK.DLL : 8.3.0.36 811382 Bytes 14.09.2012 14:43:48
AEOFFICE.DLL : 8.1.2.42 201083 Bytes 20.07.2012 06:42:08
AEHEUR.DLL : 8.1.4.100 5280120 Bytes 14.09.2012 14:43:47
AEHELP.DLL : 8.1.23.2 258422 Bytes 28.06.2012 19:44:24
AEGEN.DLL : 8.1.5.36 434549 Bytes 24.08.2012 12:01:27
AEEXP.DLL : 8.1.0.86 90484 Bytes 08.09.2012 06:16:31
AEEMU.DLL : 8.1.3.2 393587 Bytes 13.07.2012 14:04:23
AECORE.DLL : 8.1.27.4 201078 Bytes 07.08.2012 19:29:26
AEBB.DLL : 8.1.1.0 53618 Bytes 01.09.2011 21:46:01
AVWINLL.DLL : 12.3.0.15 27344 Bytes 26.05.2012 12:06:03
AVPREF.DLL : 12.3.0.15 51920 Bytes 26.05.2012 12:06:04
AVREP.DLL : 12.3.0.15 179208 Bytes 26.05.2012 12:06:05
AVARKT.DLL : 12.3.0.15 211408 Bytes 26.05.2012 12:06:03
AVEVTLOG.DLL : 12.3.0.15 169168 Bytes 26.05.2012 12:06:04
SQLITE3.DLL : 3.7.0.1 398288 Bytes 26.05.2012 12:06:05
AVSMTP.DLL : 12.3.0.32 63480 Bytes 08.08.2012 19:30:00
NETNT.DLL : 12.3.0.15 17104 Bytes 26.05.2012 12:06:04
RCIMAGE.DLL : 12.3.0.31 4444408 Bytes 08.08.2012 19:29:56
RCTEXT.DLL : 12.3.0.31 100088 Bytes 08.08.2012 19:29:56
Konfiguration für den aktuellen Suchlauf:
Job Name..............................: Schnelle Systemprüfung
Konfigurationsdatei...................: C:\Program Files (x86)\Avira\AntiVir Desktop\quicksysscan.avp
Protokollierung.......................: standard
Primäre Aktion........................: interaktiv
Sekundäre Aktion......................: ignorieren
Durchsuche Masterbootsektoren.........: ein
Durchsuche Bootsektoren...............: ein
Bootsektoren..........................: C:,
Durchsuche aktive Programme...........: ein
Durchsuche Registrierung..............: ein
Suche nach Rootkits...................: aus
Integritätsprüfung von Systemdateien..: aus
Datei Suchmodus.......................: Intelligente Dateiauswahl
Durchsuche Archive....................: ein
Rekursionstiefe einschränken..........: 20
Archiv Smart Extensions...............: ein
Makrovirenheuristik...................: ein
Dateiheuristik........................: erweitert
Beginn des Suchlaufs: Sonntag, 16. September 2012 22:51
Der Suchlauf über die Masterbootsektoren wird begonnen:
Masterbootsektor HD0
[INFO] Es wurde kein Virus gefunden!
Der Suchlauf über die Bootsektoren wird begonnen:
Bootsektor 'C:\'
[INFO] Es wurde kein Virus gefunden!
Der Suchlauf über gestartete Prozesse wird begonnen:
Durchsuche Prozess 'avscan.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'avcenter.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'PCCompanionInfo.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'avgnt.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'PCCompanion.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'DMREngine.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'CVHSVC.EXE' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'clear.fiAgent.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'sftlist.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'sftvsa.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'avguard.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'sched.exe' - '1' Modul(e) wurden durchsucht
Der Suchlauf auf Verweise zu ausführbaren Dateien (Registry) wird begonnen:
Die Registry wurde durchsucht ( '1543' Dateien ).
Der Suchlauf über die ausgewählten Dateien wird begonnen:
Beginne mit der Suche in 'C:\Users\Rüger'
C:\Users\Rüger\AppData\Roaming\BAcroIEHelpe192.dll
[FUND] Ist das Trojanische Pferd TR/Spy.Gen
C:\Users\Rüger\AppData\Roaming\BAcroIEHelpe205.dll
[FUND] Enthält Erkennungsmuster des Rootkits RKIT/Agent.dfjv
C:\Users\Rüger\Downloads\avira_free_antivirus_de870.exe
[WARNUNG] Die Datei ist kennwortgeschützt
C:\Users\Rüger\Downloads\SetupCloneDVD2930.exe
[WARNUNG] Die komprimierten Daten sind fehlerhaft
C:\Users\Rüger\Downloads\wlsetup-all.exe
[0] Archivtyp: Portable Executable Resource
--> P39564799
[1] Archivtyp: CAB (Microsoft)
--> WriterProdLang.7z
[2] Archivtyp: 7-Zip
--> WriterProdLang.cab
[3] Archivtyp: CAB (Microsoft)
--> writerprodlang.msi
[WARNUNG] Die Datei konnte nicht gelesen werden!
--> P7563067
[1] Archivtyp: CAB (Microsoft)
--> LanguageSelector64.7z
[2] Archivtyp: 7-Zip
--> LanguageSelector64.cab
[3] Archivtyp: CAB (Microsoft)
--> LanguageSelector64.msi
[WARNUNG] Die Datei konnte nicht gelesen werden!
Beginne mit der Suche in 'C:\Windows'
Beginne mit der Suche in 'C:\Users\'
C:\Users\Rüger\AppData\Roaming\BAcroIEHelpe192.dll
[FUND] Ist das Trojanische Pferd TR/Spy.Gen
C:\Users\Rüger\AppData\Roaming\BAcroIEHelpe205.dll
[FUND] Enthält Erkennungsmuster des Rootkits RKIT/Agent.dfjv
C:\Users\Rüger\Downloads\avira_free_antivirus_de870.exe
[WARNUNG] Die Datei ist kennwortgeschützt
C:\Users\Rüger\Downloads\SetupCloneDVD2930.exe
[WARNUNG] Die komprimierten Daten sind fehlerhaft
C:\Users\Rüger\Downloads\wlsetup-all.exe
[0] Archivtyp: Portable Executable Resource
--> P39564799
[1] Archivtyp: CAB (Microsoft)
--> WriterProdLang.7z
[2] Archivtyp: 7-Zip
--> WriterProdLang.cab
[3] Archivtyp: CAB (Microsoft)
--> writerprodlang.msi
[WARNUNG] Die Datei konnte nicht gelesen werden!
--> P7563067
[1] Archivtyp: CAB (Microsoft)
--> LanguageSelector64.7z
[2] Archivtyp: 7-Zip
--> LanguageSelector64.cab
[3] Archivtyp: CAB (Microsoft)
--> LanguageSelector64.msi
[WARNUNG] Die Datei konnte nicht gelesen werden!
Beginne mit der Suche in 'C:\Program Files (x86)'
C:\Program Files (x86)\WinRAR\rarnew.dat
[WARNUNG] Das Archiv ist unbekannt oder defekt
Beginne mit der Desinfektion:
C:\Users\Rüger\AppData\Roaming\BAcroIEHelpe205.dll
[FUND] Enthält Erkennungsmuster des Rootkits RKIT/Agent.dfjv
[HINWEIS] Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '5577ec3e.qua' verschoben!
C:\Users\Rüger\AppData\Roaming\BAcroIEHelpe192.dll
[FUND] Ist das Trojanische Pferd TR/Spy.Gen
[HINWEIS] Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '4de0c399.qua' verschoben!
Ende des Suchlaufs: Montag, 17. September 2012 00:03
Benötigte Zeit: 1:10:23 Stunde(n)
Der Suchlauf wurde vollständig durchgeführt.
34169 Verzeichnisse wurden überprüft
770242 Dateien wurden geprüft
4 Viren bzw. unerwünschte Programme wurden gefunden
0 Dateien wurden als verdächtig eingestuft
0 Dateien wurden gelöscht
0 Viren bzw. unerwünschte Programme wurden repariert
2 Dateien wurden in die Quarantäne verschoben
0 Dateien wurden umbenannt
0 Dateien konnten nicht durchsucht werden
770238 Dateien ohne Befall
5104 Archive wurden durchsucht
9 Warnungen
2 Hinweise
|
|
17.09.2012, 11:21
| #19 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | rkit/agent.dfjv Mach bitte einen neuen OTL-Fix, alles wie gehabt und oben beschrieben, nur bitte nimm dieses Fixscript: Code:
ATTFilter :Files
C:\Users\Rüger\AppData\Roaming\*.dll
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
17.09.2012, 12:26
| #20 |
| | rkit/agent.dfjvCode:
ATTFilter ========== FILES ==========
C:\Users\Rüger\AppData\Roaming\AcroIEHelpe205.dll moved successfully.
OTL by OldTimer - Version 3.2.61.4 log created on 09172012_132459
|
|
17.09.2012, 12:39
| #21 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | rkit/agent.dfjv Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten Anleitung und Downloadlink hier => http://www.trojaner-board.de/82358-t...entfernen.html Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm! Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet, Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten. Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition ( meistens Laufwerk C: ) nach, da speichert der TDSS-Killer seine Logs. Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten! 
__________________ --> rkit/agent.dfjv |
|
17.09.2012, 12:51
| #22 |
| | rkit/agent.dfjvCode:
ATTFilter 13:43:54.0873 2416 TDSS rootkit removing tool 2.8.8.0 Aug 24 2012 13:27:48
13:44:13.0340 2416 ============================================================
13:44:13.0340 2416 Current date / time: 2012/09/17 13:44:13.0340
13:44:13.0340 2416 SystemInfo:
13:44:13.0340 2416
13:44:13.0340 2416 OS Version: 6.1.7601 ServicePack: 1.0
13:44:13.0340 2416 Product type: Workstation
13:44:13.0341 2416 ComputerName: RÜGER-PC
13:44:13.0341 2416 UserName: Rüger
13:44:13.0341 2416 Windows directory: C:\Windows
13:44:13.0341 2416 System windows directory: C:\Windows
13:44:13.0342 2416 Running under WOW64
13:44:13.0342 2416 Processor architecture: Intel x64
13:44:13.0342 2416 Number of processors: 2
13:44:13.0342 2416 Page size: 0x1000
13:44:13.0342 2416 Boot type: Normal boot
13:44:13.0342 2416 ============================================================
13:44:15.0055 2416 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
13:44:15.0068 2416 ============================================================
13:44:15.0068 2416 \Device\Harddisk0\DR0:
13:44:15.0068 2416 MBR partitions:
13:44:15.0068 2416 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1F00800, BlocksNum 0x32000
13:44:15.0068 2416 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1F32800, BlocksNum 0x38453000
13:44:15.0068 2416 ============================================================
13:44:15.0091 2416 C: <-> \Device\Harddisk0\DR0\Partition2
13:44:15.0091 2416 ============================================================
13:44:15.0092 2416 Initialize success
13:44:15.0092 2416 ============================================================
13:45:37.0736 3492 ============================================================
13:45:37.0736 3492 Scan started
13:45:37.0736 3492 Mode: Manual; SigCheck; TDLFS;
13:45:37.0736 3492 ============================================================
13:45:38.0984 3492 ================ Scan system memory ========================
13:45:38.0984 3492 System memory - ok
13:45:38.0984 3492 ================ Scan services =============================
13:45:39.0234 3492 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
13:45:39.0452 3492 1394ohci - ok
13:45:39.0515 3492 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
13:45:39.0546 3492 ACPI - ok
13:45:39.0593 3492 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
13:45:39.0749 3492 AcpiPmi - ok
13:45:39.0905 3492 [ 62B7936F9036DD6ED36E6A7EFA805DC0 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
13:45:39.0936 3492 AdobeARMservice - ok
13:45:40.0061 3492 [ 990DC6EDC9F933194D7CD4E65146BC94 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
13:45:40.0108 3492 AdobeFlashPlayerUpdateSvc - ok
13:45:40.0170 3492 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
13:45:40.0217 3492 adp94xx - ok
13:45:40.0232 3492 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
13:45:40.0264 3492 adpahci - ok
13:45:40.0295 3492 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
13:45:40.0326 3492 adpu320 - ok
13:45:40.0373 3492 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
13:45:40.0654 3492 AeLookupSvc - ok
13:45:40.0732 3492 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
13:45:40.0872 3492 AFD - ok
13:45:40.0919 3492 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
13:45:40.0950 3492 agp440 - ok
13:45:40.0981 3492 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
13:45:41.0090 3492 ALG - ok
13:45:41.0106 3492 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
13:45:41.0137 3492 aliide - ok
13:45:41.0215 3492 [ 0497E13936E43065C85BE3C9CDC0258B ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
13:45:41.0340 3492 AMD External Events Utility - ok
13:45:41.0371 3492 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
13:45:41.0387 3492 amdide - ok
13:45:41.0434 3492 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
13:45:41.0496 3492 AmdK8 - ok
13:45:41.0761 3492 [ 679999D8808C1784DCB9BD59C19AE32F ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
13:45:42.0104 3492 amdkmdag - ok
13:45:42.0182 3492 [ A4769EAF3936DA861B9B1C9E5BD2FC52 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
13:45:42.0260 3492 amdkmdap - ok
13:45:42.0307 3492 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
13:45:42.0370 3492 AmdPPM - ok
13:45:42.0401 3492 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
13:45:42.0432 3492 amdsata - ok
13:45:42.0494 3492 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
13:45:42.0526 3492 amdsbs - ok
13:45:42.0541 3492 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
13:45:42.0557 3492 amdxata - ok
13:45:42.0650 3492 [ 466A0D95960DAD3222C896D2CEA99993 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
13:45:42.0697 3492 AntiVirSchedulerService - ok
13:45:42.0728 3492 [ A489BE6BB0AA1FF406B488B60542314B ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
13:45:42.0760 3492 AntiVirService - ok
13:45:42.0791 3492 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
13:45:43.0040 3492 AppID - ok
13:45:43.0103 3492 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
13:45:43.0196 3492 AppIDSvc - ok
13:45:43.0228 3492 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
13:45:43.0352 3492 Appinfo - ok
13:45:43.0399 3492 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
13:45:43.0415 3492 arc - ok
13:45:43.0430 3492 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
13:45:43.0446 3492 arcsas - ok
13:45:43.0477 3492 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
13:45:43.0571 3492 AsyncMac - ok
13:45:43.0618 3492 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
13:45:43.0649 3492 atapi - ok
13:45:43.0742 3492 [ CBE61B4494165F458BD87E37181EE934 ] AthBTPort C:\Windows\system32\DRIVERS\btath_flt.sys
13:45:43.0774 3492 AthBTPort - ok
13:45:43.0820 3492 [ 36F78F8342BEAC4F7B3274EF7438E349 ] AtherosSvc C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
13:45:43.0836 3492 AtherosSvc - ok
13:45:43.0961 3492 [ E642491F64E58CD5BC8FB8B347DCF65F ] athr C:\Windows\system32\DRIVERS\athrx.sys
13:45:44.0117 3492 athr - ok
13:45:44.0320 3492 [ 2D648572BA9A610952FCAFBA1E119C2D ] AtiHdmiService C:\Windows\system32\drivers\AtiHdmi.sys
13:45:44.0382 3492 AtiHdmiService - ok
13:45:44.0429 3492 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
13:45:44.0538 3492 AudioEndpointBuilder - ok
13:45:44.0569 3492 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
13:45:44.0632 3492 AudioSrv - ok
13:45:44.0694 3492 [ 26E38B5A58C6C55FAFBC563EEDDB0867 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
13:45:44.0710 3492 avgntflt - ok
13:45:44.0819 3492 [ 9D1F00BEFF84CBBF46D7F052BC7E0565 ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
13:45:44.0850 3492 avipbb - ok
13:45:44.0912 3492 [ 248DB59FC86DE44D2779F4C7FB1A567D ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
13:45:44.0928 3492 avkmgr - ok
13:45:44.0975 3492 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
13:45:45.0115 3492 AxInstSV - ok
13:45:45.0162 3492 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
13:45:45.0271 3492 b06bdrv - ok
13:45:45.0302 3492 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
13:45:45.0365 3492 b57nd60a - ok
13:45:45.0412 3492 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
13:45:45.0536 3492 BDESVC - ok
13:45:45.0599 3492 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
13:45:45.0708 3492 Beep - ok
13:45:45.0770 3492 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
13:45:45.0880 3492 BFE - ok
13:45:45.0958 3492 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
13:45:46.0082 3492 BITS - ok
13:45:46.0145 3492 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
13:45:46.0192 3492 blbdrive - ok
13:45:46.0254 3492 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
13:45:46.0348 3492 bowser - ok
13:45:46.0379 3492 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
13:45:46.0504 3492 BrFiltLo - ok
13:45:46.0504 3492 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
13:45:46.0535 3492 BrFiltUp - ok
13:45:46.0582 3492 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
13:45:46.0675 3492 Browser - ok
13:45:46.0691 3492 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
13:45:46.0816 3492 Brserid - ok
13:45:46.0831 3492 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
13:45:46.0878 3492 BrSerWdm - ok
13:45:46.0894 3492 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
13:45:46.0940 3492 BrUsbMdm - ok
13:45:46.0956 3492 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
13:45:46.0987 3492 BrUsbSer - ok
13:45:47.0081 3492 [ FE70889A85C57A9268101B2DB0474509 ] BTATH_A2DP C:\Windows\system32\drivers\btath_a2dp.sys
13:45:47.0112 3492 BTATH_A2DP - ok
13:45:47.0143 3492 [ A83A91D07D1FE6BBE7A9DB46CA00434B ] BTATH_BUS C:\Windows\system32\DRIVERS\btath_bus.sys
13:45:47.0159 3492 BTATH_BUS - ok
13:45:47.0221 3492 [ C864FF85EE16D61C2BDD5EF76824625F ] BTATH_HCRP C:\Windows\system32\DRIVERS\btath_hcrp.sys
13:45:47.0237 3492 BTATH_HCRP - ok
13:45:47.0268 3492 [ 0DEA505EFB5D771826D177EF8B8A208F ] BTATH_LWFLT C:\Windows\system32\DRIVERS\btath_lwflt.sys
13:45:47.0284 3492 BTATH_LWFLT - ok
13:45:47.0299 3492 [ 724C8088C96EFE7A3E63FEC21D4681C0 ] BTATH_RCP C:\Windows\system32\DRIVERS\btath_rcp.sys
13:45:47.0330 3492 BTATH_RCP - ok
13:45:47.0393 3492 [ DCE0798FD5BB4E452227EC58700956F5 ] BtFilter C:\Windows\system32\DRIVERS\btfilter.sys
13:45:47.0424 3492 BtFilter - ok
13:45:47.0486 3492 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
13:45:47.0627 3492 BthEnum - ok
13:45:47.0658 3492 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
13:45:47.0705 3492 BTHMODEM - ok
13:45:47.0752 3492 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
13:45:47.0783 3492 BthPan - ok
13:45:47.0814 3492 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
13:45:47.0908 3492 BTHPORT - ok
13:45:47.0939 3492 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
13:45:48.0032 3492 bthserv - ok
13:45:48.0064 3492 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
13:45:48.0126 3492 BTHUSB - ok
13:45:48.0157 3492 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
13:45:48.0251 3492 cdfs - ok
13:45:48.0298 3492 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
13:45:48.0391 3492 cdrom - ok
13:45:48.0438 3492 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
13:45:48.0500 3492 CertPropSvc - ok
13:45:48.0547 3492 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
13:45:48.0594 3492 circlass - ok
13:45:48.0656 3492 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
13:45:48.0688 3492 CLFS - ok
13:45:48.0781 3492 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
13:45:48.0812 3492 clr_optimization_v2.0.50727_32 - ok
13:45:48.0859 3492 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
13:45:48.0890 3492 clr_optimization_v2.0.50727_64 - ok
13:45:48.0984 3492 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
13:45:49.0031 3492 clr_optimization_v4.0.30319_32 - ok
13:45:49.0109 3492 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
13:45:49.0156 3492 clr_optimization_v4.0.30319_64 - ok
13:45:49.0218 3492 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
13:45:49.0265 3492 CmBatt - ok
13:45:49.0343 3492 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
13:45:49.0374 3492 cmdide - ok
13:45:49.0452 3492 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
13:45:49.0530 3492 CNG - ok
13:45:49.0608 3492 [ 9F005CED6A6A11AECC536FDAA17E7A04 ] CnxtHdAudService C:\Windows\system32\drivers\CHDRT64.sys
13:45:49.0702 3492 CnxtHdAudService - ok
13:45:49.0733 3492 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
13:45:49.0748 3492 Compbatt - ok
13:45:49.0795 3492 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
13:45:49.0858 3492 CompositeBus - ok
13:45:49.0858 3492 COMSysApp - ok
13:45:49.0889 3492 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
13:45:49.0920 3492 crcdisk - ok
13:45:49.0967 3492 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\Windows\system32\cryptsvc.dll
13:45:50.0060 3492 CryptSvc - ok
13:45:50.0170 3492 [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
13:45:50.0216 3492 cvhsvc - ok
13:45:50.0279 3492 [ 9D0D050170D47E778B624A28C90F23DE ] CxAudMsg C:\Windows\system32\CxAudMsg64.exe
13:45:50.0310 3492 CxAudMsg - ok
13:45:50.0341 3492 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
13:45:50.0450 3492 DcomLaunch - ok
13:45:50.0497 3492 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
13:45:50.0575 3492 defragsvc - ok
13:45:50.0653 3492 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
13:45:50.0731 3492 DfsC - ok
13:45:50.0762 3492 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
13:45:50.0856 3492 Dhcp - ok
13:45:50.0918 3492 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
13:45:51.0012 3492 discache - ok
13:45:51.0074 3492 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
13:45:51.0106 3492 Disk - ok
13:45:51.0137 3492 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
13:45:51.0199 3492 Dnscache - ok
13:45:51.0230 3492 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
13:45:51.0324 3492 dot3svc - ok
13:45:51.0371 3492 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
13:45:51.0464 3492 DPS - ok
13:45:51.0511 3492 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
13:45:51.0558 3492 drmkaud - ok
13:45:51.0683 3492 [ 4AB2A58816CC6BE771F1D8C768B804C5 ] DsiWMIService C:\Program Files (x86)\Launch Manager\dsiwmis.exe
13:45:51.0730 3492 DsiWMIService - ok
13:45:51.0808 3492 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
13:45:51.0886 3492 DXGKrnl - ok
13:45:51.0917 3492 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
13:45:52.0010 3492 EapHost - ok
13:45:52.0104 3492 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
13:45:52.0260 3492 ebdrv - ok
13:45:52.0307 3492 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
13:45:52.0432 3492 EFS - ok
13:45:52.0478 3492 [ 03E6888DA1A85ACF14AC2A3C328A9E62 ] EgisTec Ticket Service C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe
13:45:52.0510 3492 EgisTec Ticket Service - ok
13:45:52.0634 3492 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
13:45:52.0775 3492 ehRecvr - ok
13:45:52.0806 3492 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
13:45:52.0837 3492 ehSched - ok
13:45:52.0900 3492 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
13:45:52.0931 3492 elxstor - ok
13:45:53.0056 3492 [ EB1C213A8550F066B2CCC29C9F41E2AE ] ePowerSvc C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
13:45:53.0118 3492 ePowerSvc - ok
13:45:53.0134 3492 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
13:45:53.0180 3492 ErrDev - ok
13:45:53.0243 3492 [ 9D8739A2A2173C9D27C499A3FC6EDA3F ] ETD C:\Windows\system32\DRIVERS\ETD.sys
13:45:53.0258 3492 ETD - ok
13:45:53.0305 3492 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
13:45:53.0399 3492 EventSystem - ok
13:45:53.0492 3492 [ 251AF86E0A4DDF3A6B181ED5103B06B1 ] ewusbnet C:\Windows\system32\DRIVERS\ewusbnet.sys
13:45:53.0586 3492 ewusbnet - ok
13:45:53.0602 3492 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
13:45:53.0711 3492 exfat - ok
13:45:53.0758 3492 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
13:45:53.0851 3492 fastfat - ok
13:45:53.0929 3492 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
13:45:54.0038 3492 Fax - ok
13:45:54.0054 3492 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
13:45:54.0101 3492 fdc - ok
13:45:54.0148 3492 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
13:45:54.0226 3492 fdPHost - ok
13:45:54.0241 3492 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
13:45:54.0335 3492 FDResPub - ok
13:45:54.0382 3492 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
13:45:54.0397 3492 FileInfo - ok
13:45:54.0428 3492 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
13:45:54.0522 3492 Filetrace - ok
13:45:54.0600 3492 [ BB0667B0171B632B97EA759515476F07 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
13:45:54.0631 3492 FLEXnet Licensing Service - ok
13:45:54.0662 3492 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
13:45:54.0709 3492 flpydisk - ok
13:45:54.0740 3492 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
13:45:54.0772 3492 FltMgr - ok
13:45:54.0834 3492 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
13:45:54.0959 3492 FontCache - ok
13:45:55.0052 3492 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
13:45:55.0084 3492 FontCache3.0.0.0 - ok
13:45:55.0115 3492 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
13:45:55.0146 3492 FsDepends - ok
13:45:55.0224 3492 [ 07DA62C960DDCCC2D35836AEAB4FC578 ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys
13:45:55.0240 3492 fssfltr - ok
13:45:55.0380 3492 [ 28DDEEEC44E988657B732CF404D504CB ] fsssvc C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
13:45:55.0474 3492 fsssvc - ok
13:45:55.0520 3492 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
13:45:55.0536 3492 Fs_Rec - ok
13:45:55.0583 3492 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
13:45:55.0614 3492 fvevol - ok
13:45:55.0661 3492 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
13:45:55.0676 3492 gagp30kx - ok
13:45:55.0739 3492 [ 16C2A6BCDDA8952C2035DEC861492A19 ] ggflt C:\Windows\system32\DRIVERS\ggflt.sys
13:45:55.0770 3492 ggflt - ok
13:45:55.0817 3492 [ 6B503DF845EABF3457E49FBBDA26C10E ] ggsemc C:\Windows\system32\DRIVERS\ggsemc.sys
13:45:55.0832 3492 ggsemc - ok
13:45:55.0910 3492 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
13:45:56.0020 3492 gpsvc - ok
13:45:56.0082 3492 [ 0191DEE9B9EB7902AF2CF4F67301095D ] GREGService C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
13:45:56.0098 3492 GREGService - ok
13:45:56.0207 3492 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
13:45:56.0254 3492 gupdate - ok
13:45:56.0300 3492 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
13:45:56.0316 3492 gupdatem - ok
13:45:56.0363 3492 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
13:45:56.0441 3492 hcw85cir - ok
13:45:56.0503 3492 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
13:45:56.0550 3492 HdAudAddService - ok
13:45:56.0628 3492 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
13:45:56.0675 3492 HDAudBus - ok
13:45:56.0737 3492 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
13:45:56.0768 3492 HidBatt - ok
13:45:56.0800 3492 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
13:45:56.0846 3492 HidBth - ok
13:45:56.0862 3492 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
13:45:56.0893 3492 HidIr - ok
13:45:56.0924 3492 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
13:45:57.0018 3492 hidserv - ok
13:45:57.0049 3492 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
13:45:57.0080 3492 HidUsb - ok
13:45:57.0143 3492 [ 44F92C1F913E582BEF9CAC66443C6230 ] hitmanpro36 C:\Windows\system32\drivers\hitmanpro36.sys
13:45:57.0190 3492 hitmanpro36 - ok
13:45:57.0221 3492 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
13:45:57.0283 3492 hkmsvc - ok
13:45:57.0330 3492 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
13:45:57.0392 3492 HomeGroupListener - ok
13:45:57.0424 3492 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
13:45:57.0486 3492 HomeGroupProvider - ok
13:45:57.0517 3492 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
13:45:57.0548 3492 HpSAMD - ok
13:45:57.0611 3492 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
13:45:57.0736 3492 HTTP - ok
13:45:57.0767 3492 [ 4B5C07DB91A0099272FAAE732E1152BD ] hwdatacard C:\Windows\system32\DRIVERS\ewusbmdm.sys
13:45:57.0829 3492 hwdatacard - ok
13:45:57.0892 3492 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
13:45:57.0907 3492 hwpolicy - ok
13:45:57.0985 3492 [ 9C13A2691AC410CC7469F298684DCA5D ] hwusbfake C:\Windows\system32\DRIVERS\ewusbfake.sys
13:45:58.0048 3492 hwusbfake - ok
13:45:58.0094 3492 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
13:45:58.0126 3492 i8042prt - ok
13:45:58.0157 3492 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
13:45:58.0188 3492 iaStorV - ok
13:45:58.0235 3492 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
13:45:58.0313 3492 idsvc - ok
13:45:58.0344 3492 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
13:45:58.0375 3492 iirsp - ok
13:45:58.0406 3492 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
13:45:58.0531 3492 IKEEXT - ok
13:45:58.0562 3492 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
13:45:58.0578 3492 intelide - ok
13:45:58.0594 3492 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
13:45:58.0640 3492 intelppm - ok
13:45:58.0672 3492 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
13:45:58.0765 3492 IPBusEnum - ok
13:45:58.0796 3492 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
13:45:58.0890 3492 IpFilterDriver - ok
13:45:58.0952 3492 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
13:45:59.0077 3492 iphlpsvc - ok
13:45:59.0108 3492 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
13:45:59.0155 3492 IPMIDRV - ok
13:45:59.0202 3492 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
13:45:59.0296 3492 IPNAT - ok
13:45:59.0311 3492 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
13:45:59.0436 3492 IRENUM - ok
13:45:59.0452 3492 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
13:45:59.0467 3492 isapnp - ok
13:45:59.0514 3492 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
13:45:59.0545 3492 iScsiPrt - ok
13:45:59.0592 3492 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
13:45:59.0608 3492 kbdclass - ok
13:45:59.0654 3492 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
13:45:59.0670 3492 kbdhid - ok
13:45:59.0701 3492 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
13:45:59.0732 3492 KeyIso - ok
13:45:59.0764 3492 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
13:45:59.0795 3492 KSecDD - ok
13:45:59.0810 3492 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
13:45:59.0842 3492 KSecPkg - ok
13:45:59.0904 3492 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
13:45:59.0982 3492 ksthunk - ok
13:46:00.0044 3492 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
13:46:00.0138 3492 KtmRm - ok
13:46:00.0185 3492 [ 0E154DA6CA9105354A07D0C576804037 ] L1C C:\Windows\system32\DRIVERS\L1C62x64.sys
13:46:00.0216 3492 L1C - ok
13:46:00.0278 3492 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
13:46:00.0388 3492 LanmanServer - ok
13:46:00.0419 3492 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
13:46:00.0512 3492 LanmanWorkstation - ok
13:46:00.0590 3492 [ 6BCEE9C766815BFFF89DE7D81AF34CE1 ] Live Updater Service C:\Program Files\Acer\Acer Updater\UpdaterService.exe
13:46:00.0606 3492 Live Updater Service - ok
13:46:00.0668 3492 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
13:46:00.0746 3492 lltdio - ok
13:46:00.0793 3492 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
13:46:00.0887 3492 lltdsvc - ok
13:46:00.0902 3492 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
13:46:00.0980 3492 lmhosts - ok
13:46:00.0996 3492 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
13:46:01.0027 3492 LSI_FC - ok
13:46:01.0043 3492 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
13:46:01.0074 3492 LSI_SAS - ok
13:46:01.0074 3492 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
13:46:01.0105 3492 LSI_SAS2 - ok
13:46:01.0121 3492 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
13:46:01.0152 3492 LSI_SCSI - ok
13:46:01.0199 3492 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
13:46:01.0292 3492 luafv - ok
13:46:01.0339 3492 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
13:46:01.0386 3492 Mcx2Svc - ok
13:46:01.0402 3492 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
13:46:01.0417 3492 megasas - ok
13:46:01.0464 3492 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
13:46:01.0511 3492 MegaSR - ok
13:46:01.0542 3492 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
13:46:01.0636 3492 MMCSS - ok
13:46:01.0651 3492 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
13:46:01.0729 3492 Modem - ok
13:46:01.0776 3492 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
13:46:01.0823 3492 monitor - ok
13:46:01.0870 3492 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
13:46:01.0901 3492 mouclass - ok
13:46:01.0932 3492 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
13:46:01.0979 3492 mouhid - ok
13:46:02.0010 3492 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
13:46:02.0041 3492 mountmgr - ok
13:46:02.0104 3492 [ 46297FA8E30A6007F14118FC2B942FBC ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
13:46:02.0135 3492 MozillaMaintenance - ok
13:46:02.0150 3492 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
13:46:02.0182 3492 mpio - ok
13:46:02.0213 3492 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
13:46:02.0275 3492 mpsdrv - ok
13:46:02.0322 3492 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
13:46:02.0447 3492 MpsSvc - ok
13:46:02.0494 3492 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
13:46:02.0556 3492 MRxDAV - ok
13:46:02.0618 3492 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
13:46:02.0712 3492 mrxsmb - ok
13:46:02.0790 3492 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
13:46:02.0852 3492 mrxsmb10 - ok
13:46:02.0884 3492 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
13:46:02.0930 3492 mrxsmb20 - ok
13:46:02.0977 3492 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
13:46:02.0993 3492 msahci - ok
13:46:03.0024 3492 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
13:46:03.0055 3492 msdsm - ok
13:46:03.0102 3492 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
13:46:03.0133 3492 MSDTC - ok
13:46:03.0180 3492 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
13:46:03.0242 3492 Msfs - ok
13:46:03.0258 3492 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
13:46:03.0336 3492 mshidkmdf - ok
13:46:03.0352 3492 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
13:46:03.0383 3492 msisadrv - ok
13:46:03.0414 3492 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
13:46:03.0523 3492 MSiSCSI - ok
13:46:03.0539 3492 msiserver - ok
13:46:03.0554 3492 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
13:46:03.0632 3492 MSKSSRV - ok
13:46:03.0632 3492 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
13:46:03.0726 3492 MSPCLOCK - ok
13:46:03.0726 3492 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
13:46:03.0804 3492 MSPQM - ok
13:46:03.0851 3492 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
13:46:03.0882 3492 MsRPC - ok
13:46:03.0944 3492 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
13:46:03.0960 3492 mssmbios - ok
13:46:03.0976 3492 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
13:46:04.0054 3492 MSTEE - ok
13:46:04.0069 3492 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
13:46:04.0100 3492 MTConfig - ok
13:46:04.0147 3492 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
13:46:04.0163 3492 Mup - ok
13:46:04.0225 3492 [ 9B1EAC6FAF6F37305E822F5588DC8056 ] mwlPSDFilter C:\Windows\system32\DRIVERS\mwlPSDFilter.sys
13:46:04.0241 3492 mwlPSDFilter - ok
13:46:04.0256 3492 [ AD55C1524B296280ED9C6E0D730D35DA ] mwlPSDNServ C:\Windows\system32\DRIVERS\mwlPSDNServ.sys
13:46:04.0272 3492 mwlPSDNServ - ok
13:46:04.0288 3492 [ 2B599E6EC8843637BDD62E7F8F3BA201 ] mwlPSDVDisk C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys
13:46:04.0319 3492 mwlPSDVDisk - ok
13:46:04.0350 3492 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
13:46:04.0444 3492 napagent - ok
13:46:04.0490 3492 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
13:46:04.0553 3492 NativeWifiP - ok
13:46:04.0615 3492 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
13:46:04.0693 3492 NDIS - ok
13:46:04.0709 3492 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
13:46:04.0787 3492 NdisCap - ok
13:46:04.0818 3492 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
13:46:04.0880 3492 NdisTapi - ok
13:46:04.0912 3492 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
13:46:05.0005 3492 Ndisuio - ok
13:46:05.0036 3492 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
13:46:05.0130 3492 NdisWan - ok
13:46:05.0192 3492 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
13:46:05.0286 3492 NDProxy - ok
13:46:05.0333 3492 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
13:46:05.0411 3492 NetBIOS - ok
13:46:05.0473 3492 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
13:46:05.0567 3492 NetBT - ok
13:46:05.0582 3492 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
13:46:05.0614 3492 Netlogon - ok
13:46:05.0660 3492 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
13:46:05.0754 3492 Netman - ok
13:46:05.0770 3492 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
13:46:05.0863 3492 netprofm - ok
13:46:05.0910 3492 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
13:46:05.0941 3492 NetTcpPortSharing - ok
13:46:05.0988 3492 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
13:46:06.0019 3492 nfrd960 - ok
13:46:06.0050 3492 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
13:46:06.0144 3492 NlaSvc - ok
13:46:06.0191 3492 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
13:46:06.0269 3492 Npfs - ok
13:46:06.0284 3492 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
13:46:06.0347 3492 nsi - ok
13:46:06.0378 3492 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
13:46:06.0456 3492 nsiproxy - ok
13:46:06.0550 3492 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
13:46:06.0674 3492 Ntfs - ok
13:46:06.0737 3492 [ 773EED20BBF50809437373C0285BFA5E ] NTI IScheduleSvc C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
13:46:06.0784 3492 NTI IScheduleSvc - ok
13:46:06.0846 3492 [ EE3BA1024594D5D09E314F206B94069E ] NTIDrvr C:\Windows\system32\drivers\NTIDrvr.sys
13:46:06.0877 3492 NTIDrvr - ok
13:46:06.0893 3492 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
13:46:06.0986 3492 Null - ok
13:46:07.0033 3492 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
13:46:07.0049 3492 nvraid - ok
13:46:07.0080 3492 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
13:46:07.0111 3492 nvstor - ok
13:46:07.0127 3492 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
13:46:07.0158 3492 nv_agp - ok
13:46:07.0174 3492 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
13:46:07.0236 3492 ohci1394 - ok
13:46:07.0283 3492 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
13:46:07.0298 3492 ose - ok
13:46:07.0470 3492 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
13:46:07.0704 3492 osppsvc - ok
13:46:07.0751 3492 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
13:46:07.0829 3492 p2pimsvc - ok
13:46:07.0844 3492 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
13:46:07.0891 3492 p2psvc - ok
13:46:07.0922 3492 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
13:46:07.0954 3492 Parport - ok
13:46:08.0000 3492 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
13:46:08.0016 3492 partmgr - ok
13:46:08.0032 3492 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
13:46:08.0094 3492 PcaSvc - ok
13:46:08.0125 3492 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
13:46:08.0156 3492 pci - ok
13:46:08.0203 3492 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
13:46:08.0250 3492 pciide - ok
13:46:08.0266 3492 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
13:46:08.0297 3492 pcmcia - ok
13:46:08.0312 3492 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
13:46:08.0344 3492 pcw - ok
13:46:08.0359 3492 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
13:46:08.0453 3492 PEAUTH - ok
13:46:08.0578 3492 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
13:46:08.0640 3492 PerfHost - ok
13:46:08.0734 3492 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
13:46:08.0874 3492 pla - ok
13:46:08.0921 3492 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
13:46:08.0999 3492 PlugPlay - ok
13:46:09.0030 3492 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
13:46:09.0061 3492 PNRPAutoReg - ok
13:46:09.0092 3492 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
13:46:09.0124 3492 PNRPsvc - ok
13:46:09.0155 3492 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
13:46:09.0248 3492 PolicyAgent - ok
13:46:09.0280 3492 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
13:46:09.0373 3492 Power - ok
13:46:09.0420 3492 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
13:46:09.0498 3492 PptpMiniport - ok
13:46:09.0545 3492 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
13:46:09.0576 3492 Processor - ok
13:46:09.0623 3492 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
13:46:09.0670 3492 ProfSvc - ok
13:46:09.0701 3492 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
13:46:09.0716 3492 ProtectedStorage - ok
13:46:09.0763 3492 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
13:46:09.0857 3492 Psched - ok
13:46:09.0919 3492 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
13:46:10.0044 3492 ql2300 - ok
13:46:10.0060 3492 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
13:46:10.0091 3492 ql40xx - ok
13:46:10.0122 3492 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
13:46:10.0153 3492 QWAVE - ok
13:46:10.0184 3492 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
13:46:10.0231 3492 QWAVEdrv - ok
13:46:10.0231 3492 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
13:46:10.0309 3492 RasAcd - ok
13:46:10.0356 3492 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
13:46:10.0434 3492 RasAgileVpn - ok
13:46:10.0450 3492 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
13:46:10.0543 3492 RasAuto - ok
13:46:10.0590 3492 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
13:46:10.0699 3492 Rasl2tp - ok
13:46:10.0746 3492 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
13:46:10.0840 3492 RasMan - ok
13:46:10.0886 3492 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
13:46:10.0949 3492 RasPppoe - ok
13:46:10.0964 3492 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
13:46:11.0058 3492 RasSstp - ok
13:46:11.0105 3492 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
13:46:11.0198 3492 rdbss - ok
13:46:11.0230 3492 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
13:46:11.0276 3492 rdpbus - ok
13:46:11.0308 3492 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
13:46:11.0401 3492 RDPCDD - ok
13:46:11.0432 3492 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
13:46:11.0510 3492 RDPENCDD - ok
13:46:11.0542 3492 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
13:46:11.0604 3492 RDPREFMP - ok
13:46:11.0651 3492 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
13:46:11.0729 3492 RDPWD - ok
13:46:11.0776 3492 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
13:46:11.0807 3492 rdyboost - ok
13:46:11.0854 3492 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
13:46:11.0932 3492 RemoteAccess - ok
13:46:11.0947 3492 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
13:46:12.0041 3492 RemoteRegistry - ok
13:46:12.0119 3492 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
13:46:12.0166 3492 RFCOMM - ok
13:46:12.0197 3492 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
13:46:12.0259 3492 RpcEptMapper - ok
13:46:12.0306 3492 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
13:46:12.0353 3492 RpcLocator - ok
13:46:12.0384 3492 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
13:46:12.0478 3492 RpcSs - ok
13:46:12.0509 3492 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
13:46:12.0587 3492 rspndr - ok
13:46:12.0649 3492 [ 763AE0C6D9DF4C24B7E2C26036A8188A ] RSUSBSTOR C:\Windows\System32\Drivers\RtsUStor.sys
13:46:12.0680 3492 RSUSBSTOR - ok
13:46:12.0743 3492 [ 032F537623A7B2FB81AAA184C30B70C3 ] s0017bus C:\Windows\system32\DRIVERS\s0017bus.sys
13:46:12.0790 3492 s0017bus - ok
13:46:12.0868 3492 [ 9964A28E569B4FF105B446EF8978FD5C ] s0017mdfl C:\Windows\system32\DRIVERS\s0017mdfl.sys
13:46:12.0899 3492 s0017mdfl - ok
13:46:12.0946 3492 [ 06347087D274C23DCFA8C4AB5C4314DB ] s0017mdm C:\Windows\system32\DRIVERS\s0017mdm.sys
13:46:12.0961 3492 s0017mdm - ok
13:46:13.0024 3492 [ F0F0747B3FA50272DE6B1BF575FA4700 ] s0017mgmt C:\Windows\system32\DRIVERS\s0017mgmt.sys
13:46:13.0039 3492 s0017mgmt - ok
13:46:13.0117 3492 [ 7224412CEA2FF2DF7D4842C1B0E71045 ] s0017nd5 C:\Windows\system32\DRIVERS\s0017nd5.sys
13:46:13.0148 3492 s0017nd5 - ok
13:46:13.0180 3492 [ 3FEADBC7F09B8B596CBFB82F12ABA87F ] s0017obex C:\Windows\system32\DRIVERS\s0017obex.sys
13:46:13.0195 3492 s0017obex - ok
13:46:13.0242 3492 [ 2B63BEA31D939888B2A8F3F14D89B5C1 ] s0017unic C:\Windows\system32\DRIVERS\s0017unic.sys
13:46:13.0289 3492 s0017unic - ok
13:46:13.0320 3492 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
13:46:13.0351 3492 SamSs - ok
13:46:13.0382 3492 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
13:46:13.0414 3492 sbp2port - ok
13:46:13.0445 3492 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
13:46:13.0538 3492 SCardSvr - ok
13:46:13.0570 3492 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
13:46:13.0663 3492 scfilter - ok
13:46:13.0726 3492 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
13:46:13.0882 3492 Schedule - ok
13:46:13.0928 3492 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
13:46:14.0006 3492 SCPolicySvc - ok
13:46:14.0038 3492 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
13:46:14.0100 3492 SDRSVC - ok
13:46:14.0162 3492 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
13:46:14.0256 3492 secdrv - ok
13:46:14.0303 3492 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
13:46:14.0381 3492 seclogon - ok
13:46:14.0428 3492 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
13:46:14.0537 3492 SENS - ok
13:46:14.0568 3492 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
13:46:14.0662 3492 SensrSvc - ok
13:46:14.0693 3492 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
13:46:14.0708 3492 Serenum - ok
13:46:14.0740 3492 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
13:46:14.0786 3492 Serial - ok
13:46:14.0818 3492 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
13:46:14.0833 3492 sermouse - ok
13:46:14.0880 3492 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
13:46:14.0958 3492 SessionEnv - ok
13:46:14.0989 3492 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
13:46:15.0098 3492 sffdisk - ok
13:46:15.0114 3492 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
13:46:15.0161 3492 sffp_mmc - ok
13:46:15.0192 3492 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
13:46:15.0239 3492 sffp_sd - ok
13:46:15.0286 3492 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
13:46:15.0317 3492 sfloppy - ok
13:46:15.0395 3492 [ C6CC9297BD53E5229653303E556AA539 ] Sftfs C:\Windows\system32\DRIVERS\Sftfslh.sys
13:46:15.0457 3492 Sftfs - ok
13:46:15.0520 3492 [ 13693B6354DD6E72DC5131DA7D764B90 ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
13:46:15.0582 3492 sftlist - ok
13:46:15.0644 3492 [ 390AA7BC52CEE43F6790CDEA1E776703 ] Sftplay C:\Windows\system32\DRIVERS\Sftplaylh.sys
13:46:15.0676 3492 Sftplay - ok
13:46:15.0691 3492 [ 617E29A0B0A2807466560D4C4E338D3E ] Sftredir C:\Windows\system32\DRIVERS\Sftredirlh.sys
13:46:15.0707 3492 Sftredir - ok
13:46:15.0722 3492 [ 8F571F016FA1976F445147E9E6C8AE9B ] Sftvol C:\Windows\system32\DRIVERS\Sftvollh.sys
13:46:15.0738 3492 Sftvol - ok
13:46:15.0785 3492 [ C3CDDD18F43D44AB713CF8C4916F7696 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
13:46:15.0800 3492 sftvsa - ok
13:46:15.0863 3492 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
13:46:15.0972 3492 SharedAccess - ok
13:46:16.0003 3492 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
13:46:16.0097 3492 ShellHWDetection - ok
13:46:16.0144 3492 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
13:46:16.0175 3492 SiSRaid2 - ok
13:46:16.0175 3492 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
13:46:16.0206 3492 SiSRaid4 - ok
13:46:16.0346 3492 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
13:46:16.0378 3492 SkypeUpdate - ok
13:46:16.0393 3492 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
13:46:16.0471 3492 Smb - ok
13:46:16.0534 3492 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
13:46:16.0596 3492 SNMPTRAP - ok
13:46:16.0752 3492 [ 5177D14A78E60FD61DCFC6B388E7E971 ] Sony PC Companion C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe
13:46:16.0768 3492 Sony PC Companion - ok
13:46:16.0783 3492 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
13:46:16.0799 3492 spldr - ok
13:46:16.0846 3492 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
13:46:16.0955 3492 Spooler - ok
13:46:17.0080 3492 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
13:46:17.0282 3492 sppsvc - ok
13:46:17.0360 3492 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
13:46:17.0454 3492 sppuinotify - ok
13:46:17.0516 3492 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
13:46:17.0610 3492 srv - ok
13:46:17.0672 3492 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
13:46:17.0735 3492 srv2 - ok
13:46:17.0766 3492 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
13:46:17.0828 3492 srvnet - ok
13:46:17.0891 3492 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
13:46:18.0016 3492 SSDPSRV - ok
13:46:18.0016 3492 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
13:46:18.0094 3492 SstpSvc - ok
13:46:18.0140 3492 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
13:46:18.0156 3492 stexstor - ok
13:46:18.0203 3492 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
13:46:18.0281 3492 stisvc - ok
13:46:18.0328 3492 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
13:46:18.0359 3492 swenum - ok
13:46:18.0390 3492 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
13:46:18.0484 3492 swprv - ok
13:46:18.0577 3492 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
13:46:18.0702 3492 SysMain - ok
13:46:18.0749 3492 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
13:46:18.0796 3492 TabletInputService - ok
13:46:18.0858 3492 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
13:46:18.0967 3492 TapiSrv - ok
13:46:19.0014 3492 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
13:46:19.0076 3492 TBS - ok
13:46:19.0154 3492 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip C:\Windows\system32\drivers\tcpip.sys
13:46:19.0248 3492 Tcpip - ok
13:46:19.0295 3492 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
13:46:19.0357 3492 TCPIP6 - ok
13:46:19.0420 3492 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
13:46:19.0529 3492 tcpipreg - ok
13:46:19.0576 3492 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
13:46:19.0685 3492 TDPIPE - ok
13:46:19.0700 3492 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
13:46:19.0747 3492 TDTCP - ok
13:46:19.0778 3492 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
13:46:19.0857 3492 tdx - ok
13:46:19.0935 3492 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
13:46:19.0966 3492 TermDD - ok
13:46:20.0028 3492 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
13:46:20.0137 3492 TermService - ok
13:46:20.0169 3492 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
13:46:20.0231 3492 Themes - ok
13:46:20.0262 3492 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
13:46:20.0340 3492 THREADORDER - ok
13:46:20.0356 3492 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
13:46:20.0449 3492 TrkWks - ok
13:46:20.0527 3492 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
13:46:20.0637 3492 TrustedInstaller - ok
13:46:20.0683 3492 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
13:46:20.0761 3492 tssecsrv - ok
13:46:20.0793 3492 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
13:46:20.0871 3492 TsUsbFlt - ok
13:46:20.0933 3492 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
13:46:21.0042 3492 tunnel - ok
13:46:21.0089 3492 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
13:46:21.0120 3492 uagp35 - ok
13:46:21.0167 3492 [ A17D5E1A6DF4EAB0A480F2C490DE4C9D ] UBHelper C:\Windows\system32\drivers\UBHelper.sys
13:46:21.0198 3492 UBHelper - ok
13:46:21.0261 3492 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
13:46:21.0354 3492 udfs - ok
13:46:21.0417 3492 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
13:46:21.0448 3492 UI0Detect - ok
13:46:21.0463 3492 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
13:46:21.0495 3492 uliagpkx - ok
13:46:21.0526 3492 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
13:46:21.0573 3492 umbus - ok
13:46:21.0619 3492 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
13:46:21.0666 3492 UmPass - ok
13:46:21.0697 3492 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
13:46:21.0791 3492 upnphost - ok
13:46:21.0838 3492 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
13:46:21.0916 3492 usbccgp - ok
13:46:21.0947 3492 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
13:46:21.0994 3492 usbcir - ok
13:46:22.0041 3492 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
13:46:22.0087 3492 usbehci - ok
13:46:22.0134 3492 [ 76E2FFAD301490BA27B947C6507752FB ] usbfilter C:\Windows\system32\DRIVERS\usbfilter.sys
13:46:22.0150 3492 usbfilter - ok
13:46:22.0181 3492 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
13:46:22.0243 3492 usbhub - ok
13:46:22.0275 3492 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
13:46:22.0306 3492 usbohci - ok
13:46:22.0337 3492 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
13:46:22.0415 3492 usbprint - ok
13:46:22.0431 3492 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
13:46:22.0540 3492 USBSTOR - ok
13:46:22.0571 3492 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
13:46:22.0618 3492 usbuhci - ok
13:46:22.0665 3492 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
13:46:22.0696 3492 usbvideo - ok
13:46:22.0727 3492 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
13:46:22.0821 3492 UxSms - ok
13:46:22.0836 3492 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
13:46:22.0867 3492 VaultSvc - ok
13:46:22.0899 3492 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
13:46:22.0914 3492 vdrvroot - ok
13:46:22.0961 3492 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
13:46:23.0070 3492 vds - ok
13:46:23.0117 3492 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
13:46:23.0148 3492 vga - ok
13:46:23.0164 3492 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
13:46:23.0257 3492 VgaSave - ok
13:46:23.0304 3492 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
13:46:23.0335 3492 vhdmp - ok
13:46:23.0367 3492 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
13:46:23.0382 3492 viaide - ok
13:46:23.0413 3492 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
13:46:23.0445 3492 volmgr - ok
13:46:23.0507 3492 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
13:46:23.0538 3492 volmgrx - ok
13:46:23.0616 3492 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
13:46:23.0663 3492 volsnap - ok
13:46:23.0694 3492 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
13:46:23.0741 3492 vsmraid - ok
13:46:23.0819 3492 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
13:46:23.0975 3492 VSS - ok
13:46:24.0006 3492 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
13:46:24.0053 3492 vwifibus - ok
13:46:24.0100 3492 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
13:46:24.0147 3492 vwififlt - ok
13:46:24.0209 3492 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
13:46:24.0271 3492 vwifimp - ok
13:46:24.0318 3492 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
13:46:24.0396 3492 W32Time - ok
13:46:24.0427 3492 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
13:46:24.0443 3492 WacomPen - ok
13:46:24.0474 3492 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
13:46:24.0568 3492 WANARP - ok
13:46:24.0583 3492 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
13:46:24.0646 3492 Wanarpv6 - ok
13:46:24.0724 3492 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
13:46:24.0849 3492 wbengine - ok
13:46:24.0880 3492 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
13:46:24.0927 3492 WbioSrvc - ok
13:46:24.0958 3492 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
13:46:25.0020 3492 wcncsvc - ok
13:46:25.0051 3492 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
13:46:25.0145 3492 WcsPlugInService - ok
13:46:25.0176 3492 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
13:46:25.0192 3492 Wd - ok
13:46:25.0254 3492 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
13:46:25.0285 3492 Wdf01000 - ok
13:46:25.0317 3492 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
13:46:25.0473 3492 WdiServiceHost - ok
13:46:25.0473 3492 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
13:46:25.0519 3492 WdiSystemHost - ok
13:46:25.0551 3492 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
13:46:25.0629 3492 WebClient - ok
13:46:25.0660 3492 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
13:46:25.0769 3492 Wecsvc - ok
13:46:25.0800 3492 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
13:46:25.0894 3492 wercplsupport - ok
13:46:25.0925 3492 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
13:46:26.0019 3492 WerSvc - ok
13:46:26.0050 3492 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
13:46:26.0128 3492 WfpLwf - ok
13:46:26.0159 3492 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
13:46:26.0175 3492 WIMMount - ok
13:46:26.0221 3492 WinDefend - ok
13:46:26.0237 3492 WinHttpAutoProxySvc - ok
13:46:26.0331 3492 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
13:46:26.0424 3492 Winmgmt - ok
13:46:26.0518 3492 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
13:46:26.0674 3492 WinRM - ok
13:46:26.0752 3492 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
13:46:26.0783 3492 WinUsb - ok
13:46:26.0830 3492 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
13:46:26.0939 3492 Wlansvc - ok
13:46:27.0017 3492 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
13:46:27.0064 3492 wlcrasvc - ok
13:46:27.0189 3492 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
13:46:27.0298 3492 wlidsvc - ok
13:46:27.0360 3492 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
13:46:27.0407 3492 WmiAcpi - ok
13:46:27.0469 3492 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
13:46:27.0532 3492 wmiApSrv - ok
13:46:27.0579 3492 WMPNetworkSvc - ok
13:46:27.0610 3492 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
13:46:27.0657 3492 WPCSvc - ok
13:46:27.0719 3492 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
13:46:27.0781 3492 WPDBusEnum - ok
13:46:27.0813 3492 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
13:46:27.0906 3492 ws2ifsl - ok
13:46:27.0937 3492 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
13:46:28.0000 3492 wscsvc - ok
13:46:28.0015 3492 WSearch - ok
13:46:28.0109 3492 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
13:46:28.0234 3492 wuauserv - ok
13:46:28.0249 3492 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
13:46:28.0343 3492 WudfPf - ok
13:46:28.0390 3492 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
13:46:28.0468 3492 WUDFRd - ok
13:46:28.0499 3492 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
13:46:28.0561 3492 wudfsvc - ok
13:46:28.0608 3492 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
13:46:28.0686 3492 WwanSvc - ok
13:46:28.0795 3492 ================ Scan global ===============================
13:46:28.0842 3492 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
13:46:28.0889 3492 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
13:46:28.0905 3492 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
13:46:28.0936 3492 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
13:46:28.0983 3492 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
13:46:28.0983 3492 [Global] - ok
13:46:28.0983 3492 ================ Scan MBR ==================================
13:46:29.0014 3492 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
13:46:29.0638 3492 \Device\Harddisk0\DR0 - ok
13:46:29.0653 3492 ================ Scan VBR ==================================
13:46:29.0653 3492 [ 01B323FC6F8E56E3ABDAD913BDB6A771 ] \Device\Harddisk0\DR0\Partition1
13:46:29.0669 3492 \Device\Harddisk0\DR0\Partition1 - ok
13:46:29.0700 3492 [ 4AEB76993404458AFB64312F74412209 ] \Device\Harddisk0\DR0\Partition2
13:46:29.0716 3492 \Device\Harddisk0\DR0\Partition2 - ok
13:46:29.0716 3492 ============================================================
13:46:29.0716 3492 Scan finished
13:46:29.0716 3492 ============================================================
13:46:29.0731 3436 Detected object count: 0
13:46:29.0731 3436 Actual detected object count: 0
13:48:08.0979 1944 Deinitialize success
|
|
17.09.2012, 14:36
| #23 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | rkit/agent.dfjv Dann bitte jetzt CF ausführen: ComboFix Ein Leitfaden und Tutorium zur Nutzung von ComboFix
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat! Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie Zitat:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
17.09.2012, 16:31
| #24 |
| | rkit/agent.dfjvCode:
ATTFilter ComboFix 12-09-16.01 - Rüger 17.09.2012 17:16:05.1.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.3819.2484 [GMT 2:00]
ausgeführt von:: c:\users\R³ger\Downloads\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Neuer Wiederherstellungspunkt wurde erstellt
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\FullRemove.exe
c:\users\Rüger\AppData\Roaming\AcroIEHelpe.txt
.
.
((((((((((((((((((((((( Dateien erstellt von 2012-08-17 bis 2012-09-17 ))))))))))))))))))))))))))))))
.
.
2012-09-17 15:25 . 2012-09-17 15:25 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-09-17 15:23 . 2012-09-17 15:23 69000 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{E7C80D53-F1C7-4163-BEA5-68D2D9CF68C8}\offreg.dll
2012-09-16 10:59 . 2012-09-16 10:59 -------- d-----w- C:\_OTL
2012-09-15 08:07 . 2012-09-15 08:07 -------- d-----w- c:\program files (x86)\Common Files\Skype
2012-09-15 08:07 . 2012-09-15 08:07 -------- d-----r- c:\program files (x86)\Skype
2012-09-14 06:57 . 2012-08-23 08:26 9310152 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{E7C80D53-F1C7-4163-BEA5-68D2D9CF68C8}\mpengine.dll
2012-09-12 17:44 . 2012-08-22 18:12 950128 ----a-w- c:\windows\system32\drivers\ndis.sys
2012-09-12 17:44 . 2012-07-04 20:26 41472 ----a-w- c:\windows\system32\drivers\RNDISMP.sys
2012-09-12 17:44 . 2012-08-02 17:58 574464 ----a-w- c:\windows\system32\d3d10level9.dll
2012-09-12 17:44 . 2012-08-02 16:57 490496 ----a-w- c:\windows\SysWow64\d3d10level9.dll
2012-09-12 17:44 . 2012-08-22 18:12 1913200 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-09-12 17:44 . 2012-08-22 18:12 376688 ----a-w- c:\windows\system32\drivers\netio.sys
2012-09-12 17:44 . 2012-08-22 18:12 288624 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2012-09-11 19:57 . 2012-09-11 19:57 -------- d-----w- c:\program files (x86)\ESET
2012-09-07 21:31 . 2012-09-07 21:31 -------- d-----w- c:\users\Rüger\AppData\Roaming\Malwarebytes
2012-09-07 21:30 . 2012-09-07 21:30 -------- d-----w- c:\programdata\Malwarebytes
2012-09-07 21:00 . 2012-09-07 21:00 -------- d-----w- c:\users\Rüger\AppData\Roaming\QuickScan
2012-08-22 17:07 . 2012-08-22 17:08 -------- d-----w- c:\users\Rüger\AppData\Roaming\UltraVNC
2012-08-22 17:06 . 2012-08-22 17:06 -------- d-----w- c:\program files (x86)\UltraVNC
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-09-13 03:27 . 2011-09-24 14:27 64462936 ----a-w- c:\windows\system32\MRT.exe
2012-08-06 20:16 . 2012-08-06 20:16 27760 ----a-w- c:\windows\system32\drivers\ggsemc.sys
2012-08-06 20:16 . 2012-08-06 20:16 1721576 ----a-w- c:\windows\system32\WdfCoInstaller01009.dll
2012-08-06 20:16 . 2012-08-06 20:16 14448 ----a-w- c:\windows\system32\drivers\ggflt.sys
2012-07-29 23:32 . 2012-07-29 23:32 264 ----a-w- c:\users\Rüger\AppData\Roaming\srvblck5.tmp
2012-07-29 23:32 . 2012-07-29 23:32 264 ----a-w- c:\users\Rüger\AppData\Roaming\srvblck5.tmp
2012-07-18 18:15 . 2012-08-15 17:40 3148800 ----a-w- c:\windows\system32\win32k.sys
2012-07-13 13:20 . 2012-07-13 13:20 30496 ----a-w- c:\windows\system32\drivers\hitmanpro36.sys
2012-07-06 20:07 . 2012-08-18 05:36 552960 ----a-w- c:\windows\system32\drivers\bthport.sys
2012-07-04 22:16 . 2012-08-15 17:41 73216 ----a-w- c:\windows\system32\netapi32.dll
2012-07-04 22:13 . 2012-08-15 17:41 59392 ----a-w- c:\windows\system32\browcli.dll
2012-07-04 22:13 . 2012-08-15 17:41 136704 ----a-w- c:\windows\system32\browser.dll
2012-07-04 21:14 . 2012-08-15 17:41 41984 ----a-w- c:\windows\SysWow64\browcli.dll
2012-06-27 07:06 . 2012-08-15 17:41 1188864 ----a-w- c:\windows\system32\wininet.dll
2012-06-27 07:06 . 2012-08-15 17:41 1494016 ----a-w- c:\windows\system32\urlmon.dll
2012-06-27 07:06 . 2012-08-15 17:41 134144 ----a-w- c:\windows\system32\url.dll
2012-06-27 07:03 . 2012-08-15 17:41 9059840 ----a-w- c:\windows\system32\mshtml.dll
2012-06-27 07:03 . 2012-08-15 17:41 97792 ----a-w- c:\windows\system32\mshtmled.dll
2012-06-27 07:03 . 2012-08-15 17:41 735744 ----a-w- c:\windows\system32\msfeeds.dll
2012-06-27 07:02 . 2012-08-15 17:41 64512 ----a-w- c:\windows\system32\jsproxy.dll
2012-06-27 07:02 . 2012-08-15 17:41 247808 ----a-w- c:\windows\system32\ieui.dll
2012-06-27 07:02 . 2012-08-15 17:41 2453504 ----a-w- c:\windows\system32\iertutil.dll
2012-06-27 07:02 . 2012-08-15 17:41 12297216 ----a-w- c:\windows\system32\ieframe.dll
2012-06-27 05:53 . 2012-08-15 17:41 981504 ----a-w- c:\windows\SysWow64\wininet.dll
2012-06-27 04:53 . 2012-08-15 17:41 1638912 ----a-w- c:\windows\system32\mshtml.tlb
2012-06-27 04:10 . 2012-08-15 17:41 1638912 ----a-w- c:\windows\SysWow64\mshtml.tlb
2012-06-23 08:52 . 2012-05-30 17:48 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-06-23 08:52 . 2011-08-05 00:56 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Facebook Update"="c:\users\Rüger\AppData\Local\Facebook\Update\FacebookUpdate.exe" [2012-07-13 138096]
"Sony PC Companion"="c:\program files (x86)\Sony\Sony PC Companion\PCCompanion.exe" [2012-05-31 445624]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2012-08-08 348664]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"IsMyWinLockerReboot"="msiexec.exe" [2010-11-20 73216]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"midi2"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro36]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro36.sys]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro36Crusader]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro36CrusaderBoot]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Google Update-Dienst (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-08-19 136176]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944]
R3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys [2011-02-22 36000]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys [2011-02-22 298656]
R3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys [2011-02-22 201376]
R3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys [2011-02-22 55456]
R3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys [2011-02-22 154272]
R3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys [2011-02-22 280224]
R3 ewusbnet;HUAWEI USB-NDIS miniport;c:\windows\system32\DRIVERS\ewusbnet.sys [2009-06-29 132608]
R3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\DRIVERS\ggflt.sys [2012-08-06 14448]
R3 gupdatem;Google Update-Dienst (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-08-19 136176]
R3 hitmanpro36;Hitman Pro 3.5 Support Driver;c:\windows\system32\drivers\hitmanpro36.sys [2012-07-13 30496]
R3 hwusbfake;Huawei DataCard USB Fake;c:\windows\system32\DRIVERS\ewusbfake.sys [2009-06-29 116096]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\System32\Drivers\RtsUStor.sys [2010-06-17 246376]
R3 s0017bus;Sony Ericsson Device 0017 driver (WDM);c:\windows\system32\DRIVERS\s0017bus.sys [2008-10-21 113704]
R3 s0017mdfl;Sony Ericsson Device 0017 USB WMC Modem Filter;c:\windows\system32\DRIVERS\s0017mdfl.sys [2008-10-21 19496]
R3 s0017mdm;Sony Ericsson Device 0017 USB WMC Modem Driver;c:\windows\system32\DRIVERS\s0017mdm.sys [2008-10-21 152616]
R3 s0017mgmt;Sony Ericsson Device 0017 USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\s0017mgmt.sys [2008-10-21 133160]
R3 s0017nd5;Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (NDIS);c:\windows\system32\DRIVERS\s0017nd5.sys [2008-10-21 34856]
R3 s0017obex;Sony Ericsson Device 0017 USB WMC OBEX Interface;c:\windows\system32\DRIVERS\s0017obex.sys [2008-10-21 128552]
R3 s0017unic;Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (WDM);c:\windows\system32\DRIVERS\s0017unic.sys [2008-10-21 145960]
R3 Sony PC Companion;Sony PC Companion;c:\program files (x86)\Sony\Sony PC Companion\PCCService.exe [2012-01-18 155320]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R4 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-04-04 63928]
R4 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-23 250056]
R4 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2011-01-10 203776]
R4 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe [2011-02-22 76448]
R4 CxAudMsg;Conexant Audio Message Service;c:\windows\system32\CxAudMsg64.exe [2011-02-10 198784]
R4 DsiWMIService;Dritek WMI Service;c:\program files (x86)\Launch Manager\dsiwmis.exe [2011-03-14 352336]
R4 EgisTec Ticket Service;EgisTec Ticket Service;c:\program files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe [2010-09-28 172912]
R4 ePowerSvc;Acer ePower Service;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe [2011-02-22 873064]
R4 GREGService;GREGService;c:\program files (x86)\Acer\Registration\GREGsvc.exe [2010-01-08 23584]
R4 Live Updater Service;Live Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe [2011-01-31 244624]
R4 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-07-19 113120]
R4 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [2011-02-15 257344]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [2011-12-09 27760]
S1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\DRIVERS\mwlPSDFilter.sys [2011-04-08 22912]
S1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\DRIVERS\mwlPSDNServ.sys [2011-04-08 20328]
S1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\DRIVERS\mwlPSDVDisk.sys [2011-04-08 62584]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
S2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2012-05-26 86224]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-04 822624]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-01 508776]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2011-01-10 8122368]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2011-01-10 290816]
S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys [2011-02-22 28832]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [2010-11-12 138024]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys [2010-09-27 76912]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [2011-10-01 764264]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [2011-10-01 268648]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [2011-10-01 25960]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [2011-10-01 22376]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-01 219496]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys [2010-11-28 44672]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - 36979254
*Deregistered* - 36979254
.
Inhalt des "geplante Tasks" Ordners
.
2012-09-17 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-30 08:52]
.
2012-09-17 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-08-19 08:57]
.
2012-09-17 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-08-19 08:57]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://acer.msn.com
mStart Page = hxxp://acer.msn.com
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: &Download by Orbit - c:\program files (x86)\Orbitdownloader\orbitmxt.dll/201
IE: &Grab video by Orbit - c:\program files (x86)\Orbitdownloader\orbitmxt.dll/204
IE: Do&wnload selected by Orbit - c:\program files (x86)\Orbitdownloader\orbitmxt.dll/203
IE: Down&load all by Orbit - c:\program files (x86)\Orbitdownloader\orbitmxt.dll/202
TCP: DhcpNameServer = 192.168.2.1
TCP: Interfaces\{B0919FB8-0145-4A1D-9BB6-A054BB06D0EA}: NameServer = 139.7.30.126 139.7.30.125
FF - ProfilePath - c:\users\Rüger\AppData\Roaming\Mozilla\Firefox\Profiles\7rfl6bik.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.de/
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
AddRemove-loadtbs-2.1 - c:\users\Rüger\AppData\Roaming\loadtbs\uninstall.exe
AddRemove-toolplugin - c:\users\RGER~1\AppData\Local\Temp\WZSE0.TMP\setup.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_235_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_235_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0007\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet002\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2012-09-17 17:30:13
ComboFix-quarantined-files.txt 2012-09-17 15:30
.
Vor Suchlauf: 8 Verzeichnis(se), 371.493.351.424 Bytes frei
Nach Suchlauf: 13 Verzeichnis(se), 370.979.622.912 Bytes frei
.
- - End Of File - - 7CAD5CF244DD914907A98CDBF3AA700E
|
|
17.09.2012, 20:37
| #25 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | rkit/agent.dfjv Bitte nun Logs mit GMER und OSAM erstellen und posten. GMER stürzt häufiger ab, wenn das Tool auch beim 2. Mal nicht will, lass es einfach weg und führ nur OSAM aus - die Online-Abfrage durch OSAM bitte überspringen. Bei OSAM bitte darauf auch achten, dass Du das Log auch als *.log und nicht *.html oder so abspeicherst. Hinweis: Zum Entpacken von OSAM bitte WinRAR oder 7zip verwenden! Stell auch unbedingt den Virenscanner ab, besonders der Scanner von McAfee meldet oft einen Fehalarm in OSAM! Downloade dir bitte  aswMBR.exe und speichere die Datei auf deinem Desktop.
Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none). Noch ein Hinweis: Sollte aswMBR abstürzen und es kommt eine Meldung wie "aswMBR.exe funktioniert nicht mehr, dann mach Folgendes: Starte aswMBR neu, wähle unten links im Drop-Down-Menü (unten links im Fenster von aswMBR) bei "AV scan" (none) aus und klick nochmal auf den Scan-Button.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
17.09.2012, 21:55
| #26 |
| | rkit/agent.dfjv gmer Code:
ATTFilter GMER 1.0.15.15641 - hxxp://www.gmer.net
Rootkit scan 2012-09-17 22:53:12
Windows 6.1.7601 Service Pack 1
Running: 2qwgdjtb.exe
---- Registry - GMER 1.0.15 ----
Reg HKLM\SYSTEM\ControlSet001\services\BTHPORT\Parameters\Keys\c0f8da60fe66 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet001\services\BTHPORT\Parameters\Keys\c0f8da60fe66@58170c0d29b1 0x39 0x5B 0xB4 0x43 ...
Reg HKLM\SYSTEM\ControlSet001\services\BTHPORT\Parameters\Keys\c0f8da60fe66@0021069f678f 0x51 0xC3 0xF9 0x7D ...
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\c0f8da60fe66
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\c0f8da60fe66@58170c0d29b1 0x39 0x5B 0xB4 0x43 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\c0f8da60fe66@0021069f678f 0x51 0xC3 0xF9 0x7D ...
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\c0f8da60fe66@0023f1b10438 0x45 0x11 0x75 0x21 ...
Reg HKLM\SYSTEM\ControlSet003\services\BTHPORT\Parameters\Keys\c0f8da60fe66 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\services\BTHPORT\Parameters\Keys\c0f8da60fe66@58170c0d29b1 0x39 0x5B 0xB4 0x43 ...
Reg HKLM\SYSTEM\ControlSet003\services\BTHPORT\Parameters\Keys\c0f8da60fe66@0021069f678f 0x51 0xC3 0xF9 0x7D ...
Reg HKLM\SYSTEM\ControlSet003\services\BTHPORT\Parameters\Keys\c0f8da60fe66@0023f1b10438 0x45 0x11 0x75 0x21 ...
Reg HKCU\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Persisted@C:\Users\R\xb3ger\Downloads\ComboFix.exe 1
---- EOF - GMER 1.0.15 ----
Code:
ATTFilter Report of OSAM: Autorun Manager v5.0.11926.0 hxxp://www.online-solutions.ru/en/ Saved at 23:02:15 on 17.09.2012 OS: Windows 7 Home Premium Edition Service Pack 1 (Build 7601), 64-bit Default Browser: Mozilla Corporation Firefox 14.0.1 Scanner Settings [x] Rootkits detection (hidden registry) [x] Rootkits detection (hidden files) [x] Retrieve files information [x] Check Microsoft signatures Filters [ ] Trusted entries [ ] Empty entries [x] Hidden registry entries (rootkit activity) [x] Exclusively opened files [x] Not found files [x] Files without detailed information [x] Existing files [ ] Non-startable services [ ] Non-startable drivers [x] Active entries [x] Disabled entries [Common] -----( %SystemRoot%\Tasks )----- "GoogleUpdateTaskMachineCore.job" - "Google Inc." - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe "GoogleUpdateTaskMachineUA.job" - "Google Inc." - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe "Adobe Flash Player Updater.job" - "Adobe Systems Incorporated" - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [Drivers] -----( HKLM\SYSTEM\CurrentControlSet\Services )----- "avgntflt" (avgntflt) - "Avira GmbH" - C:\Windows\System32\DRIVERS\avgntflt.sys "avipbb" (avipbb) - "Avira GmbH" - C:\Windows\System32\DRIVERS\avipbb.sys "avkmgr" (avkmgr) - "Avira GmbH" - C:\Windows\System32\DRIVERS\avkmgr.sys "catchme" (catchme) - ? - C:\ComboFix\catchme.sys (File not found) "FssFltr" (fssfltr) - "Microsoft Corporation" - C:\Windows\System32\DRIVERS\fssfltr.sys "Hitman Pro 3.5 Support Driver" (hitmanpro36) - ? - C:\Windows\system32\drivers\hitmanpro36.sys "NTIDrvr" (NTIDrvr) - "NTI Corporation" - C:\Windows\system32\drivers\NTIDrvr.sys "Sftfs" (Sftfs) - "Microsoft Corporation" - C:\Windows\System32\DRIVERS\Sftfslh.sys "Sftplay" (Sftplay) - "Microsoft Corporation" - C:\Windows\System32\DRIVERS\Sftplaylh.sys "Sftredir" (Sftredir) - "Microsoft Corporation" - C:\Windows\System32\DRIVERS\Sftredirlh.sys "Sftvol" (Sftvol) - "Microsoft Corporation" - C:\Windows\System32\DRIVERS\Sftvollh.sys "UBHelper" (UBHelper) - "NTI Corporation" - C:\Windows\system32\drivers\UBHelper.sys [Explorer] -----( HKLM\Software\Classes\Folder\shellex\ColumnHandlers )----- {F9DB5320-233E-11D1-9F84-707F02C10627} "PDF Shell Extension" - "Adobe Systems, Inc." - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll -----( HKLM\Software\Classes\Protocols\Handler )----- {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} "Album Download IE Asynchronous Pluggable Protocol Interface" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} "IEProtocolHandler Class" - "Skype Technologies" - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL {828030A1-22C1-4009-854F-8E305202313F} "livecall" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll {828030A1-22C1-4009-854F-8E305202313F} "msnim" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll {03C514A3-1EFB-4856-9F99-10D7BE1653C0} "Windows Live Mail HTML Asynchronous Pluggable Protocol Handler" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )----- {5E2121EE-0300-11D4-8D3B-444553540000} "Catalyst Context Menu extension" - ? - (File not found | COM-object registry key not found) {D8D1CE8C-B1EB-4E95-B63B-1531BA60E992} "DivX Property Handler" - "DivX, Inc." - C:\Program Files (x86)\DivX\DivX Plus Media Foundation Components\DivXPropertyHandler.dll {83238FAE-D346-4E12-8734-D42F7554B3E6} "DivX Thumbnail Provider" - "DivX, Inc." - C:\Program Files (x86)\DivX\DivX Plus Media Foundation Components\DivXThumbnailProvider.dll {2BE99FD4-A181-4996-BFA9-58C5FFD11F6C} "Windows Live Photo Gallery Autoplay Drop Target" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe {00F30F64-AC33-42F5-8FD1-5DC2D3FDE06C} "Windows Live Photo Gallery Editor Drop Target" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe {00F3712A-CA79-45B4-9E4D-D7891E7F8B9D} "Windows Live Photo Gallery Editor Shim" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\PhotoViewerShim.dll {00F30F90-3E96-453B-AFCD-D71989ECC2C7} "Windows Live Photo Gallery Viewer Autoplay Shim" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\PhotoViewerShim.dll {00F33137-EE26-412F-8D71-F84E4C2C6625} "Windows Live Photo Gallery Viewer Autoplay Shim" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\PhotoViewerShim.dll {00F374B7-B390-4884-B372-2FC349F2172B} "Windows Live Photo Gallery Viewer Drop Target" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe {00F346CB-35A4-465B-8B8F-65A29DBAB1F6} "Windows Live Photo Gallery Viewer Shim" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\PhotoViewerShim.dll {B41DB860-8EE4-11D2-9906-E49FADC173CA} "WinRAR" - "Alexander Roshal" - C:\Program Files (x86)\WinRAR\rarext.dll {B41DB860-64E4-11D2-9906-E49FADC173CA} "WinRAR shell extension" - ? - (File not found | COM-object registry key not found) {E0D79304-84BE-11CE-9641-444553540000} "WinZip" - "WinZip Computing, S.L." - C:\Program Files (x86)\WinZip\wzshlstb.dll {E0D79305-84BE-11CE-9641-444553540000} "WinZip" - "WinZip Computing, S.L." - C:\Program Files (x86)\WinZip\wzshlstb.dll {E0D79306-84BE-11CE-9641-444553540000} "WinZip" - "WinZip Computing, S.L." - C:\Program Files (x86)\WinZip\wzshlstb.dll {E0D79307-84BE-11CE-9641-444553540000} "WinZip" - "WinZip Computing, S.L." - C:\Program Files (x86)\WinZip\wzshlstb.dll {0563DB41-F538-4B37-A92D-4659049B7766} "WLMD Message Handler" - ? - (File not found | COM-object registry key not found) {06A2568A-CED6-4187-BB20-400B8C02BE5A} "{06A2568A-CED6-4187-BB20-400B8C02BE5A}" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoAcquireWizard.exe [Internet Explorer] -----( HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser )----- <binary data> "Grab Pro" - ? - C:\Program Files (x86)\Orbitdownloader\GrabPro.dll ITBar7Height "ITBar7Height" - ? - (File not found | COM-object registry key not found) <binary data> "ITBar7Layout" - ? - (File not found | COM-object registry key not found) -----( HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units )----- {8AD9C840-044E-11D1-B3E9-00805F499D93} "Java Plug-in 1.6.0_31" - "Sun Microsystems, Inc." - C:\Program Files (x86)\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} "Java Plug-in 1.6.0_31" - "Sun Microsystems, Inc." - C:\Program Files (x86)\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} "Java Plug-in 1.6.0_31" - "Sun Microsystems, Inc." - C:\Program Files (x86)\Java\jre6\bin\npjpi160_31.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab -----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions )----- {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} "@C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll {5F7B1267-94A9-47F5-98DB-E99415F33AEC} "@C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} "ClsidExtension" - "Atheros Commnucations" - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll -----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar )----- <binary data> "Grab Pro" - ? - C:\Program Files (x86)\Orbitdownloader\GrabPro.dll -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects )----- {18DF081C-E8AD-4283-A596-FA578C2EBDC3} "Adobe PDF Link Helper" - "Adobe Systems Incorporated" - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} "CIESpeechBHO Class" - "Atheros Commnucations" - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll {326E768D-4182-46FD-9C16-1449A49795F4} "DivX Plus Web Player HTML5 <video>" - "DivX, LLC" - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll {DBC80044-A445-435b-BC74-9C25C1C588A9} "Java(tm) Plug-In 2 SSV Helper" - "Sun Microsystems, Inc." - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} "Java(tm) Plug-In SSV Helper" - "Sun Microsystems, Inc." - C:\Program Files (x86)\Java\jre6\bin\ssv.dll {27B4851A-3207-45A2-B947-BE8AFE6163AB} "McAfee Phishing Filter" - ? - c:\progra~1\mcafee\msk\mskapbho.dll (File not found) {000123B4-9B42-4900-B3F7-F4B073EFC214} "Octh Class" - "Orbitdownloader.com" - C:\Program Files (x86)\Orbitdownloader\orbitcth.dll {9030D464-4C02-4ABF-8ECC-5164760863C6} "Windows Live ID-Anmelde-Hilfsprogramm" - "Microsoft Corp." - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll {9FDDE16B-836F-4806-AB1F-1455CBEFF289} "Windows Live Messenger Companion Helper" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [LSA Providers] -----( HKLM\SYSTEM\CurrentControlSet\Control\Lsa )----- "Security Packages" - "Microsoft Corp." - C:\Windows\system32\livessp.dll [Logon] -----( %APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup )----- "desktop.ini" - ? - C:\Users\Rüger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini -----( %AllUsersProfile%\Microsoft\Windows\Start Menu\Programs\Startup )----- "desktop.ini" - ? - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini -----( HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run )----- "Facebook Update" - "Facebook Inc." - "C:\Users\Rüger\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver "Sony PC Companion" - "Sony" - "C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe" /Background -----( HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server\Wds\rdpwd )----- "StartupPrograms" - ? - rdpclip (File not found) -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Run )----- "avgnt" - "Avira Operations GmbH & Co. KG" - "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min [Services] -----( HKLM\SYSTEM\CurrentControlSet\Services )----- "@%ProgramFiles%\Windows Defender\MsMpRes.dll,-103" (WinDefend) - ? - C:\Program Files (x86)\Windows Defender\mpsvc.dll (File not found) "@%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101" (WMPNetworkSvc) - ? - "C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe" (File not found) "Application Virtualization Client" (sftlist) - "Microsoft Corporation" - C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe "Application Virtualization Service Agent" (sftvsa) - "Microsoft Corporation" - C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe "Avira Echtzeit Scanner" (AntiVirService) - "Avira Operations GmbH & Co. KG" - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe "Avira Planer" (AntiVirSchedulerService) - "Avira Operations GmbH & Co. KG" - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe "Client Virtualization Handler" (cvhsvc) - "Microsoft Corporation" - C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE "Google Update-Dienst (gupdate)" (gupdate) - "Google Inc." - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe "Google Update-Dienst (gupdatem)" (gupdatem) - "Google Inc." - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe "Microsoft .NET Framework NGEN v4.0.30319_X64" (clr_optimization_v4.0.30319_64) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe "Microsoft .NET Framework NGEN v4.0.30319_X86" (clr_optimization_v4.0.30319_32) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe "Office Source Engine" (ose) - "Microsoft Corporation" - C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE "Office Software Protection Platform" (osppsvc) - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE "Skype Updater" (SkypeUpdate) - "Skype Technologies" - C:\Program Files (x86)\Skype\Updater\Updater.exe "Sony PC Companion" (Sony PC Companion) - "Avanquest Software" - C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe "Windows Live Family Safety Service" (fsssvc) - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe "Windows Live ID Sign-in Assistant" (wlidsvc) - "Microsoft Corp." - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [Winlogon] -----( HKCU\Control Panel\Desktop )----- "SCRNSAVE.EXE" - "Goldshell Digital Media" - C:\Windows\FREIBE~1.SCR [Winsock Providers] -----( HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries )----- "WindowsLive Local NSP" - "Microsoft Corp." - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL "WindowsLive NSP" - "Microsoft Corp." - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL ===[ Logfile end ]=========================================[ Logfile end ]=== If You have questions or want to get some help, You can visit hxxp://forum.online-solutions.ru Code:
ATTFilter aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-09-17 23:04:59
-----------------------------
23:04:59.223 OS Version: Windows x64 6.1.7601 Service Pack 1
23:04:59.223 Number of processors: 2 586 0x100
23:04:59.223 ComputerName: RÜGER-PC UserName: Rüger
23:05:01.064 Initialize success
23:06:45.117 AVAST engine defs: 12091400
23:06:48.035 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
23:06:48.035 Disk 0 Vendor: WDC_WD5000BPVT-22HXZT1 01.01A01 Size: 476940MB BusType: 11
23:06:48.097 Disk 0 MBR read successfully
23:06:48.097 Disk 0 MBR scan
23:06:48.113 Disk 0 Windows 7 default MBR code
23:06:48.128 Disk 0 Partition 1 00 27 Hidden NTFS WinRE NTFS 15872 MB offset 2048
23:06:48.144 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 32507904
23:06:48.159 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 460966 MB offset 32712704
23:06:48.191 Disk 0 scanning C:\Windows\system32\drivers
23:07:03.775 Service scanning
23:07:41.028 Modules scanning
23:07:41.044 Disk 0 trace - called modules:
23:07:41.106 ntoskrnl.exe CLASSPNP.SYS disk.sys ataport.SYS PCIIDEX.SYS hal.dll msahci.sys
23:07:41.122 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80042b2060]
23:07:41.137 3 CLASSPNP.SYS[fffff8800100143f] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa8004141060]
23:07:43.446 AVAST engine scan C:\Windows
23:07:49.592 AVAST engine scan C:\Windows\system32
23:11:36.963 AVAST engine scan C:\Windows\system32\drivers
23:11:55.589 AVAST engine scan C:\Users\Rüger
23:15:01.838 AVAST engine scan C:\ProgramData
23:15:58.809 Scan finished successfully
23:18:09.444 Disk 0 MBR has been saved successfully to "C:\Users\Rüger\Desktop\MBR.dat"
23:18:09.459 The log file has been saved successfully to "C:\Users\Rüger\Desktop\aswMBR.txt"
|
|
19.09.2012, 08:33
| #27 |
| | rkit/agent.dfjv und nun?????? |
|
19.09.2012, 16:00
| #28 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | rkit/agent.dfjv Immer mit der Ruhe, ich hab hier auch noch andere Fälle! Sieht ok aus. Wir sollten fast durch sein. Mach bitte zur Kontrolle Vollscans mit Malwarebytes und SUPERAntiSpyware und poste die Logs. Denk dran beide Tools zu updaten vor dem Scan!!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
19.09.2012, 19:42
| #29 |
| | rkit/agent.dfjvCode:
ATTFilter SUPERAntiSpyware Scan Log
hxxp://www.superantispyware.com
Generated 09/19/2012 at 08:39 PM
Application Version : 5.5.1016
Core Rules Database Version : 9252
Trace Rules Database Version: 7064
Scan type : Complete Scan
Total Scan Time : 02:26:16
Operating System Information
Windows 7 Home Premium 64-bit, Service Pack 1 (Build 6.01.7601)
UAC On - Limited User
Memory items scanned : 541
Memory threats detected : 0
Registry items scanned : 70245
Registry threats detected : 0
File items scanned : 154866
File threats detected : 610
Adware.Tracking Cookie
C:\Users\Rüger\AppData\Roaming\Microsoft\Windows\Cookies\A6B03LO7.txt [ /www.etracker.de ]
C:\Users\Rüger\AppData\Roaming\Microsoft\Windows\Cookies\Z62BWNPJ.txt [ /c.atdmt.com ]
C:\Users\Rüger\AppData\Roaming\Microsoft\Windows\Cookies\YKKC484S.txt [ /adform.net ]
C:\Users\Rüger\AppData\Roaming\Microsoft\Windows\Cookies\MQG4QTTS.txt [ /ad1.adfarm1.adition.com ]
C:\Users\Rüger\AppData\Roaming\Microsoft\Windows\Cookies\XJHTZTIU.txt [ /track.adform.net ]
C:\Users\Rüger\AppData\Roaming\Microsoft\Windows\Cookies\E1WT00DI.txt [ /serving-sys.com ]
C:\Users\Rüger\AppData\Roaming\Microsoft\Windows\Cookies\OR3WAXJ1.txt [ /tracking.quisma.com ]
C:\Users\Rüger\AppData\Roaming\Microsoft\Windows\Cookies\QFWAOYHT.txt [ /fastclick.net ]
C:\Users\Rüger\AppData\Roaming\Microsoft\Windows\Cookies\EBMCUBKV.txt [ /dyntracker.com ]
C:\Users\Rüger\AppData\Roaming\Microsoft\Windows\Cookies\BN1VX0HD.txt [ /ad2.adfarm1.adition.com ]
C:\Users\Rüger\AppData\Roaming\Microsoft\Windows\Cookies\I2QM1UO1.txt [ /mediaplex.com ]
C:\Users\Rüger\AppData\Roaming\Microsoft\Windows\Cookies\KAD0KWAO.txt [ /smartadserver.com ]
C:\Users\Rüger\AppData\Roaming\Microsoft\Windows\Cookies\8528BMT9.txt [ /atdmt.com ]
C:\Users\Rüger\AppData\Roaming\Microsoft\Windows\Cookies\R7ROIYYE.txt [ /imrworldwide.com ]
C:\Users\Rüger\AppData\Roaming\Microsoft\Windows\Cookies\F5AKLXSI.txt [ /ad.zanox.com ]
C:\Users\Rüger\AppData\Roaming\Microsoft\Windows\Cookies\WAU0XTVP.txt [ /tradedoubler.com ]
C:\Users\Rüger\AppData\Roaming\Microsoft\Windows\Cookies\G3QKMJ12.txt [ /ad.yieldmanager.com ]
C:\Users\Rüger\AppData\Roaming\Microsoft\Windows\Cookies\W6GNJ5YD.txt [ /bs.serving-sys.com ]
C:\Users\Rüger\AppData\Roaming\Microsoft\Windows\Cookies\GZQ0EGCH.txt [ /doubleclick.net ]
C:\Users\Rüger\AppData\Roaming\Microsoft\Windows\Cookies\6PSL35YX.txt [ /zanox.com ]
C:\Users\Rüger\AppData\Roaming\Microsoft\Windows\Cookies\U5JI490S.txt [ /apmebf.com ]
C:\Users\Rüger\AppData\Roaming\Microsoft\Windows\Cookies\U636QPI5.txt [ /microsoftwllivemkt.112.2o7.net ]
C:\Users\Rüger\AppData\Roaming\Microsoft\Windows\Cookies\LUGJMUO8.txt [ /adfarm1.adition.com ]
C:\USERS\RüGER\AppData\Roaming\Microsoft\Windows\Cookies\Low\DJA4QNNN.txt [ Cookie:rüger@c.atdmt.com/ ]
C:\USERS\RüGER\AppData\Roaming\Microsoft\Windows\Cookies\Low\4PY09JSM.txt [ Cookie:rüger@tns-counter.ru/ ]
C:\USERS\RüGER\AppData\Roaming\Microsoft\Windows\Cookies\Low\L4FOWAM4.txt [ Cookie:rüger@serving-sys.com/ ]
C:\USERS\RüGER\AppData\Roaming\Microsoft\Windows\Cookies\Low\DMQ4MYD6.txt [ Cookie:rüger@yadro.ru/ ]
C:\USERS\RüGER\AppData\Roaming\Microsoft\Windows\Cookies\Low\PDMH6Q8Q.txt [ Cookie:rüger@ad2.adfarm1.adition.com/ ]
C:\USERS\RüGER\AppData\Roaming\Microsoft\Windows\Cookies\Low\37JRYMKL.txt [ Cookie:rüger@invitemedia.com/ ]
C:\USERS\RüGER\AppData\Roaming\Microsoft\Windows\Cookies\Low\B93UQTKY.txt [ Cookie:rüger@atdmt.com/ ]
C:\USERS\RüGER\AppData\Roaming\Microsoft\Windows\Cookies\Low\7I7JDIEY.txt [ Cookie:rüger@imrworldwide.com/cgi-bin ]
C:\USERS\RüGER\AppData\Roaming\Microsoft\Windows\Cookies\Low\MNYGE44F.txt [ Cookie:rüger@specificclick.net/ ]
C:\USERS\RüGER\AppData\Roaming\Microsoft\Windows\Cookies\Low\rüger@microsoftwlsearchcrm.112.2o7[1].txt [ Cookie:rüger@microsoftwlsearchcrm.112.2o7.net/ ]
C:\USERS\RüGER\AppData\Roaming\Microsoft\Windows\Cookies\Low\rüger@studivz.adfarm1.adition[2].txt [ Cookie:rüger@studivz.adfarm1.adition.com/ ]
C:\USERS\RüGER\AppData\Roaming\Microsoft\Windows\Cookies\Low\EBRDPSKT.txt [ Cookie:rüger@doubleclick.net/ ]
C:\USERS\RüGER\AppData\Roaming\Microsoft\Windows\Cookies\Low\rüger@adx.chip[2].txt [ Cookie:rüger@adx.chip.de/ ]
C:\USERS\RüGER\AppData\Roaming\Microsoft\Windows\Cookies\Low\IWXZSI7X.txt [ Cookie:rüger@apmebf.com/ ]
C:\USERS\RüGER\AppData\Roaming\Microsoft\Windows\Cookies\Low\W9VIIGZ3.txt [ Cookie:rüger@lucidmedia.com/ ]
C:\USERS\RüGER\AppData\Roaming\Microsoft\Windows\Cookies\Low\AWH1R2OC.txt [ Cookie:rüger@adfarm1.adition.com/ ]
C:\USERS\RüGER\Cookies\A6B03LO7.txt [ Cookie:rüger@www.etracker.de/ ]
C:\USERS\RüGER\Cookies\Z62BWNPJ.txt [ Cookie:rüger@c.atdmt.com/ ]
C:\USERS\RüGER\Cookies\YKKC484S.txt [ Cookie:rüger@adform.net/ ]
C:\USERS\RüGER\Cookies\XJHTZTIU.txt [ Cookie:rüger@track.adform.net/ ]
C:\USERS\RüGER\Cookies\E1WT00DI.txt [ Cookie:rüger@serving-sys.com/ ]
C:\USERS\RüGER\Cookies\OR3WAXJ1.txt [ Cookie:rüger@tracking.quisma.com/ ]
C:\USERS\RüGER\Cookies\QFWAOYHT.txt [ Cookie:rüger@fastclick.net/ ]
C:\USERS\RüGER\Cookies\EBMCUBKV.txt [ Cookie:rüger@dyntracker.com/ ]
C:\USERS\RüGER\Cookies\BN1VX0HD.txt [ Cookie:rüger@ad2.adfarm1.adition.com/ ]
C:\USERS\RüGER\Cookies\KAD0KWAO.txt [ Cookie:rüger@smartadserver.com/ ]
C:\USERS\RüGER\Cookies\8528BMT9.txt [ Cookie:rüger@atdmt.com/ ]
C:\USERS\RüGER\Cookies\R7ROIYYE.txt [ Cookie:rüger@imrworldwide.com/cgi-bin ]
C:\USERS\RüGER\Cookies\WAU0XTVP.txt [ Cookie:rüger@tradedoubler.com/ ]
C:\USERS\RüGER\Cookies\G3QKMJ12.txt [ Cookie:rüger@ad.yieldmanager.com/ ]
C:\USERS\RüGER\Cookies\W6GNJ5YD.txt [ Cookie:rüger@bs.serving-sys.com/ ]
C:\USERS\RüGER\Cookies\GZQ0EGCH.txt [ Cookie:rüger@doubleclick.net/ ]
C:\USERS\RüGER\Cookies\U5JI490S.txt [ Cookie:rüger@apmebf.com/ ]
C:\USERS\RüGER\Cookies\U636QPI5.txt [ Cookie:rüger@microsoftwllivemkt.112.2o7.net/ ]
C:\USERS\RüGER\Cookies\LUGJMUO8.txt [ Cookie:rüger@adfarm1.adition.com/ ]
.doubleclick.net [ C:\USERS\RüGER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.divx.112.2o7.net [ C:\USERS\RüGER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
C:\USERS\RüGER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\RüGER@AD.ADSERVER01[1].TXT [ /AD.ADSERVER01 ]
C:\USERS\RüGER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\RüGER@AD.ZANOX[1].TXT [ /AD.ZANOX ]
C:\USERS\RüGER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\RüGER@ZANOX[1].TXT [ /ZANOX ]
s0.2mdn.net [ C:\USERS\RüGER\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\L9C8V6FD ]
static.discoverymedia.com [ C:\USERS\RüGER\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\L9C8V6FD ]
.invitemedia.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
eas.apm.emediate.eu [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.mediaplex.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.imrworldwide.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.imrworldwide.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.atdmt.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.apmebf.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.specificclick.net [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.xiti.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.im.banner.t-online.de [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.eyewonder.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.adbrite.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.apmebf.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.a.revenuemax.de [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.ru4.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.adition.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.doubleclick.net [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
tracking.quisma.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.tracking.mindshare.de [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
tracking.mindshare.de [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.traffictrack.de [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.traffictrack.de [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.tto2.traffictrack.de [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.amazon-adsystem.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.amazon-adsystem.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.histats.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.histats.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.yieldmanager.net [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.adbrite.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.view.atdmt.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.lfstmedia.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.mmotraffic.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.mmotraffic.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.traffictrack.de [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.traffictrack.de [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.tto2.traffictrack.de [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.lfstmedia.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.lfstmedia.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.ad.yieldmanager.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.eyewonder.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.lfstmedia.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.lfstmedia.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
7.rotator.wigetmedia.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.traffictrack.de [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.traffictrack.de [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.histats.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
tracking.quisma.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.112.2o7.net [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.ero-advertising.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.ad-emea.doubleclick.net [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.unitymedia.de [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.lfstmedia.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.mediaplex.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
tracking.quisma.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
www.active-tracking.de [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.lfstmedia.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.ero-advertising.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.ero-advertising.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
tracking.quisma.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.ero-advertising.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.advertising.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.lfstmedia.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.lfstmedia.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.enoratraffic.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.ero-advertising.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.ero-advertising.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.adbrite.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
eas.apm.emediate.eu [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.ero-advertising.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.ero-advertising.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.ero-advertising.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.ero-advertising.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.ad.adnet.de [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.ero-advertising.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.ero-advertising.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.lucidmedia.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.atdmt.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.atdmt.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.ero-advertising.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.ero-advertising.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.mmotraffic.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
tracking.quisma.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.ero-advertising.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.ero-advertising.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.ero-advertising.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.ero-advertising.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.ero-advertising.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.ero-advertising.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.ero-advertising.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.ero-advertising.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.atdmt.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.zedo.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
partners.webmasterplan.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.nextag.de [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.ero-advertising.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
stat.dealtime.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
www.zanox-affiliate.de [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.dealtime.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
track.adform.net [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
tracking.quisma.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
server.adform.net [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.ero-advertising.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.ero-advertising.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
7.rotator.trafficbee.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
tracking.quisma.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.adxpansion.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.partypoker.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.partypoker.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.partypoker.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.partypoker.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.partypoker.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.ero-advertising.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.exoclick.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
track.popmog.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.ero-advertising.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.ero-advertising.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.ero-advertising.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.ero-advertising.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.h2porn.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.h2porn.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.h2porn.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
h2porn.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.h2porn.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.h2porn.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.adultfriendfinder.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.adultfriendfinder.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.liveperson.net [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.guj.122.2o7.net [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.ero-advertising.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
eas.apm.emediate.eu [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
germansexvideo.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
germansexvideo.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
germansexvideo.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.ero-advertising.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.adxpose.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
adx.chip.de [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
adx.chip.de [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
adx.chip.de [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.secmedia.de [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.secmedia.de [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.adxpansion.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.ad.adnet.de [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
www.pornme.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
targeting.revenuemax.de [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
adserv.kwick.de [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
adserv.kwick.de [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.tracking.quisma.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.nextag.de [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.tracking.quisma.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.zanox.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.zanox-affiliate.de [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.advertising.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.advertising.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
ad.adition.net [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
ad.adition.net [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.revenuemax.de [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.freeyouporn.net [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.freeyouporn.net [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
germansexvideo.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
germansexvideo.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
germansexvideo.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
germansexvideo.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
germansexvideo.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
germansexvideo.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
germansexvideo.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
accounts.google.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
server.adformdsp.net [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.adformdsp.net [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.adform.net [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.burstnet.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
track.effiliation.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
www.traffective-tracking.net [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.static.unister-adservices.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.unister-adservices.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.tracking.quisma.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
www.traffective-tracking.net [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
www.traffective-tracking.net [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.adbrite.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.adbrite.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
ad.adserver01.de [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
ad.adserver01.de [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.im.banner.t-online.de [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
www.traffective-tracking.net [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
www.traffective-tracking.net [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.tribalfusion.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.pornme.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.pornme.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.youpornos.info [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.youpornos.info [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.userporn.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.doubleclick.net [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
track.zalando.de [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
www.active-tracking.de [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
www.active-tracking.de [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
www.active-tracking.de [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
mediathek.daserste.de [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.advertising.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
media.gan-online.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.tradetracker.net [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
www.traffective-tracking.net [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.traffictrack.de [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.apmebf.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
track.effiliation.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
eas.apm.emediate.eu [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
eas.apm.emediate.eu [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.zedo.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.zedo.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.game-advertising-online.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.statcounter.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.quartermedia.de [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.tracker.vinsight.de [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
server.adform.net [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
www.traffective-tracking.net [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.urbia.wwe-media.de [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.advertising.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.advertising.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
ec-track.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.ad.adnet.de [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.mediaplex.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.blau.122.2o7.net [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.tracking.quisma.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.ad.mlnadvertising.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.partypoker.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
7.rotator.trafficbee.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.deutschporno.eu [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.ero-advertising.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.yadro.ru [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.buddyiporn.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.dextersporn.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.dextersporn.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.kostenloseporno.net [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
farm3.poweradvertising.co.uk [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.bwincom.122.2o7.net [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.ero-advertising.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.ero-advertising.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.partypoker.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.partypoker.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.ero-advertising.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.ero-advertising.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.ero-advertising.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.im.banner.t-online.de [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
ad1.adfarm1.adition.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.im.banner.t-online.de [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.ad.adnet.de [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.tracking.quisma.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
7.rotator.wigetmedia.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.ero-advertising.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.ero-advertising.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.ero-advertising.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
www.traffective-tracking.net [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
www.traffective-tracking.net [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
www.traffective-tracking.net [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
www.traffective-tracking.net [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
www.traffective-tracking.net [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.tracking.mindshare.de [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
ww251.smartadserver.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
ad.zanox.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.autoscout24.112.2o7.net [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
tracking.mobile.de [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.mypornonline.net [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.mypornonline.net [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.mypornonline.net [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
ad4.adfarm1.adition.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
viewad.exchangecash.de [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
viewad.exchangecash.de [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
viewad.exchangecash.de [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.tradetracker.net [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
viewad.exchangecash.de [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
viewad.exchangecash.de [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
viewad.exchangecash.de [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
viewad.exchangecash.de [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.tradetracker.net [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
viewad.exchangecash.de [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
viewad.exchangecash.de [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
viewad.exchangecash.de [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
media.neodau.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
media.neodau.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
media.neodau.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
viewad.exchangecash.de [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.mmotraffic.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
viewad.exchangecash.de [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.tradetracker.net [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
viewad.exchangecash.de [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
edates.traffective-tracking.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
edates.traffective-tracking.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
edates.traffective-tracking.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
edates.traffective-tracking.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
viewad.exchangecash.de [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
viewad.exchangecash.de [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
viewad.exchangecash.de [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
viewad.exchangecash.de [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.xm.xtendmedia.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
viewad.exchangecash.de [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
viewad.exchangecash.de [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
viewad.exchangecash.de [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
viewad.exchangecash.de [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
viewad.exchangecash.de [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
viewad.exchangecash.de [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.tradetracker.net [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
viewad.exchangecash.de [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
viewad.exchangecash.de [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
viewad.exchangecash.de [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
viewad.exchangecash.de [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
viewad.exchangecash.de [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
viewad.exchangecash.de [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
viewad.exchangecash.de [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.tradetracker.net [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
viewad.exchangecash.de [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
viewad.exchangecash.de [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
viewad.exchangecash.de [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
viewad.exchangecash.de [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
viewad.exchangecash.de [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
viewad.exchangecash.de [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
viewad.exchangecash.de [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
viewad.exchangecash.de [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
viewad.exchangecash.de [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
viewad.exchangecash.de [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
viewad.exchangecash.de [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
viewad.exchangecash.de [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
viewad.exchangecash.de [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
viewad.exchangecash.de [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
viewad.exchangecash.de [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
viewad.exchangecash.de [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
viewad.exchangecash.de [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
viewad.exchangecash.de [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
viewad.exchangecash.de [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
viewad.exchangecash.de [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
viewad.exchangecash.de [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
viewad.exchangecash.de [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
viewad.exchangecash.de [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.tradetracker.net [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
viewad.exchangecash.de [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.tradetracker.net [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
viewad.exchangecash.de [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
viewad.exchangecash.de [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
viewad.exchangecash.de [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.tradetracker.net [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
viewad.exchangecash.de [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
viewad.exchangecash.de [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
www.usenext.de [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
ad.zanox.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.questionmarket.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.questionmarket.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
ad.dyntracker.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
www.zanox-affiliate.de [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
ad.dyntracker.de [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.tracking.quisma.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.unitymedia.de [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.unitymedia.de [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.tracking.quisma.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.im.banner.t-online.de [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.clickfuse.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.mediaplex.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
eas.apm.emediate.eu [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.clickfuse.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
eas.apm.emediate.eu [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.fastclick.net [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.clickfuse.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.doubleclick.net [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
track.adform.net [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.adform.net [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
ad3.adfarm1.adition.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.traffictrack.de [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
aa.adfarm1.adition.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.ad.adnet.de [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.ad.adnet.de [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
adfarm1.adition.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
studivz.adfarm1.adition.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
studivz.adfarm1.adition.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.lfstmedia.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.adbrite.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.zanox-affiliate.de [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.lucidmedia.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.zanox.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.ru4.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
tomtailor.dyntracker.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.adviva.net [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
ad2.adfarm1.adition.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\RüGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7RFL6BIK.DEFAULT\COOKIES.SQLITE ]
Code:
ATTFilter Malwarebytes Anti-Malware (Test) 1.65.0.1400 www.malwarebytes.org Datenbank Version: v2012.09.19.10 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 8.0.7601.17514 Rüger :: RÜGER-PC [Administrator] Schutz: Deaktiviert 19.09.2012 20:44:34 mbam-log-2012-09-19 (20-44-34).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|Q:\|) Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 362506 Laufzeit: 55 Minute(n), 15 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 1 C:\_OTL\MovedFiles\09162012_125921\C_Program Files (x86)\mozilla firefox\plugins\npmieze.dll (PUP.LoadTubes) -> Erfolgreich gelöscht und in Quarantäne gestellt. (Ende) |
|
20.09.2012, 11:03
| #30 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | rkit/agent.dfjv MBAM hatte nur ein Fund in der OTL-Q SASW hat nur Cookies gefunden Code:
ATTFilter UAC On - Limited User
__________________ Logfiles bitte immer in CODE-Tags posten |
|
| Themen zu rkit/agent.dfjv |
| gefunde, google, nichts, rkit/agent.dfjv, virus, vorgehen |
Linear-Darstellung
