| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Icredibar unter Google ChromeWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
12.10.2012, 20:09
| #1 | |
| |  Icredibar unter Google Chrome Hallo Leute, ich habe mir leider diese Inredibar unter Google Chrome eingefangen. Die Toolbar an sich kann ich ja loeschen bzw deaktivieren. Nur, die "mystart" Startseite kommt immer wieder und die toolbar aktiviert bzw installiert sich nach jedem neuinstallieren von google Chrome neu. Nun habe ich die Schritte nach folgender Anleitung durchgefuehrt. http://www.trojaner-board.de/51187-a...i-malware.html Hier nun mein Logfile Zitat:
Schoenen Dank schon mal im vorraus  Gruesse Alex |
|
13.10.2012, 14:23
| #2 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Icredibar unter Google Chrome Bitte nun routinemäßig einen Vollscan mit Malwarebytes machen und Log posten. =>ALLE lokalen Datenträger (außer CD/DVD) überprüfen lassen!
__________________Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss! Die Funde mit Malwarebytes bitte alle entfernen, sodass sie in der Quarantäne von Malwarebytes aufgehoben werden! NICHTS voreilig aus der Quarantäne entfernen! Falls Logs aus älteren Scans mit Malwarebytes vorhanden sind, bitte auch davon alle posten! Bitte alles nach Möglichkeit hier in CODE-Tags posten. Wird so gemacht: [code] hier steht das Log [/code] Und das ganze sieht dann so aus: Code:
ATTFilter hier steht das Log
__________________ |
|
15.10.2012, 19:15
| #3 | ||
| | Icredibar unter Google Chrome Hallo,
__________________vielen Dank schonmal. Hier habe ich einen Scan am 12.10. schonmal durckgeführt. Zitat:
Und hier mein Scan von heute Zitat:
MFG |
|
15.10.2012, 20:55
| #4 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Icredibar unter Google Chrome adwCleaner - Toolbars und ungewollte Start-/Suchseiten aufspüren Downloade Dir bitte AdwCleaner auf deinen Desktop. Falls der adwCleaner schon mal in der runtergeladen wurde, bitte die alte adwcleaner.exe löschen und neu runterladen!!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
15.10.2012, 21:00
| #5 | |
| | Icredibar unter Google Chrome Ok, hier mein naechstes Logfile Zitat:
|
|
16.10.2012, 15:19
| #6 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Icredibar unter Google Chrome Die Logs bitte in CODE-Tags!  adwCleaner - Toolbars und ungewollte Start-/Suchseiten entfernen
__________________ --> Icredibar unter Google Chrome |
|
16.10.2012, 20:06
| #7 |
| | Icredibar unter Google Chrome sorry, diesmal hab ich es richtig gemacht aso hier der code Code:
ATTFilter # AdwCleaner v2.005 - Datei am 16/10/2012 um 21:02:04 erstellt
# Aktualisiert am 14/10/2012 von Xplode
# Betriebssystem : Windows 7 Professional Service Pack 1 (64 bits)
# Benutzer : Alexander Bär - ALEXPC2
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Alexander Bär\Downloads\adwcleaner.exe
# Option [Löschen]
**** [Dienste] ****
Gestoppt & Gelöscht : IBUpdaterService
***** [Dateien / Ordner] *****
Datei Gelöscht : C:\user.js
Ordner Gelöscht : C:\Program Files (x86)\Viewpoint
Ordner Gelöscht : C:\Users\Alexander Bär\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
***** [Registrierungsdatenbank] *****
Schlüssel Gelöscht : HKCU\Software\IM
Schlüssel Gelöscht : HKCU\Software\ImInstaller
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{336D0C35-8A85-403a-B9D2-65C292C39087}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{336D0C35-8A85-403a-B9D2-65C292C39087}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47C0-9269-B4C6572FD61A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{B302A1BD-0157-49FA-90F1-4E94F22C7B4B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\Extension.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Extension.ExtensionHelperObject
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Extension.ExtensionHelperObject.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{1D5A4199-956E-49BC-B89F-6A35C57C0D13}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{9DBB28C1-1925-11D3-A498-00104B6EB52E}
Schlüssel Gelöscht : HKLM\Software\MetaStream
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\IncredibarToolbar_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\IncredibarToolbar_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\MozillaPlugins\@viewpoint.com/VMP
Schlüssel Gelöscht : HKLM\Software\Viewpoint
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{336D0C35-8A85-403a-B9D2-65C292C39087}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A36867C6-302D-49FC-9D8E-1EB037B5F1AB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{336D0C35-8A85-403a-B9D2-65C292C39087}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\ViewpointMediaPlayer
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{336D0C35-8A85-403a-B9D2-65C292C39087}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A36867C6-302D-49FC-9D8E-1EB037B5F1AB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{336D0C35-8A85-403a-B9D2-65C292C39087}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{336D0C35-8A85-403a-B9D2-65C292C39087}_is1
Wert Gelöscht : HKLM\SOFTWARE\Mozilla\Firefox\extensions [{336D0C35-8A85-403a-B9D2-65C292C39087}]
***** [Internet Browser] *****
-\\ Internet Explorer v9.0.8112.16421
[OK] Die Registrierungsdatenbank ist sauber.
-\\ Mozilla Firefox v15.0.1 (de)
Profilname : default
Datei : C:\Users\Alexander Bär\AppData\Roaming\Mozilla\Firefox\Profiles\rlgq0f03.default\prefs.js
[OK] Die Datei ist sauber.
-\\ Google Chrome v [Version kann nicht ermittelt werden]
Datei : C:\Users\Alexander Bär\AppData\Local\Google\Chrome\User Data\Default\Preferences
[OK] Die Datei ist sauber.
-\\ Opera v12.2.1578.0
Datei : C:\Users\Alexander Bär\AppData\Roaming\Opera\Opera\operaprefs.ini
[OK] Die Datei ist sauber.
*************************
AdwCleaner[R1].txt - [5300 octets] - [15/10/2012 21:58:18]
AdwCleaner[S1].txt - [4844 octets] - [16/10/2012 21:02:04]
########## EOF - C:\AdwCleaner[S1].txt - [4904 octets] ##########
mfg |
|
17.10.2012, 13:51
| #8 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Icredibar unter Google Chrome Hätte da mal zwei Fragen bevor es weiter geht (wir sind noch nicht fertig!) 1.) Geht der normale Modus von Windows (wieder) uneingeschränkt? 2.) Vermisst du irgendwas im Startmenü? Sind da leere Ordner unter alle Programme oder ist alles vorhanden?
__________________ Logfiles bitte immer in CODE-Tags posten |
|
17.10.2012, 20:26
| #9 |
| | Icredibar unter Google Chrome 1. ja, klappt alles problemlos. windows hat (zum glueck) keine probleme gemacht. ausser halt die mystart startseite bei chrome funzt nicht. 2. habe keine leeren ordner gefunden |
|
17.10.2012, 21:16
| #10 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Icredibar unter Google Chrome Mach bitte einen CustomScan mit OTL . Bitte alles nach Möglichkeit hier in CODE-Tags posten. Wird so gemacht: [code] hier steht das Log [/code] Und das ganze sieht dann so aus: Code:
ATTFilter hier steht das Log
Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop. Falls schon vorhanden, bitte die ältere vorhandene Datei durch die neu heruntergeladene Datei ersetzen, damit du auch wirklich mit einer aktuellen Version von OTL arbeitest.
Code:
ATTFilter netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.exe
/md5start
wininit.exe
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
CREATERESTOREPOINT
__________________ Logfiles bitte immer in CODE-Tags posten |
|
18.10.2012, 20:33
| #11 |
| | Icredibar unter Google Chrome also hier nun das naechste logfile OTL Logfile: Code:
ATTFilter OTL logfile created on: 18.10.2012 21:22:01 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Alexander Bär\Desktop 64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,91 Gb Total Physical Memory | 2,42 Gb Available Physical Memory | 61,93% Memory free 7,82 Gb Paging File | 6,13 Gb Available in Paging File | 78,39% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 136,41 Gb Total Space | 90,80 Gb Free Space | 66,56% Space Free | Partition Type: NTFS Computer Name: ALEXPC2 | User Name: Alexander Bär | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2012.10.18 21:09:21 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Alexander Bär\Desktop\OTL.exe PRC - [2012.10.03 14:26:12 | 000,188,760 | ---- | M] () -- C:\Programme\IB Updater\ExtensionUpdaterService.exe PRC - [2012.09.21 12:28:42 | 000,874,896 | ---- | M] (Opera Software) -- C:\Program Files (x86)\Opera\opera.exe PRC - [2012.08.13 11:08:08 | 010,376,704 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe PRC - [2012.08.13 11:08:08 | 010,368,512 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin PRC - [2012.03.19 21:58:12 | 000,514,128 | ---- | M] (REINER SCT) -- C:\Windows\SysWOW64\cjpcsc.exe PRC - [2010.12.29 13:54:10 | 000,740,688 | ---- | M] (DigitalPersona, Inc.) -- C:\Program Files (x86)\DigitalPersona\Bin\DPAgent.exe PRC - [2010.12.15 10:46:50 | 000,686,704 | ---- | M] () -- C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe PRC - [2010.11.17 03:53:16 | 000,113,288 | ---- | M] (Renesas Electronics Corporation) -- C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe PRC - [2010.11.05 23:54:22 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe PRC - [2010.11.05 23:54:20 | 000,283,160 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe PRC - [2010.10.05 21:04:12 | 002,655,768 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe PRC - [2010.10.05 21:04:08 | 000,325,656 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe PRC - [2010.10.01 11:49:08 | 000,151,552 | ---- | M] (Atheros) -- C:\Program Files (x86)\Dell Wireless\Ath_CoexAgent.exe PRC - [2003.06.24 12:09:00 | 000,568,096 | ---- | M] (Mozilla, Netscape) -- C:\Program Files (x86)\Netscape\Netscape\Netscp.exe PRC - [2002.04.26 19:53:36 | 000,012,288 | ---- | M] () -- C:\Program Files (x86)\Winamp\winampa.exe ========== Modules (No Company Name) ========== MOD - [2012.10.15 19:23:25 | 009,814,968 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll MOD - [2012.10.07 20:50:12 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\46fce56db7685a586d3eeb7c373e3c1c\WindowsBase.ni.dll MOD - [2012.10.07 20:50:12 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\03dee80574f4ec770b6f77ca030ded6c\System.Runtime.Remoting.ni.dll MOD - [2012.10.07 20:50:12 | 000,014,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\3b2b9f4ec1819e4b95792d92f56d26f9\IAStorCommon.ni.dll MOD - [2012.10.07 20:50:10 | 000,475,648 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\2e16482769fcdf856919e292a968f16c\IAStorUtil.ni.dll MOD - [2012.10.07 20:50:08 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\7b7fbe651c6e72f12099a298654c9594\System.Windows.Forms.ni.dll MOD - [2012.10.07 20:50:03 | 001,591,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6bb439b3f87736d3248ae27d43e2c0d6\System.Drawing.ni.dll MOD - [2012.10.07 20:50:00 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d49b407b93663bfed\System.Xml.ni.dll MOD - [2012.10.07 20:49:57 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cfa9c506bfb9254c89dace7b83bc9f9d\System.Configuration.ni.dll MOD - [2012.10.07 20:49:56 | 007,967,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll MOD - [2012.10.07 20:49:53 | 011,492,864 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll MOD - [2012.08.10 16:51:32 | 000,985,088 | ---- | M] () -- C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll MOD - [2010.12.15 10:46:50 | 000,686,704 | ---- | M] () -- C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe MOD - [2010.11.13 01:26:08 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll MOD - [2009.06.10 23:41:46 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_de_b77a5c561934e089\System.Runtime.Remoting.resources.dll MOD - [2003.06.20 00:19:00 | 000,122,576 | ---- | M] () -- C:\Program Files (x86)\Common Files\mozilla.org\GRE\1.4f_2003062408\components\gkwidget.dll MOD - [2002.04.26 19:53:36 | 000,012,288 | ---- | M] () -- C:\Program Files (x86)\Winamp\winampa.exe ========== Services (SafeList) ========== SRV:64bit: - [2011.05.11 16:53:46 | 000,203,264 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility) SRV:64bit: - [2010.12.03 10:26:34 | 003,143,472 | ---- | M] (Validity Sensors, Inc.) [Auto | Running] -- C:\Windows\SysNative\vcsFPService.exe -- (vcsFPService) SRV:64bit: - [2009.07.14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt) SRV - [2012.10.03 14:26:12 | 000,188,760 | ---- | M] () [Auto | Running] -- C:\Programme\IB Updater\ExtensionUpdaterService.exe -- (IB Updater Updater) SRV - [2012.09.21 12:54:28 | 000,068,096 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe -- (Macromedia Licensing Service) SRV - [2012.09.12 21:21:48 | 000,368,896 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- c:\Programme\Microsoft Security Client\NisSrv.exe -- (NisSrv) SRV - [2012.09.12 21:21:48 | 000,022,072 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Programme\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc) SRV - [2012.09.06 03:25:06 | 000,114,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2012.03.19 21:58:12 | 000,514,128 | ---- | M] (REINER SCT) [Auto | Running] -- C:\Windows\SysWOW64\cjpcsc.exe -- (cjpcsc) SRV - [2011.01.24 19:57:18 | 000,296,448 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Programme\IDT\WDM\stacsv64.exe -- (STacSV) SRV - [2010.12.29 13:54:24 | 000,440,144 | ---- | M] (DigitalPersona, Inc.) [Auto | Running] -- C:\Programme\DigitalPersona\Bin\DpHostW.exe -- (DpHost) SRV - [2010.12.17 14:46:48 | 000,053,920 | ---- | M] (Atheros Commnucations) [Auto | Running] -- C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe -- (AtherosSvc) SRV - [2010.12.03 10:14:58 | 002,696,496 | ---- | M] (Validity Sensors, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\vcsFPService.exe -- (vcsFPService) SRV - [2010.11.29 15:00:56 | 000,149,504 | ---- | M] (Intel(R) Corporation) [On_Demand | Running] -- C:\Programme\Intel\TurboBoost\TurboBoost.exe -- (TurboBoost) SRV - [2010.11.05 23:54:22 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) SRV - [2010.10.05 21:04:12 | 002,655,768 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) SRV - [2010.10.05 21:04:08 | 000,325,656 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) SRV - [2010.10.01 11:49:08 | 000,151,552 | ---- | M] (Atheros) [Auto | Running] -- C:\Program Files (x86)\Dell Wireless\Ath_CoexAgent.exe -- (Atheros Bt&Wlan Coex Agent) SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2009.03.02 20:42:58 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Programme\IDT\WDM\AESTSr64.exe -- (AESTFilters) ========== Driver Services (SafeList) ========== DRV:64bit: - [2012.08.30 22:03:48 | 000,128,456 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv) DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:64bit: - [2011.06.10 06:34:52 | 000,539,240 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167) DRV:64bit: - [2011.05.11 20:16:38 | 009,319,424 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag) DRV:64bit: - [2011.05.11 16:16:54 | 000,304,128 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap) DRV:64bit: - [2011.04.10 05:51:06 | 012,223,936 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdpmd64.sys -- (intelkmd) DRV:64bit: - [2011.03.29 10:50:26 | 000,034,672 | ---- | M] (REINER SCT) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\cjusb.sys -- (cjusb) DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2011.01.24 19:57:18 | 000,520,192 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA) DRV:64bit: - [2010.12.17 14:47:10 | 000,275,616 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btfilter.sys -- (BtFilter) DRV:64bit: - [2010.12.17 14:47:08 | 000,201,376 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_hcrp.sys -- (BTATH_HCRP) DRV:64bit: - [2010.12.17 14:47:08 | 000,154,272 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_rcp.sys -- (BTATH_RCP) DRV:64bit: - [2010.12.17 14:47:08 | 000,055,456 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_lwflt.sys -- (BTATH_LWFLT) DRV:64bit: - [2010.12.17 14:47:08 | 000,036,000 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_flt.sys -- (AthBTPort) DRV:64bit: - [2010.12.17 14:47:08 | 000,028,832 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_bus.sys -- (BTATH_BUS) DRV:64bit: - [2010.12.17 14:47:06 | 000,298,144 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_a2dp.sys -- (BTATH_A2DP) DRV:64bit: - [2010.12.13 09:34:14 | 000,027,760 | ---- | M] (ST Microelectronics) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Accelern.sys -- (Acceler) DRV:64bit: - [2010.12.10 07:50:36 | 000,181,248 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc) DRV:64bit: - [2010.12.10 07:50:36 | 000,080,384 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub) DRV:64bit: - [2010.11.29 15:00:04 | 000,016,120 | ---- | M] (Intel(R) Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TurboB.sys -- (TurboB) DRV:64bit: - [2010.11.24 11:33:26 | 002,673,664 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr) DRV:64bit: - [2010.11.21 05:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:64bit: - [2010.11.21 05:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc) DRV:64bit: - [2010.11.21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2010.11.21 05:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD) DRV:64bit: - [2010.11.05 23:45:48 | 000,438,808 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor) DRV:64bit: - [2010.10.19 23:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64) DRV:64bit: - [2010.10.14 19:28:16 | 000,317,440 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud) DRV:64bit: - [2010.08.20 11:05:12 | 000,021,616 | ---- | M] (ST Microelectronics) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\stdcfltn.sys -- (stdcfltn) DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009.07.14 02:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam) DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-2956429621-859001709-2434547980-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.dell.com IE - HKU\S-1-5-21-2956429621-859001709-2434547980-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKU\S-1-5-21-2956429621-859001709-2434547980-1000\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-2956429621-859001709-2434547980-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..extensions.enabledAddons: ich@maltegoetz.de:1.4.3 FF - user.js - File not found FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_4_402_287.dll File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll () FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation) FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.3: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) 64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\PROGRAM FILES\IB UPDATER\FIREFOX [2012.10.07 19:15:05 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\otis@digitalpersona.com: C:\Program Files (x86)\DigitalPersona\Bin\FirefoxExt\ [2012.09.21 12:35:44 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.10.07 19:51:03 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 15.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2012.09.14 17:07:02 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 15.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins FF - HKEY_LOCAL_MACHINE\software\mozilla\Netscape 7.1\Extensions\\Components: C:\Program Files (x86)\Netscape\Netscape\Components [2012.09.21 12:30:14 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Netscape 7.1\Extensions\\Plugins: C:\Program Files (x86)\Netscape\Netscape\Plugins [2012.09.30 11:03:07 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Netscape 7.1\Extensions\\Components: C:\Program Files (x86)\Netscape\Netscape\Components [2012.09.21 12:30:14 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Netscape 7.1\Extensions\\Plugins: C:\Program Files (x86)\Netscape\Netscape\Plugins [2012.09.30 11:03:07 | 000,000,000 | ---D | M] [2012.09.14 17:07:06 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Alexander Bär\AppData\Roaming\mozilla\Extensions [2012.10.13 16:50:58 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Alexander Bär\AppData\Roaming\mozilla\Firefox\Profiles\rlgq0f03.default\extensions [2012.10.13 16:50:58 | 000,000,000 | ---D | M] (ProxTube - Unblock YouTube) -- C:\Users\Alexander Bär\AppData\Roaming\mozilla\Firefox\Profiles\rlgq0f03.default\extensions\ich@maltegoetz.de [2012.10.07 19:51:03 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions File not found (No name found) -- C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\EXTENSIONS\ICH@MALTEGOETZ.DE [2012.09.06 03:26:03 | 000,266,720 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2012.09.06 04:07:37 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml [2012.09.06 04:07:37 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml [2012.09.06 04:07:37 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml [2012.09.06 04:07:37 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml [2012.09.06 04:07:37 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml [2012.09.06 04:07:37 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml ========== Chrome ========== CHR - homepage: CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms} CHR - homepage: CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\22.0.1229.94\PepperFlash\pepflashplayer.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_278.dll CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\22.0.1229.94\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\22.0.1229.94\pdf.dll CHR - plugin: Injovo Extension Plugin (Enabled) = C:\Users\Alexander B\u00E4r\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd\2.0.0.534_0\npbrowserext.dll CHR - plugin: Perion plugin (Enabled) = C:\Users\Alexander B\u00E4r\AppData\Local\Google\Chrome\User Data\Default\Extensions\jifflliplgeajjdhmkcfnngfpgbjonjg\1.0.0_0\Plugins/PerionNewTabChrome-32.dll CHR - plugin: Foxit Reader Plugin for Mozilla (Enabled) = C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll CHR - plugin: MetaStream 3 Plugin (Enabled) = C:\Program Files (x86)\Viewpoint\Viewpoint Media Player\npViewpoint.dll CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll CHR - Extension: YouTube = C:\Users\Alexander Bär\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\ CHR - Extension: Google-Suche = C:\Users\Alexander Bär\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\ CHR - Extension: New tab for Chrome\u2122 = C:\Users\Alexander Bär\AppData\Local\Google\Chrome\User Data\Default\Extensions\jifflliplgeajjdhmkcfnngfpgbjonjg\1.0.0_0\ CHR - Extension: Google Mail = C:\Users\Alexander Bär\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\ O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2 - BHO: (CIESpeechBHO Class) - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations) O2 - BHO: (AusweisApp 1.9.0.0) - {C9EE92B7-EDD5-4ad9-8029-2EC6818E653A} - C:\Program Files (x86)\AusweisApp\siqeCardClient.ols (OpenLimit SignCubes AG) O4:64bit: - HKLM..\Run: [AthBtTray] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AthBtTray.exe (Atheros Commnucations) O4:64bit: - HKLM..\Run: [AtherosBtStack] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe (Atheros Communications) O4:64bit: - HKLM..\Run: [FreeFallProtection] C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe () O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [IntelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs" File not found O4:64bit: - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation) O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Programme\IDT\WDM\sttray64.exe (IDT, Inc.) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation) O4 - HKLM..\Run: [NUSB3MON] C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation) O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKLM..\Run: [WinampAgent] C:\Program Files (x86)\Winamp\Winampa.exe () O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-2956429621-859001709-2434547980-1000..\Run: [HP Officejet 6700 (NET)] C:\Program Files\HP\HP Officejet 6700\Bin\ScanToPCActivationApp.exe (Hewlett-Packard Co.) O4 - HKU\S-1-5-21-2956429621-859001709-2434547980-1000..\Run: [Mozilla Quick Launch] C:\Program Files (x86)\Netscape\Netscape\Netscp.exe (Mozilla, Netscape) O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - Startup: C:\Users\Alexander Bär\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe () O4 - Startup: C:\Users\Alexander Bär\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Überwachungstool für die Intel® Turbo-Boost-Technik 2.0.lnk = File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O9:64bit: - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - Reg Error: Value error. File not found O9 - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{34520256-E0DE-4721-B7E4-835361D8C1D0}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{57BC3B07-DA9F-4998-BDEC-CC8510DA02FC}: DhcpNameServer = 192.168.1.1 O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Program Files (x86)\DigitalPersona\Bin\DPAgent.exe) - C:\Program Files (x86)\DigitalPersona\Bin\DPAgent.exe (DigitalPersona, Inc.) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O33 - MountPoints2\{ded7a7d1-fe77-11e1-920c-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{ded7a7d1-fe77-11e1-920c-806e6f6e6963}\Shell\AutoRun\command - "" = D:\autoRcd.exe O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2012.10.18 21:09:19 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Alexander Bär\Desktop\OTL.exe [2012.10.17 06:46:26 | 000,000,000 | ---D | C] -- C:\Users\Alexander Bär\AppData\Roaming\Foxit Software [2012.10.16 21:03:28 | 000,000,000 | R--D | C] -- C:\Users\Alexander Bär\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices [2012.10.12 20:53:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome [2012.10.12 20:36:57 | 000,000,000 | ---D | C] -- C:\Users\Alexander Bär\AppData\Roaming\Malwarebytes [2012.10.12 20:36:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2012.10.12 20:36:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2012.10.12 20:36:42 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2012.10.12 20:36:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2012.10.12 20:04:05 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\appmgmt [2012.10.10 22:50:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\jAlbum [2012.10.10 22:50:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\jAlbum [2012.10.10 22:03:38 | 000,000,000 | ---D | C] -- C:\Users\Alexander Bär\Projects [2012.10.07 19:51:54 | 000,000,000 | ---D | C] -- C:\Users\Alexander Bär\AppData\Local\Macromedia [2012.10.07 19:51:17 | 000,000,000 | ---D | C] -- C:\Users\Alexander Bär\AppData\Local\Mozilla [2012.10.07 19:51:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service [2012.10.07 19:51:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla [2012.10.07 19:16:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth [2012.10.07 19:16:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google [2012.10.07 19:15:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Perion [2012.10.07 19:15:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox [2012.10.07 19:15:08 | 000,035,328 | ---- | C] (IncrediMail, Ltd.) -- C:\Windows\SysNative\ImHttpComm.dll [2012.10.07 19:15:08 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\ARFC [2012.10.07 19:15:07 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\WNLT [2012.10.07 19:15:04 | 000,000,000 | ---D | C] -- C:\Program Files\IB Updater [2012.10.06 10:30:08 | 000,000,000 | ---D | C] -- C:\Users\Alexander Bär\AppData\Roaming\OpenOffice.org [2012.10.05 13:21:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader [2012.10.05 13:21:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Foxit Software [2012.10.04 19:49:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy [2012.10.04 19:49:25 | 000,000,000 | ---D | C] -- C:\Program Files\Speccy [2012.10.03 08:28:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET [2012.09.30 11:02:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe [2012.09.28 21:54:28 | 000,000,000 | ---D | C] -- C:\Users\Alexander Bär\Documents\My Albums [2012.09.28 20:22:41 | 000,000,000 | ---D | C] -- C:\Windows\Hewlett-Packard [2012.09.21 13:09:14 | 000,000,000 | --SD | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice.org 3.4.1 [2012.09.21 13:08:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OpenOffice.org 3 [2012.09.21 13:04:46 | 000,000,000 | ---D | C] -- C:\Users\Alexander Bär\AppData\Roaming\jAlbum [2012.09.21 12:54:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Macromedia Shared [2012.09.21 12:54:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Macromedia [2012.09.21 12:54:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Macromedia [2012.09.21 12:53:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Macromedia [2012.09.21 12:49:03 | 000,000,000 | ---D | C] -- C:\Users\Alexander Bär\AppData\Roaming\DigitalPersona [2012.09.21 12:49:03 | 000,000,000 | ---D | C] -- C:\Users\Alexander Bär\AppData\Local\DigitalPersona [2012.09.21 12:46:34 | 000,021,616 | ---- | C] (ST Microelectronics) -- C:\Windows\SysNative\drivers\stdcfltn.sys [2012.09.21 12:46:34 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE [2012.09.21 12:45:57 | 000,000,000 | ---D | C] -- C:\Program Files\STMicroelectronics [2012.09.21 12:45:45 | 000,081,008 | ---- | C] (ST Microelectronics) -- C:\Windows\SysNative\accelernco01.dll [2012.09.21 12:45:45 | 000,027,760 | ---- | C] (ST Microelectronics) -- C:\Windows\SysNative\drivers\Accelern.sys [2012.09.21 12:45:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\STMicroelectronics [2012.09.21 12:38:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Validity [2012.09.21 12:38:22 | 000,000,000 | ---D | C] -- C:\Program Files\Validity Sensors [2012.09.21 12:37:41 | 000,000,000 | ---D | C] -- C:\Program Files\Intel [2012.09.21 12:35:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Macrovision [2012.09.21 12:35:50 | 000,000,000 | ---D | C] -- C:\Users\Alexander Bär\AppData\Local\Programs [2012.09.21 12:35:50 | 000,000,000 | ---D | C] -- C:\Users\Alexander Bär\AppData\Roaming\Macrovision [2012.09.21 12:35:49 | 000,000,000 | ---D | C] -- C:\Users\Alexander Bär\AppData\Roaming\FLEXnet [2012.09.21 12:35:43 | 000,000,000 | ---D | C] -- C:\Windows\DPDrv [2012.09.21 12:35:38 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\zh-Hant [2012.09.21 12:35:38 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\zh-Hans [2012.09.21 12:35:38 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\tr [2012.09.21 12:35:38 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\sv [2012.09.21 12:35:38 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\ru [2012.09.21 12:35:37 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\zh-Hant [2012.09.21 12:35:37 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\zh-Hans [2012.09.21 12:35:37 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\tr [2012.09.21 12:35:37 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\sv [2012.09.21 12:35:37 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\ru [2012.09.21 12:35:37 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\no [2012.09.21 12:35:37 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\no [2012.09.21 12:35:37 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\nl [2012.09.21 12:35:37 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\nl [2012.09.21 12:35:37 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\ko [2012.09.21 12:35:37 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\ko [2012.09.21 12:35:37 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\ja [2012.09.21 12:35:37 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\ja [2012.09.21 12:35:37 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\it [2012.09.21 12:35:37 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\it [2012.09.21 12:35:37 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\gl-ES [2012.09.21 12:35:37 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\gl-ES [2012.09.21 12:35:37 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\fr [2012.09.21 12:35:37 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\fr [2012.09.21 12:35:37 | 000,000,000 | ---D | C] -- C:\ProgramData\FLEXnet [2012.09.21 12:35:37 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\eu-ES [2012.09.21 12:35:37 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\eu-ES [2012.09.21 12:35:37 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\es [2012.09.21 12:35:37 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\es [2012.09.21 12:35:37 | 000,000,000 | ---D | C] -- C:\Program Files\DigitalPersona [2012.09.21 12:35:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DigitalPersona [2012.09.21 12:35:37 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\da [2012.09.21 12:35:37 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\da [2012.09.21 12:35:37 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\ca-ES [2012.09.21 12:35:37 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\ca-ES [2012.09.21 12:35:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IrfanView [2012.09.21 12:35:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Downloaded Installations [2012.09.21 12:35:13 | 000,000,000 | ---D | C] -- C:\Users\Alexander Bär\AppData\Roaming\IrfanView [2012.09.21 12:35:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\IrfanView [2012.09.21 12:32:48 | 000,000,000 | ---D | C] -- C:\Users\Alexander Bär\AppData\Roaming\WinRAR [2012.09.21 12:32:48 | 000,000,000 | ---D | C] -- C:\Users\Alexander Bär\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR [2012.09.21 12:32:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR [2012.09.21 12:32:44 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR [2012.09.21 12:31:04 | 000,000,000 | ---D | C] -- C:\Users\Alexander Bär\AppData\Roaming\vlc [2012.09.21 12:30:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN [2012.09.21 12:30:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Hewlett-Packard [2012.09.21 12:30:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VideoLAN [2012.09.21 12:30:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft [2012.09.21 12:30:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight [2012.09.21 12:30:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight [2012.09.21 12:30:03 | 000,000,000 | ---D | C] -- C:\Users\Alexander Bär\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Winamp [2012.09.21 12:30:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Winamp [2012.09.21 12:30:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Winamp [2012.09.21 12:29:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Netscape 7.1 [2012.09.21 12:29:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\mozilla.org [2012.09.21 12:29:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Netscape [2012.09.21 12:29:16 | 000,000,000 | ---D | C] -- C:\Users\Alexander Bär\AppData\Roaming\HpUpdate [2012.09.21 12:29:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP [2012.09.21 12:28:46 | 000,000,000 | ---D | C] -- C:\ProgramData\HP [2012.09.21 12:28:44 | 000,000,000 | ---D | C] -- C:\Users\Alexander Bär\AppData\Roaming\Opera [2012.09.21 12:28:44 | 000,000,000 | ---D | C] -- C:\Users\Alexander Bär\AppData\Local\Opera [2012.09.21 12:28:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Opera [2012.09.21 12:28:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\HP [2012.09.21 12:27:53 | 000,000,000 | ---D | C] -- C:\Program Files\HP [2012.09.21 12:26:48 | 000,000,000 | ---D | C] -- C:\Users\Alexander Bär\AppData\Local\HP ========== Files - Modified Within 30 Days ========== [2012.10.18 21:21:00 | 000,001,124 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2012.10.18 21:10:31 | 000,001,120 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2012.10.18 21:09:21 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Alexander Bär\Desktop\OTL.exe [2012.10.18 20:58:56 | 000,000,035 | ---- | M] () -- C:\Users\Public\Documents\AtherosServiceConfig.ini [2012.10.18 20:58:54 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012.10.16 21:10:18 | 000,021,088 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012.10.16 21:10:18 | 000,021,088 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012.10.16 21:07:30 | 001,498,506 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2012.10.16 21:07:30 | 000,654,166 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2012.10.16 21:07:30 | 000,616,008 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2012.10.16 21:07:30 | 000,130,006 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2012.10.16 21:07:30 | 000,106,388 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2012.10.16 21:03:23 | 000,001,918 | ---- | M] () -- C:\Users\Alexander Bär\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tintenwarnungen überwachen - HP Officejet 6700 (Netzwerk).lnk [2012.10.16 21:03:07 | 3148,222,464 | -HS- | M] () -- C:\hiberfil.sys [2012.10.12 20:53:17 | 000,002,282 | ---- | M] () -- C:\Users\Alexander Bär\Desktop\Google Chrome.lnk [2012.10.09 17:31:03 | 000,729,542 | ---- | M] () -- C:\Users\Alexander Bär\Documents\BG-Zahlung-Studium.pdf [2012.10.07 19:51:14 | 000,001,165 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2012.10.07 19:16:31 | 000,002,247 | ---- | M] () -- C:\Users\Public\Desktop\Google Earth.lnk [2012.10.06 10:30:13 | 000,001,270 | ---- | M] () -- C:\Users\Alexander Bär\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk [2012.10.02 17:20:24 | 001,261,936 | ---- | M] () -- C:\Windows\SysNative\dmwu.exe [2012.10.02 17:19:30 | 000,035,328 | ---- | M] (IncrediMail, Ltd.) -- C:\Windows\SysNative\ImHttpComm.dll [2012.09.26 09:30:53 | 000,001,912 | ---- | M] () -- C:\Windows\epplauncher.mif [2012.09.22 16:28:37 | 000,292,776 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2012.09.21 13:11:29 | 000,000,600 | ---- | M] () -- C:\Users\Alexander Bär\AppData\Roaming\winscp.rnd [2012.09.21 12:38:28 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_WinUsb_01007.Wdf [2012.09.21 12:37:42 | 000,001,063 | ---- | M] () -- C:\Users\Alexander Bär\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Überwachungstool für die Intel® Turbo-Boost-Technik 2.0.lnk [2012.09.21 12:30:05 | 000,000,335 | ---- | M] () -- C:\Windows\nsreg.dat [2012.09.21 12:30:04 | 000,007,614 | ---- | M] () -- C:\Windows\mozver.dat [2012.09.21 12:30:00 | 000,087,184 | ---- | M] () -- C:\Windows\NSUninst.exe [2012.09.21 12:29:55 | 000,087,184 | ---- | M] () -- C:\Windows\GREUninstall.exe [2012.09.21 12:27:41 | 000,000,057 | ---- | M] () -- C:\ProgramData\Ament.ini ========== Files Created - No Company Name ========== [2012.10.12 20:53:17 | 000,002,282 | ---- | C] () -- C:\Users\Alexander Bär\Desktop\Google Chrome.lnk [2012.10.09 17:31:02 | 000,729,542 | ---- | C] () -- C:\Users\Alexander Bär\Documents\BG-Zahlung-Studium.pdf [2012.10.07 19:51:14 | 000,001,177 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk [2012.10.07 19:51:14 | 000,001,165 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2012.10.07 19:16:31 | 000,002,247 | ---- | C] () -- C:\Users\Public\Desktop\Google Earth.lnk [2012.10.07 19:16:04 | 000,001,124 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2012.10.07 19:16:04 | 000,001,120 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2012.10.07 19:15:08 | 001,261,936 | ---- | C] () -- C:\Windows\SysNative\dmwu.exe [2012.10.06 10:30:13 | 000,001,270 | ---- | C] () -- C:\Users\Alexander Bär\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk [2012.10.01 18:18:56 | 000,609,280 | ---- | C] () -- C:\Users\Public\Documents\PasswortGen.exe [2012.09.25 20:20:04 | 000,048,537 | ---- | C] () -- C:\proxtube.crx [2012.09.21 13:11:29 | 000,000,600 | ---- | C] () -- C:\Users\Alexander Bär\AppData\Roaming\winscp.rnd [2012.09.21 13:10:51 | 000,000,520 | ---- | C] () -- C:\Users\Alexander Bär\salamand.key [2012.09.21 13:10:39 | 000,000,949 | ---- | C] () -- C:\Users\Alexander Bär\keys.zip [2012.09.21 12:38:28 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_WinUsb_01007.Wdf [2012.09.21 12:37:43 | 000,001,063 | ---- | C] () -- C:\Users\Alexander Bär\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Überwachungstool für die Intel® Turbo-Boost-Technik 2.0.lnk [2012.09.21 12:35:55 | 000,001,146 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DigitalPersona Fingerprint Software.lnk [2012.09.21 12:32:55 | 000,001,918 | ---- | C] () -- C:\Users\Alexander Bär\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tintenwarnungen überwachen - HP Officejet 6700 (Netzwerk).lnk [2012.09.21 12:30:05 | 000,000,335 | ---- | C] () -- C:\Windows\nsreg.dat [2012.09.21 12:30:00 | 000,087,184 | ---- | C] () -- C:\Windows\NSUninst.exe [2012.09.21 12:29:55 | 000,087,184 | ---- | C] () -- C:\Windows\GREUninstall.exe [2012.09.21 12:29:53 | 000,007,614 | ---- | C] () -- C:\Windows\mozver.dat [2012.09.21 12:29:19 | 000,000,968 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\I.R.I.S. OCR-Registrierung.lnk [2012.09.21 12:28:44 | 000,001,841 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk [2012.09.21 12:27:41 | 000,000,057 | ---- | C] () -- C:\ProgramData\Ament.ini [2012.09.16 23:34:01 | 000,000,396 | ---- | C] () -- C:\Windows\hbcikrnl.ini [2012.09.16 23:33:56 | 000,167,936 | ---- | C] () -- C:\Windows\SysWow64\SerialXP.dll [2012.09.16 23:33:56 | 000,027,648 | ---- | C] () -- C:\Windows\SysWow64\win32com.dll [2012.09.14 17:02:57 | 001,500,444 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2012.09.14 16:57:13 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin [2012.09.14 16:55:57 | 000,003,914 | ---- | C] () -- C:\Windows\SysWow64\atipblup.dat [2012.09.14 16:55:43 | 000,003,914 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat [2012.09.14 16:40:58 | 000,008,192 | ---- | C] () -- C:\Windows\SysWow64\drivers\IntelMEFWVer.dll [2011.05.11 23:57:52 | 000,059,904 | ---- | C] () -- C:\Windows\SysWow64\OVDecode.dll [2011.04.10 05:49:08 | 000,963,116 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin [2011.04.10 05:49:08 | 000,218,304 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin [2011.04.10 05:49:08 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin [2011.04.10 05:42:48 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll [2011.04.10 05:18:22 | 013,356,032 | ---- | C] () -- C:\Windows\SysWow64\ig4icd32.dll ========== ZeroAccess Check ========== [2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 07:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 06:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 05:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] ========== LOP Check ========== [2012.09.21 12:49:03 | 000,000,000 | ---D | M] -- C:\Users\Alexander Bär\AppData\Roaming\DigitalPersona [2012.10.17 06:46:26 | 000,000,000 | ---D | M] -- C:\Users\Alexander Bär\AppData\Roaming\Foxit Software [2012.09.21 12:35:13 | 000,000,000 | ---D | M] -- C:\Users\Alexander Bär\AppData\Roaming\IrfanView [2012.09.21 13:05:15 | 000,000,000 | ---D | M] -- C:\Users\Alexander Bär\AppData\Roaming\jAlbum [2012.10.06 10:30:08 | 000,000,000 | ---D | M] -- C:\Users\Alexander Bär\AppData\Roaming\OpenOffice.org [2012.09.21 12:28:44 | 000,000,000 | ---D | M] -- C:\Users\Alexander Bär\AppData\Roaming\Opera [2012.09.14 17:07:06 | 000,000,000 | ---D | M] -- C:\Users\Alexander Bär\AppData\Roaming\Thunderbird ========== Purity Check ========== ========== Custom Scans ========== < %ALLUSERSPROFILE%\Application Data\*. > < %ALLUSERSPROFILE%\Application Data\*.exe /s > < %APPDATA%\*. > [2012.09.14 23:13:43 | 000,000,000 | ---D | M] -- C:\Users\Alexander Bär\AppData\Roaming\Adobe [2012.09.14 16:57:26 | 000,000,000 | ---D | M] -- C:\Users\Alexander Bär\AppData\Roaming\ATI [2012.09.21 12:49:03 | 000,000,000 | ---D | M] -- C:\Users\Alexander Bär\AppData\Roaming\DigitalPersona [2012.09.21 12:35:49 | 000,000,000 | ---D | M] -- C:\Users\Alexander Bär\AppData\Roaming\FLEXnet [2012.10.17 06:46:26 | 000,000,000 | ---D | M] -- C:\Users\Alexander Bär\AppData\Roaming\Foxit Software [2012.10.05 19:42:53 | 000,000,000 | ---D | M] -- C:\Users\Alexander Bär\AppData\Roaming\HpUpdate [2012.09.14 16:32:58 | 000,000,000 | ---D | M] -- C:\Users\Alexander Bär\AppData\Roaming\Identities [2012.09.14 16:40:21 | 000,000,000 | ---D | M] -- C:\Users\Alexander Bär\AppData\Roaming\InstallShield [2012.09.14 16:57:26 | 000,000,000 | ---D | M] -- C:\Users\Alexander Bär\AppData\Roaming\Intel Corporation [2012.09.21 12:35:13 | 000,000,000 | ---D | M] -- C:\Users\Alexander Bär\AppData\Roaming\IrfanView [2012.09.21 13:05:15 | 000,000,000 | ---D | M] -- C:\Users\Alexander Bär\AppData\Roaming\jAlbum [2012.09.21 13:03:02 | 000,000,000 | ---D | M] -- C:\Users\Alexander Bär\AppData\Roaming\Macromedia [2012.09.21 12:35:50 | 000,000,000 | ---D | M] -- C:\Users\Alexander Bär\AppData\Roaming\Macrovision [2012.10.12 20:36:57 | 000,000,000 | ---D | M] -- C:\Users\Alexander Bär\AppData\Roaming\Malwarebytes [2010.11.21 09:16:58 | 000,000,000 | ---D | M] -- C:\Users\Alexander Bär\AppData\Roaming\Media Center Programs [2012.10.07 19:51:54 | 000,000,000 | --SD | M] -- C:\Users\Alexander Bär\AppData\Roaming\Microsoft [2012.10.07 19:51:17 | 000,000,000 | ---D | M] -- C:\Users\Alexander Bär\AppData\Roaming\Mozilla [2012.10.06 10:30:08 | 000,000,000 | ---D | M] -- C:\Users\Alexander Bär\AppData\Roaming\OpenOffice.org [2012.09.21 12:28:44 | 000,000,000 | ---D | M] -- C:\Users\Alexander Bär\AppData\Roaming\Opera [2012.09.14 17:07:06 | 000,000,000 | ---D | M] -- C:\Users\Alexander Bär\AppData\Roaming\Thunderbird [2012.10.10 17:54:44 | 000,000,000 | ---D | M] -- C:\Users\Alexander Bär\AppData\Roaming\vlc [2012.09.21 12:32:48 | 000,000,000 | ---D | M] -- C:\Users\Alexander Bär\AppData\Roaming\WinRAR < %APPDATA%\*.exe /s > [2012.09.21 12:35:49 | 001,373,552 | ---- | M] (Flexera Software, Inc.) -- C:\Users\Alexander Bär\AppData\Roaming\FLEXnet\Connect\11\agent.exe [2012.09.21 12:35:50 | 000,206,112 | ---- | M] (InstallShield Software Corporation) -- C:\Users\Alexander Bär\AppData\Roaming\FLEXnet\Connect\11\dwusplay.exe [2012.09.21 12:35:49 | 000,439,664 | ---- | M] (Flexera Software, Inc.) -- C:\Users\Alexander Bär\AppData\Roaming\FLEXnet\Connect\11\isdm.exe [2012.09.21 12:35:50 | 000,087,408 | ---- | M] (Flexera Software, Inc.) -- C:\Users\Alexander Bär\AppData\Roaming\FLEXnet\Connect\11\issch.exe [2012.09.21 12:35:50 | 000,718,192 | ---- | M] (Flexera Software, Inc.) -- C:\Users\Alexander Bär\AppData\Roaming\Macrovision\FLEXnet Connect\11\agent.exe [2012.09.21 12:35:50 | 000,742,768 | ---- | M] (Flexera Software, Inc.) -- C:\Users\Alexander Bär\AppData\Roaming\Macrovision\FLEXnet Connect\6\agent.exe [2012.09.14 16:55:57 | 000,010,134 | R--- | M] () -- C:\Users\Alexander Bär\AppData\Roaming\Microsoft\Installer\{11081E1B-9D55-63DD-67FE-8AC8D08834C9}\ARPPRODUCTICON.exe [2012.09.14 16:37:21 | 000,010,134 | R--- | M] () -- C:\Users\Alexander Bär\AppData\Roaming\Microsoft\Installer\{42929F0F-CE14-47AF-9FC7-FF297A603021}\ARPPRODUCTICON.exe [2012.09.14 16:37:21 | 000,045,056 | R--- | M] (Macrovision Corporation) -- C:\Users\Alexander Bär\AppData\Roaming\Microsoft\Installer\{42929F0F-CE14-47AF-9FC7-FF297A603021}\NewShortcut1_42929F0FCE1447AF9FC7FF297A603021_1.exe < %SYSTEMDRIVE%\*.exe > < MD5 for: AGP440.SYS > [2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys [2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys [2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys < MD5 for: ATAPI.SYS > [2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys [2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys [2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys < MD5 for: CNGAUDIT.DLL > [2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll [2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll [2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\SysNative\cngaudit.dll [2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll < MD5 for: IASTOR.SYS > [2010.11.05 23:45:48 | 000,438,808 | ---- | M] (Intel Corporation) MD5=D7921D5A870B11CC1ADAB198A519D50A -- C:\Windows\SysNative\drivers\iaStor.sys [2010.11.05 23:45:48 | 000,438,808 | ---- | M] (Intel Corporation) MD5=D7921D5A870B11CC1ADAB198A519D50A -- C:\Windows\SysNative\DriverStore\FileRepository\iaahci.inf_amd64_neutral_710b330fb3531234\iaStor.sys < MD5 for: IASTORV.SYS > [2010.11.21 05:23:47 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_668286aa35d55928\iaStorV.sys [2010.11.21 05:23:47 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_0d3757e79e6784d0\iaStorV.sys [2011.03.11 08:19:16 | 000,410,496 | ---- | M] (Intel Corporation) MD5=5B3DE7208E5000D5B451B9D290D2579C -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_0d714416b7c182d5\iaStorV.sys [2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\drivers\iaStorV.sys [2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0bcee2057afcc090\iaStorV.sys [2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_0cf9793d9e95787b\iaStorV.sys < MD5 for: NETLOGON.DLL > [2010.11.21 05:24:01 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\SysNative\netlogon.dll [2010.11.21 05:24:01 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll [2010.11.21 05:24:09 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SysWOW64\netlogon.dll [2010.11.21 05:24:09 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll < MD5 for: NVSTOR.SYS > [2011.03.11 08:19:21 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys [2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\drivers\nvstor.sys [2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvstor.sys [2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys [2010.11.21 05:23:47 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvstor.sys [2010.11.21 05:23:47 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvstor.sys < MD5 for: SCECLI.DLL > [2010.11.21 05:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll [2010.11.21 05:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll [2010.11.21 05:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll [2010.11.21 05:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll < MD5 for: USER32.DLL > [2010.11.21 05:24:20 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\SysWOW64\user32.dll [2010.11.21 05:24:20 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_35b31c02b85ccb6e\user32.dll [2010.11.21 05:24:09 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\SysNative\user32.dll [2010.11.21 05:24:09 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_2b5e71b083fc0973\user32.dll < MD5 for: USERINIT.EXE > [2010.11.21 05:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe [2010.11.21 05:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe [2010.11.21 05:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe [2010.11.21 05:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe < MD5 for: WININIT.EXE > [2009.07.14 03:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\SysNative\wininit.exe [2009.07.14 03:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\winsxs\amd64_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_8ce7aa761e01ad49\wininit.exe [2009.07.14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\SysWOW64\wininit.exe [2009.07.14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe < MD5 for: WINLOGON.EXE > [2010.11.21 05:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe [2010.11.21 05:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe [2012.09.07 17:04:42 | 000,218,696 | ---- | M] () MD5=4E0D8C9F83B7FD82393F7D8CCC27E7AE -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe < MD5 for: WS2IFSL.SYS > [2009.07.14 02:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\SysNative\drivers\ws2ifsl.sys [2009.07.14 02:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\winsxs\amd64_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_ab7b927be17eace8\ws2ifsl.sys < %systemroot%\system32\drivers\*.sys /lockedfiles > < %systemroot%\System32\config\*.sav > < %systemroot%\*. /mp /s > < %systemroot%\system32\*.dll /lockedfiles > < End of report > [/code] viele gruesse |
|
18.10.2012, 21:09
| #12 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Icredibar unter Google Chrome Ist recht unauffällig Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten Anleitung und Downloadlink hier => http://www.trojaner-board.de/82358-t...entfernen.html Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm! Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet, Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten. Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition ( meistens Laufwerk C: ) nach, da speichert der TDSS-Killer seine Logs. Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten! 
__________________ Logfiles bitte immer in CODE-Tags posten |
|
23.10.2012, 16:56
| #13 |
| | Icredibar unter Google Chrome hi, leider hat es diesmal etwas laenger gedauert, aber hier nun das logfile Code:
ATTFilter 17:53:41.0337 7448 TDSS rootkit removing tool 2.8.13.0 Oct 12 2012 17:26:47
17:53:41.0571 7448 ============================================================
17:53:41.0571 7448 Current date / time: 2012/10/23 17:53:41.0571
17:53:41.0571 7448 SystemInfo:
17:53:41.0571 7448
17:53:41.0571 7448 OS Version: 6.1.7601 ServicePack: 1.0
17:53:41.0571 7448 Product type: Workstation
17:53:41.0571 7448 ComputerName: ALEXPC2
17:53:41.0571 7448 UserName: Alexander Bär
17:53:41.0571 7448 Windows directory: C:\Windows
17:53:41.0571 7448 System windows directory: C:\Windows
17:53:41.0571 7448 Running under WOW64
17:53:41.0571 7448 Processor architecture: Intel x64
17:53:41.0571 7448 Number of processors: 4
17:53:41.0571 7448 Page size: 0x1000
17:53:41.0587 7448 Boot type: Normal boot
17:53:41.0587 7448 ============================================================
17:53:41.0852 7448 Drive \Device\Harddisk0\DR0 - Size: 0x3B9E656000 (238.47 Gb), SectorSize: 0x200, Cylinders: 0x799A, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:53:41.0868 7448 ============================================================
17:53:41.0868 7448 \Device\Harddisk0\DR0:
17:53:41.0868 7448 MBR partitions:
17:53:41.0868 7448 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
17:53:41.0868 7448 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x110D07FB
17:53:41.0868 7448 ============================================================
17:53:41.0868 7448 C: <-> \Device\Harddisk0\DR0\Partition2
17:53:41.0868 7448 ============================================================
17:53:41.0868 7448 Initialize success
17:53:41.0868 7448 ============================================================
17:54:39.0791 4352 ============================================================
17:54:39.0791 4352 Scan started
17:54:39.0791 4352 Mode: Manual; SigCheck; TDLFS;
17:54:39.0791 4352 ============================================================
17:54:39.0915 4352 ================ Scan system memory ========================
17:54:39.0915 4352 System memory - ok
17:54:39.0915 4352 ================ Scan services =============================
17:54:39.0978 4352 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
17:54:40.0087 4352 1394ohci - ok
17:54:40.0087 4352 [ E0065CBF1A25C015C218457D2CD522B9 ] Acceler C:\Windows\system32\DRIVERS\Accelern.sys
17:54:40.0118 4352 Acceler - ok
17:54:40.0118 4352 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
17:54:40.0149 4352 ACPI - ok
17:54:40.0149 4352 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
17:54:40.0181 4352 AcpiPmi - ok
17:54:40.0196 4352 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
17:54:40.0212 4352 adp94xx - ok
17:54:40.0227 4352 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
17:54:40.0243 4352 adpahci - ok
17:54:40.0259 4352 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
17:54:40.0274 4352 adpu320 - ok
17:54:40.0290 4352 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
17:54:40.0368 4352 AeLookupSvc - ok
17:54:40.0368 4352 [ A6FB9DB8F1A86861D955FD6975977AE0 ] AESTFilters C:\Program Files\IDT\WDM\AESTSr64.exe
17:54:40.0383 4352 AESTFilters - ok
17:54:40.0399 4352 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
17:54:40.0415 4352 AFD - ok
17:54:40.0415 4352 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
17:54:40.0430 4352 agp440 - ok
17:54:40.0430 4352 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
17:54:40.0446 4352 ALG - ok
17:54:40.0446 4352 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
17:54:40.0461 4352 aliide - ok
17:54:40.0461 4352 [ E6CE56BE2C8BFF7464554629829A1271 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
17:54:40.0493 4352 AMD External Events Utility - ok
17:54:40.0508 4352 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
17:54:40.0508 4352 amdide - ok
17:54:40.0508 4352 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
17:54:40.0524 4352 AmdK8 - ok
17:54:40.0649 4352 [ E3CC08F03C55A284FBFD79071822DF43 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
17:54:40.0758 4352 amdkmdag - ok
17:54:40.0773 4352 [ F8976E22AFD861CF67B6E2D3B4995CDB ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
17:54:40.0789 4352 amdkmdap - ok
17:54:40.0789 4352 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
17:54:40.0805 4352 AmdPPM - ok
17:54:40.0805 4352 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
17:54:40.0820 4352 amdsata - ok
17:54:40.0820 4352 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
17:54:40.0836 4352 amdsbs - ok
17:54:40.0836 4352 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
17:54:40.0836 4352 amdxata - ok
17:54:40.0836 4352 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
17:54:40.0898 4352 AppID - ok
17:54:40.0914 4352 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
17:54:40.0929 4352 AppIDSvc - ok
17:54:40.0945 4352 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
17:54:40.0961 4352 Appinfo - ok
17:54:40.0976 4352 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll
17:54:40.0992 4352 AppMgmt - ok
17:54:40.0992 4352 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
17:54:40.0992 4352 arc - ok
17:54:41.0007 4352 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
17:54:41.0007 4352 arcsas - ok
17:54:41.0007 4352 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
17:54:41.0039 4352 AsyncMac - ok
17:54:41.0039 4352 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
17:54:41.0054 4352 atapi - ok
17:54:41.0054 4352 [ CBE61B4494165F458BD87E37181EE934 ] AthBTPort C:\Windows\system32\DRIVERS\btath_flt.sys
17:54:41.0054 4352 AthBTPort - ok
17:54:41.0070 4352 [ 67B8BD46E8626C348688930244761DAB ] Atheros Bt&Wlan Coex Agent C:\Program Files (x86)\Dell Wireless\Ath_CoexAgent.exe
17:54:41.0070 4352 Atheros Bt&Wlan Coex Agent ( UnsignedFile.Multi.Generic ) - warning
17:54:41.0070 4352 Atheros Bt&Wlan Coex Agent - detected UnsignedFile.Multi.Generic (1)
17:54:41.0085 4352 [ 8430ED17CEF0D7878B25776E02508957 ] AtherosSvc C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe
17:54:41.0085 4352 AtherosSvc - ok
17:54:41.0117 4352 [ 782D36BAD8DDBF008D02E055DBE70F82 ] athr C:\Windows\system32\DRIVERS\athrx.sys
17:54:41.0148 4352 athr - ok
17:54:41.0163 4352 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
17:54:41.0195 4352 AudioEndpointBuilder - ok
17:54:41.0210 4352 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
17:54:41.0241 4352 AudioSrv - ok
17:54:41.0241 4352 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
17:54:41.0257 4352 AxInstSV - ok
17:54:41.0273 4352 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
17:54:41.0288 4352 b06bdrv - ok
17:54:41.0288 4352 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
17:54:41.0304 4352 b57nd60a - ok
17:54:41.0304 4352 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
17:54:41.0319 4352 BDESVC - ok
17:54:41.0319 4352 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
17:54:41.0351 4352 Beep - ok
17:54:41.0366 4352 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
17:54:41.0397 4352 BFE - ok
17:54:41.0413 4352 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
17:54:41.0444 4352 BITS - ok
17:54:41.0444 4352 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
17:54:41.0460 4352 blbdrive - ok
17:54:41.0460 4352 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
17:54:41.0475 4352 bowser - ok
17:54:41.0475 4352 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
17:54:41.0491 4352 BrFiltLo - ok
17:54:41.0491 4352 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
17:54:41.0507 4352 BrFiltUp - ok
17:54:41.0507 4352 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
17:54:41.0522 4352 Browser - ok
17:54:41.0522 4352 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
17:54:41.0538 4352 Brserid - ok
17:54:41.0538 4352 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
17:54:41.0553 4352 BrSerWdm - ok
17:54:41.0553 4352 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
17:54:41.0569 4352 BrUsbMdm - ok
17:54:41.0569 4352 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
17:54:41.0585 4352 BrUsbSer - ok
17:54:41.0585 4352 [ 227C8F308DE4AF4808E587465CEAB838 ] BTATH_A2DP C:\Windows\system32\drivers\btath_a2dp.sys
17:54:41.0600 4352 BTATH_A2DP - ok
17:54:41.0600 4352 [ A83A91D07D1FE6BBE7A9DB46CA00434B ] BTATH_BUS C:\Windows\system32\DRIVERS\btath_bus.sys
17:54:41.0600 4352 BTATH_BUS - ok
17:54:41.0616 4352 [ C864FF85EE16D61C2BDD5EF76824625F ] BTATH_HCRP C:\Windows\system32\DRIVERS\btath_hcrp.sys
17:54:41.0616 4352 BTATH_HCRP - ok
17:54:41.0616 4352 [ 0DEA505EFB5D771826D177EF8B8A208F ] BTATH_LWFLT C:\Windows\system32\DRIVERS\btath_lwflt.sys
17:54:41.0631 4352 BTATH_LWFLT - ok
17:54:41.0631 4352 [ 724C8088C96EFE7A3E63FEC21D4681C0 ] BTATH_RCP C:\Windows\system32\DRIVERS\btath_rcp.sys
17:54:41.0631 4352 BTATH_RCP - ok
17:54:41.0647 4352 [ 486720DA2B3BB13D1080C83140C18B56 ] BtFilter C:\Windows\system32\DRIVERS\btfilter.sys
17:54:41.0663 4352 BtFilter - ok
17:54:41.0663 4352 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\DRIVERS\BthEnum.sys
17:54:41.0663 4352 BthEnum - ok
17:54:41.0678 4352 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
17:54:41.0678 4352 BTHMODEM - ok
17:54:41.0694 4352 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
17:54:41.0709 4352 BthPan - ok
17:54:41.0709 4352 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\Windows\system32\Drivers\BTHport.sys
17:54:41.0725 4352 BTHPORT - ok
17:54:41.0725 4352 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
17:54:41.0756 4352 bthserv - ok
17:54:41.0756 4352 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\system32\Drivers\BTHUSB.sys
17:54:41.0772 4352 BTHUSB - ok
17:54:41.0772 4352 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
17:54:41.0803 4352 cdfs - ok
17:54:41.0819 4352 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
17:54:41.0819 4352 cdrom - ok
17:54:41.0819 4352 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
17:54:41.0850 4352 CertPropSvc - ok
17:54:41.0850 4352 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
17:54:41.0865 4352 circlass - ok
17:54:41.0897 4352 [ ED81E81752CA817AFA740C14AD05BC6C ] cjpcsc C:\Windows\SysWOW64\cjpcsc.exe
17:54:41.0912 4352 cjpcsc - ok
17:54:41.0912 4352 [ 06E1F5228399FC49A8D026DA38DB6784 ] cjusb C:\Windows\system32\DRIVERS\cjusb.sys
17:54:41.0912 4352 cjusb - ok
17:54:41.0928 4352 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
17:54:41.0943 4352 CLFS - ok
17:54:41.0943 4352 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:54:41.0959 4352 clr_optimization_v2.0.50727_32 - ok
17:54:41.0959 4352 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
17:54:41.0975 4352 clr_optimization_v2.0.50727_64 - ok
17:54:41.0975 4352 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:54:41.0990 4352 clr_optimization_v4.0.30319_32 - ok
17:54:42.0006 4352 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
17:54:42.0006 4352 clr_optimization_v4.0.30319_64 - ok
17:54:42.0006 4352 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
17:54:42.0021 4352 CmBatt - ok
17:54:42.0021 4352 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
17:54:42.0037 4352 cmdide - ok
17:54:42.0037 4352 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
17:54:42.0053 4352 CNG - ok
17:54:42.0068 4352 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
17:54:42.0068 4352 Compbatt - ok
17:54:42.0068 4352 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
17:54:42.0084 4352 CompositeBus - ok
17:54:42.0084 4352 COMSysApp - ok
17:54:42.0099 4352 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
17:54:42.0099 4352 crcdisk - ok
17:54:42.0115 4352 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
17:54:42.0115 4352 CryptSvc - ok
17:54:42.0131 4352 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\Windows\system32\drivers\csc.sys
17:54:42.0146 4352 CSC - ok
17:54:42.0146 4352 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\Windows\System32\cscsvc.dll
17:54:42.0162 4352 CscService - ok
17:54:42.0177 4352 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
17:54:42.0209 4352 DcomLaunch - ok
17:54:42.0224 4352 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
17:54:42.0255 4352 defragsvc - ok
17:54:42.0255 4352 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
17:54:42.0287 4352 DfsC - ok
17:54:42.0287 4352 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
17:54:42.0318 4352 Dhcp - ok
17:54:42.0318 4352 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
17:54:42.0349 4352 discache - ok
17:54:42.0349 4352 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
17:54:42.0365 4352 Disk - ok
17:54:42.0365 4352 [ 5DB085A8A6600BE6401F2B24EECB5415 ] dmvsc C:\Windows\system32\drivers\dmvsc.sys
17:54:42.0380 4352 dmvsc - ok
17:54:42.0380 4352 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
17:54:42.0396 4352 Dnscache - ok
17:54:42.0396 4352 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
17:54:42.0427 4352 dot3svc - ok
17:54:42.0427 4352 [ C43618154FC0C8480F53B04BA7A2F371 ] DpHost C:\Program Files\DigitalPersona\Bin\DpHostW.exe
17:54:42.0443 4352 DpHost - ok
17:54:42.0458 4352 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
17:54:42.0474 4352 DPS - ok
17:54:42.0489 4352 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
17:54:42.0489 4352 drmkaud - ok
17:54:42.0505 4352 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
17:54:42.0521 4352 DXGKrnl - ok
17:54:42.0536 4352 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
17:54:42.0567 4352 EapHost - ok
17:54:42.0599 4352 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
17:54:42.0645 4352 ebdrv - ok
17:54:42.0645 4352 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
17:54:42.0645 4352 EFS - ok
17:54:42.0661 4352 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
17:54:42.0692 4352 ehRecvr - ok
17:54:42.0692 4352 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
17:54:42.0692 4352 ehSched - ok
17:54:42.0708 4352 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
17:54:42.0723 4352 elxstor - ok
17:54:42.0723 4352 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
17:54:42.0739 4352 ErrDev - ok
17:54:42.0755 4352 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
17:54:42.0786 4352 EventSystem - ok
17:54:42.0786 4352 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
17:54:42.0817 4352 exfat - ok
17:54:42.0817 4352 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
17:54:42.0848 4352 fastfat - ok
17:54:42.0864 4352 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
17:54:42.0879 4352 Fax - ok
17:54:42.0879 4352 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
17:54:42.0895 4352 fdc - ok
17:54:42.0895 4352 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
17:54:42.0926 4352 fdPHost - ok
17:54:42.0926 4352 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
17:54:42.0957 4352 FDResPub - ok
17:54:42.0957 4352 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
17:54:42.0957 4352 FileInfo - ok
17:54:42.0973 4352 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
17:54:42.0989 4352 Filetrace - ok
17:54:43.0004 4352 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
17:54:43.0004 4352 flpydisk - ok
17:54:43.0020 4352 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
17:54:43.0020 4352 FltMgr - ok
17:54:43.0035 4352 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
17:54:43.0067 4352 FontCache - ok
17:54:43.0067 4352 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
17:54:43.0067 4352 FontCache3.0.0.0 - ok
17:54:43.0082 4352 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
17:54:43.0082 4352 FsDepends - ok
17:54:43.0082 4352 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
17:54:43.0098 4352 Fs_Rec - ok
17:54:43.0098 4352 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
17:54:43.0113 4352 fvevol - ok
17:54:43.0113 4352 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
17:54:43.0129 4352 gagp30kx - ok
17:54:43.0145 4352 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
17:54:43.0176 4352 gpsvc - ok
17:54:43.0176 4352 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:54:43.0176 4352 gupdate - ok
17:54:43.0191 4352 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:54:43.0191 4352 gupdatem - ok
17:54:43.0191 4352 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
17:54:43.0207 4352 hcw85cir - ok
17:54:43.0207 4352 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
17:54:43.0223 4352 HdAudAddService - ok
17:54:43.0238 4352 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
17:54:43.0254 4352 HDAudBus - ok
17:54:43.0254 4352 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
17:54:43.0254 4352 HidBatt - ok
17:54:43.0269 4352 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
17:54:43.0269 4352 HidBth - ok
17:54:43.0285 4352 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
17:54:43.0285 4352 HidIr - ok
17:54:43.0301 4352 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
17:54:43.0316 4352 hidserv - ok
17:54:43.0332 4352 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
17:54:43.0332 4352 HidUsb - ok
17:54:43.0347 4352 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
17:54:43.0363 4352 hkmsvc - ok
17:54:43.0379 4352 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
17:54:43.0379 4352 HomeGroupListener - ok
17:54:43.0394 4352 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
17:54:43.0410 4352 HomeGroupProvider - ok
17:54:43.0410 4352 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
17:54:43.0410 4352 HpSAMD - ok
17:54:43.0425 4352 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
17:54:43.0457 4352 HTTP - ok
17:54:43.0472 4352 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
17:54:43.0472 4352 hwpolicy - ok
17:54:43.0472 4352 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
17:54:43.0488 4352 i8042prt - ok
17:54:43.0488 4352 [ D7921D5A870B11CC1ADAB198A519D50A ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
17:54:43.0503 4352 iaStor - ok
17:54:43.0503 4352 [ 8FFF9083252C16FE3960173722605E9E ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
17:54:43.0519 4352 IAStorDataMgrSvc - ok
17:54:43.0519 4352 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
17:54:43.0535 4352 iaStorV - ok
17:54:43.0550 4352 [ 27E402C11C323A44C080CBD31182830A ] IB Updater Updater C:\Program Files\IB Updater\ExtensionUpdaterService.exe
17:54:43.0550 4352 IB Updater Updater - ok
17:54:43.0566 4352 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
17:54:43.0581 4352 idsvc - ok
17:54:43.0581 4352 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
17:54:43.0597 4352 iirsp - ok
17:54:43.0613 4352 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
17:54:43.0644 4352 IKEEXT - ok
17:54:43.0644 4352 [ FC727061C0F47C8059E88E05D5C8E381 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
17:54:43.0659 4352 IntcDAud - ok
17:54:43.0659 4352 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
17:54:43.0675 4352 intelide - ok
17:54:43.0815 4352 [ 174BCAC474DE13B2650E444CF124828E ] intelkmd C:\Windows\system32\DRIVERS\igdpmd64.sys
17:54:43.0956 4352 intelkmd - ok
17:54:43.0971 4352 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
17:54:43.0971 4352 intelppm - ok
17:54:43.0987 4352 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
17:54:44.0003 4352 IPBusEnum - ok
17:54:44.0018 4352 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:54:44.0034 4352 IpFilterDriver - ok
17:54:44.0049 4352 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
17:54:44.0081 4352 iphlpsvc - ok
17:54:44.0081 4352 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
17:54:44.0096 4352 IPMIDRV - ok
17:54:44.0096 4352 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
17:54:44.0127 4352 IPNAT - ok
17:54:44.0127 4352 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
17:54:44.0143 4352 IRENUM - ok
17:54:44.0143 4352 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
17:54:44.0159 4352 isapnp - ok
17:54:44.0159 4352 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
17:54:44.0174 4352 iScsiPrt - ok
17:54:44.0174 4352 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
17:54:44.0174 4352 kbdclass - ok
17:54:44.0190 4352 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
17:54:44.0190 4352 kbdhid - ok
17:54:44.0190 4352 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
17:54:44.0205 4352 KeyIso - ok
17:54:44.0205 4352 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
17:54:44.0221 4352 KSecDD - ok
17:54:44.0221 4352 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
17:54:44.0237 4352 KSecPkg - ok
17:54:44.0237 4352 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
17:54:44.0268 4352 ksthunk - ok
17:54:44.0268 4352 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
17:54:44.0299 4352 KtmRm - ok
17:54:44.0315 4352 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
17:54:44.0330 4352 LanmanServer - ok
17:54:44.0346 4352 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
17:54:44.0377 4352 LanmanWorkstation - ok
17:54:44.0377 4352 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
17:54:44.0408 4352 lltdio - ok
17:54:44.0408 4352 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
17:54:44.0439 4352 lltdsvc - ok
17:54:44.0439 4352 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
17:54:44.0471 4352 lmhosts - ok
17:54:44.0471 4352 [ 0803906D607A9B83184447B75B60ECC2 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
17:54:44.0486 4352 LMS - ok
17:54:44.0486 4352 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
17:54:44.0502 4352 LSI_FC - ok
17:54:44.0502 4352 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
17:54:44.0517 4352 LSI_SAS - ok
17:54:44.0517 4352 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
17:54:44.0517 4352 LSI_SAS2 - ok
17:54:44.0533 4352 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
17:54:44.0533 4352 LSI_SCSI - ok
17:54:44.0533 4352 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
17:54:44.0564 4352 luafv - ok
17:54:44.0580 4352 [ B8EAC4507EB4655377B1E094FCE7F12E ] Macromedia Licensing Service C:\Program Files (x86)\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
17:54:44.0580 4352 Macromedia Licensing Service ( UnsignedFile.Multi.Generic ) - warning
17:54:44.0580 4352 Macromedia Licensing Service - detected UnsignedFile.Multi.Generic (1)
17:54:44.0580 4352 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
17:54:44.0595 4352 Mcx2Svc - ok
17:54:44.0595 4352 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
17:54:44.0611 4352 megasas - ok
17:54:44.0611 4352 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
17:54:44.0627 4352 MegaSR - ok
17:54:44.0627 4352 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
17:54:44.0627 4352 MEIx64 - ok
17:54:44.0642 4352 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
17:54:44.0658 4352 MMCSS - ok
17:54:44.0673 4352 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
17:54:44.0689 4352 Modem - ok
17:54:44.0705 4352 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
17:54:44.0705 4352 monitor - ok
17:54:44.0720 4352 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
17:54:44.0720 4352 mouclass - ok
17:54:44.0720 4352 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
17:54:44.0736 4352 mouhid - ok
17:54:44.0736 4352 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
17:54:44.0751 4352 mountmgr - ok
17:54:44.0751 4352 [ CB8AF049AC9BE419A77ADAE288673359 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
17:54:44.0767 4352 MozillaMaintenance - ok
17:54:44.0767 4352 [ 05BF204EC0E82CC4A054DB189C8A3D84 ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
17:54:44.0783 4352 MpFilter - ok
17:54:44.0783 4352 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
17:54:44.0798 4352 mpio - ok
17:54:44.0798 4352 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
17:54:44.0829 4352 mpsdrv - ok
17:54:44.0829 4352 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
17:54:44.0876 4352 MpsSvc - ok
17:54:44.0876 4352 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
17:54:44.0892 4352 MRxDAV - ok
17:54:44.0892 4352 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
17:54:44.0907 4352 mrxsmb - ok
17:54:44.0907 4352 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:54:44.0923 4352 mrxsmb10 - ok
17:54:44.0923 4352 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:54:44.0939 4352 mrxsmb20 - ok
17:54:44.0939 4352 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
17:54:44.0954 4352 msahci - ok
17:54:44.0954 4352 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
17:54:44.0970 4352 msdsm - ok
17:54:44.0970 4352 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
17:54:44.0985 4352 MSDTC - ok
17:54:44.0985 4352 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
17:54:45.0017 4352 Msfs - ok
17:54:45.0017 4352 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
17:54:45.0048 4352 mshidkmdf - ok
17:54:45.0048 4352 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
17:54:45.0048 4352 msisadrv - ok
17:54:45.0063 4352 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
17:54:45.0095 4352 MSiSCSI - ok
17:54:45.0095 4352 msiserver - ok
17:54:45.0095 4352 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
17:54:45.0126 4352 MSKSSRV - ok
17:54:45.0126 4352 [ CC8E4F72F21340A4D3A3D4DB50313EF5 ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe
17:54:45.0141 4352 MsMpSvc - ok
17:54:45.0141 4352 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
17:54:45.0173 4352 MSPCLOCK - ok
17:54:45.0173 4352 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
17:54:45.0188 4352 MSPQM - ok
17:54:45.0204 4352 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
17:54:45.0219 4352 MsRPC - ok
17:54:45.0219 4352 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
17:54:45.0235 4352 mssmbios - ok
17:54:45.0235 4352 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
17:54:45.0266 4352 MSTEE - ok
17:54:45.0266 4352 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
17:54:45.0266 4352 MTConfig - ok
17:54:45.0282 4352 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
17:54:45.0282 4352 Mup - ok
17:54:45.0297 4352 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
17:54:45.0329 4352 napagent - ok
17:54:45.0329 4352 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
17:54:45.0344 4352 NativeWifiP - ok
17:54:45.0360 4352 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
17:54:45.0375 4352 NDIS - ok
17:54:45.0391 4352 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
17:54:45.0407 4352 NdisCap - ok
17:54:45.0422 4352 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
17:54:45.0438 4352 NdisTapi - ok
17:54:45.0453 4352 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
17:54:45.0469 4352 Ndisuio - ok
17:54:45.0485 4352 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
17:54:45.0500 4352 NdisWan - ok
17:54:45.0516 4352 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
17:54:45.0531 4352 NDProxy - ok
17:54:45.0547 4352 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
17:54:45.0563 4352 NetBIOS - ok
17:54:45.0578 4352 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
17:54:45.0609 4352 NetBT - ok
17:54:45.0609 4352 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
17:54:45.0609 4352 Netlogon - ok
17:54:45.0625 4352 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
17:54:45.0656 4352 Netman - ok
17:54:45.0656 4352 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
17:54:45.0687 4352 netprofm - ok
17:54:45.0703 4352 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
17:54:45.0703 4352 NetTcpPortSharing - ok
17:54:45.0703 4352 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
17:54:45.0719 4352 nfrd960 - ok
17:54:45.0719 4352 [ 5FF89F20317309D28AC1EDEB0CD1BA72 ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
17:54:45.0734 4352 NisDrv - ok
17:54:45.0734 4352 [ 79E80B10FE8F6662E0C9162A68C43444 ] NisSrv c:\Program Files\Microsoft Security Client\NisSrv.exe
17:54:45.0750 4352 NisSrv - ok
17:54:45.0750 4352 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
17:54:45.0781 4352 NlaSvc - ok
17:54:45.0797 4352 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
17:54:45.0812 4352 Npfs - ok
17:54:45.0828 4352 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
17:54:45.0843 4352 nsi - ok
17:54:45.0859 4352 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
17:54:45.0875 4352 nsiproxy - ok
17:54:45.0906 4352 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
17:54:45.0937 4352 Ntfs - ok
17:54:45.0937 4352 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
17:54:45.0968 4352 Null - ok
17:54:45.0968 4352 [ 158AD24745BD85BA9BE3C51C38F48C32 ] nusb3hub C:\Windows\system32\DRIVERS\nusb3hub.sys
17:54:45.0968 4352 nusb3hub - ok
17:54:45.0984 4352 [ D40A13B2C0891E218F9523B376955DB6 ] nusb3xhc C:\Windows\system32\DRIVERS\nusb3xhc.sys
17:54:45.0984 4352 nusb3xhc - ok
17:54:45.0999 4352 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
17:54:45.0999 4352 nvraid - ok
17:54:46.0015 4352 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
17:54:46.0015 4352 nvstor - ok
17:54:46.0015 4352 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
17:54:46.0031 4352 nv_agp - ok
17:54:46.0031 4352 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
17:54:46.0046 4352 ohci1394 - ok
17:54:46.0046 4352 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
17:54:46.0062 4352 p2pimsvc - ok
17:54:46.0077 4352 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
17:54:46.0093 4352 p2psvc - ok
17:54:46.0093 4352 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
17:54:46.0093 4352 Parport - ok
17:54:46.0109 4352 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
17:54:46.0109 4352 partmgr - ok
17:54:46.0124 4352 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
17:54:46.0140 4352 PcaSvc - ok
17:54:46.0140 4352 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
17:54:46.0140 4352 pci - ok
17:54:46.0155 4352 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
17:54:46.0155 4352 pciide - ok
17:54:46.0171 4352 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
17:54:46.0171 4352 pcmcia - ok
17:54:46.0171 4352 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
17:54:46.0187 4352 pcw - ok
17:54:46.0202 4352 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
17:54:46.0233 4352 PEAUTH - ok
17:54:46.0249 4352 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
17:54:46.0265 4352 PeerDistSvc - ok
17:54:46.0296 4352 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
17:54:46.0311 4352 PerfHost - ok
17:54:46.0327 4352 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
17:54:46.0374 4352 pla - ok
17:54:46.0374 4352 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
17:54:46.0389 4352 PlugPlay - ok
17:54:46.0389 4352 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
17:54:46.0405 4352 PNRPAutoReg - ok
17:54:46.0405 4352 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
17:54:46.0421 4352 PNRPsvc - ok
17:54:46.0436 4352 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
17:54:46.0467 4352 PolicyAgent - ok
17:54:46.0467 4352 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
17:54:46.0499 4352 Power - ok
17:54:46.0499 4352 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
17:54:46.0530 4352 PptpMiniport - ok
17:54:46.0530 4352 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
17:54:46.0545 4352 Processor - ok
17:54:46.0545 4352 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
17:54:46.0561 4352 ProfSvc - ok
17:54:46.0561 4352 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
17:54:46.0577 4352 ProtectedStorage - ok
17:54:46.0577 4352 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
17:54:46.0608 4352 Psched - ok
17:54:46.0623 4352 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
17:54:46.0655 4352 ql2300 - ok
17:54:46.0655 4352 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
17:54:46.0670 4352 ql40xx - ok
17:54:46.0670 4352 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
17:54:46.0686 4352 QWAVE - ok
17:54:46.0686 4352 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
17:54:46.0701 4352 QWAVEdrv - ok
17:54:46.0717 4352 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
17:54:46.0733 4352 RasAcd - ok
17:54:46.0748 4352 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
17:54:46.0764 4352 RasAgileVpn - ok
17:54:46.0779 4352 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
17:54:46.0795 4352 RasAuto - ok
17:54:46.0811 4352 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
17:54:46.0826 4352 Rasl2tp - ok
17:54:46.0842 4352 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
17:54:46.0873 4352 RasMan - ok
17:54:46.0873 4352 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
17:54:46.0904 4352 RasPppoe - ok
17:54:46.0904 4352 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
17:54:46.0935 4352 RasSstp - ok
17:54:46.0935 4352 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
17:54:46.0967 4352 rdbss - ok
17:54:46.0967 4352 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
17:54:46.0982 4352 rdpbus - ok
17:54:46.0982 4352 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
17:54:47.0013 4352 RDPCDD - ok
17:54:47.0013 4352 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
17:54:47.0029 4352 RDPDR - ok
17:54:47.0029 4352 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
17:54:47.0060 4352 RDPENCDD - ok
17:54:47.0060 4352 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
17:54:47.0091 4352 RDPREFMP - ok
17:54:47.0091 4352 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
17:54:47.0107 4352 RDPWD - ok
17:54:47.0107 4352 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
17:54:47.0123 4352 rdyboost - ok
17:54:47.0123 4352 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
17:54:47.0154 4352 RemoteAccess - ok
17:54:47.0154 4352 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
17:54:47.0185 4352 RemoteRegistry - ok
17:54:47.0201 4352 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
17:54:47.0201 4352 RFCOMM - ok
17:54:47.0216 4352 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
17:54:47.0247 4352 RpcEptMapper - ok
17:54:47.0247 4352 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
17:54:47.0247 4352 RpcLocator - ok
17:54:47.0263 4352 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
17:54:47.0294 4352 RpcSs - ok
17:54:47.0294 4352 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
17:54:47.0325 4352 rspndr - ok
17:54:47.0325 4352 [ EE082E06A82FF630351D1E0EBBD3D8D0 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
17:54:47.0341 4352 RTL8167 - ok
17:54:47.0357 4352 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
17:54:47.0357 4352 s3cap - ok
17:54:47.0357 4352 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
17:54:47.0372 4352 SamSs - ok
17:54:47.0372 4352 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
17:54:47.0388 4352 sbp2port - ok
17:54:47.0388 4352 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
17:54:47.0419 4352 SCardSvr - ok
17:54:47.0419 4352 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
17:54:47.0450 4352 scfilter - ok
17:54:47.0466 4352 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
17:54:47.0497 4352 Schedule - ok
17:54:47.0497 4352 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
17:54:47.0528 4352 SCPolicySvc - ok
17:54:47.0528 4352 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
17:54:47.0544 4352 SDRSVC - ok
17:54:47.0544 4352 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
17:54:47.0575 4352 secdrv - ok
17:54:47.0575 4352 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
17:54:47.0606 4352 seclogon - ok
17:54:47.0606 4352 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
17:54:47.0637 4352 SENS - ok
17:54:47.0637 4352 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
17:54:47.0653 4352 SensrSvc - ok
17:54:47.0653 4352 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys
17:54:47.0669 4352 Serenum - ok
17:54:47.0669 4352 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys
17:54:47.0684 4352 Serial - ok
17:54:47.0684 4352 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
17:54:47.0700 4352 sermouse - ok
17:54:47.0700 4352 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
17:54:47.0731 4352 SessionEnv - ok
17:54:47.0731 4352 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
17:54:47.0747 4352 sffdisk - ok
17:54:47.0747 4352 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
17:54:47.0762 4352 sffp_mmc - ok
17:54:47.0762 4352 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
17:54:47.0778 4352 sffp_sd - ok
17:54:47.0778 4352 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
17:54:47.0793 4352 sfloppy - ok
17:54:47.0793 4352 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
17:54:47.0825 4352 SharedAccess - ok
17:54:47.0840 4352 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
17:54:47.0871 4352 ShellHWDetection - ok
17:54:47.0871 4352 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
17:54:47.0871 4352 SiSRaid2 - ok
17:54:47.0887 4352 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
17:54:47.0887 4352 SiSRaid4 - ok
17:54:47.0903 4352 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
17:54:47.0918 4352 Smb - ok
17:54:47.0934 4352 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
17:54:47.0949 4352 SNMPTRAP - ok
17:54:47.0949 4352 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
17:54:47.0949 4352 spldr - ok
17:54:47.0965 4352 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
17:54:47.0981 4352 Spooler - ok
17:54:48.0012 4352 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
17:54:48.0074 4352 sppsvc - ok
17:54:48.0074 4352 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
17:54:48.0105 4352 sppuinotify - ok
17:54:48.0121 4352 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
17:54:48.0137 4352 srv - ok
17:54:48.0137 4352 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
17:54:48.0152 4352 srv2 - ok
17:54:48.0152 4352 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
17:54:48.0168 4352 srvnet - ok
17:54:48.0168 4352 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
17:54:48.0199 4352 SSDPSRV - ok
17:54:48.0199 4352 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
17:54:48.0230 4352 SstpSvc - ok
17:54:48.0246 4352 [ B2D8B364A831427A5741F6C408FA8AE3 ] STacSV C:\Program Files\IDT\WDM\STacSV64.exe
17:54:48.0246 4352 STacSV - ok
17:54:48.0261 4352 [ 92E7F6666633D2DD91D527503DAA7BE0 ] stdcfltn C:\Windows\system32\DRIVERS\stdcfltn.sys
17:54:48.0261 4352 stdcfltn - ok
17:54:48.0261 4352 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
17:54:48.0277 4352 stexstor - ok
17:54:48.0277 4352 [ EF5ACDE92BA3F691BBFEF781CB063501 ] STHDA C:\Windows\system32\DRIVERS\stwrt64.sys
17:54:48.0293 4352 STHDA - ok
17:54:48.0308 4352 [ DECACB6921DED1A38642642685D77DAC ] StillCam C:\Windows\system32\DRIVERS\serscan.sys
17:54:48.0308 4352 StillCam - ok
17:54:48.0324 4352 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
17:54:48.0339 4352 stisvc - ok
17:54:48.0339 4352 [ 7785DC213270D2FC066538DAF94087E7 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
17:54:48.0355 4352 storflt - ok
17:54:48.0355 4352 [ C40841817EF57D491F22EB103DA587CC ] StorSvc C:\Windows\system32\storsvc.dll
17:54:48.0371 4352 StorSvc - ok
17:54:48.0371 4352 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\Windows\system32\drivers\storvsc.sys
17:54:48.0386 4352 storvsc - ok
17:54:48.0386 4352 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
17:54:48.0386 4352 swenum - ok
17:54:48.0402 4352 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
17:54:48.0433 4352 swprv - ok
17:54:48.0449 4352 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
17:54:48.0480 4352 SysMain - ok
17:54:48.0495 4352 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
17:54:48.0511 4352 TabletInputService - ok
17:54:48.0511 4352 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
17:54:48.0542 4352 TapiSrv - ok
17:54:48.0542 4352 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
17:54:48.0573 4352 TBS - ok
17:54:48.0589 4352 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip C:\Windows\system32\drivers\tcpip.sys
17:54:48.0636 4352 Tcpip - ok
17:54:48.0651 4352 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
17:54:48.0683 4352 TCPIP6 - ok
17:54:48.0683 4352 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
17:54:48.0714 4352 tcpipreg - ok
17:54:48.0714 4352 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
17:54:48.0729 4352 TDPIPE - ok
17:54:48.0729 4352 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
17:54:48.0745 4352 TDTCP - ok
17:54:48.0745 4352 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
17:54:48.0776 4352 tdx - ok
17:54:48.0776 4352 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
17:54:48.0776 4352 TermDD - ok
17:54:48.0792 4352 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
17:54:48.0823 4352 TermService - ok
17:54:48.0839 4352 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
17:54:48.0839 4352 Themes - ok
17:54:48.0854 4352 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
17:54:48.0870 4352 THREADORDER - ok
17:54:48.0885 4352 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
17:54:48.0917 4352 TrkWks - ok
17:54:48.0917 4352 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
17:54:48.0948 4352 TrustedInstaller - ok
17:54:48.0948 4352 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
17:54:48.0979 4352 tssecsrv - ok
17:54:48.0979 4352 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
17:54:48.0995 4352 TsUsbFlt - ok
17:54:48.0995 4352 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
17:54:48.0995 4352 TsUsbGD - ok
17:54:49.0010 4352 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
17:54:49.0026 4352 tunnel - ok
17:54:49.0026 4352 [ FD24F98D2898BE093FE926604BE7DB99 ] TurboB C:\Windows\system32\DRIVERS\TurboB.sys
17:54:49.0041 4352 TurboB - ok
17:54:49.0041 4352 [ 600B406A04D90F577FEA8A88D7379F08 ] TurboBoost C:\Program Files\Intel\TurboBoost\TurboBoost.exe
17:54:49.0057 4352 TurboBoost - ok
17:54:49.0057 4352 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
17:54:49.0073 4352 uagp35 - ok
17:54:49.0073 4352 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
17:54:49.0104 4352 udfs - ok
17:54:49.0104 4352 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
17:54:49.0119 4352 UI0Detect - ok
17:54:49.0119 4352 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
17:54:49.0135 4352 uliagpkx - ok
17:54:49.0135 4352 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
17:54:49.0151 4352 umbus - ok
17:54:49.0151 4352 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
17:54:49.0166 4352 UmPass - ok
17:54:49.0166 4352 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\Windows\System32\umrdp.dll
17:54:49.0182 4352 UmRdpService - ok
17:54:49.0197 4352 [ EB79C6C91A99930015EF29AE7FA802D1 ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
17:54:49.0244 4352 UNS - ok
17:54:49.0260 4352 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
17:54:49.0291 4352 upnphost - ok
17:54:49.0291 4352 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
17:54:49.0307 4352 usbccgp - ok
17:54:49.0307 4352 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
17:54:49.0322 4352 usbcir - ok
17:54:49.0322 4352 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
17:54:49.0322 4352 usbehci - ok
17:54:49.0338 4352 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
17:54:49.0353 4352 usbhub - ok
17:54:49.0353 4352 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
17:54:49.0353 4352 usbohci - ok
17:54:49.0369 4352 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\drivers\usbprint.sys
17:54:49.0369 4352 usbprint - ok
17:54:49.0385 4352 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
17:54:49.0385 4352 USBSTOR - ok
17:54:49.0400 4352 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
17:54:49.0400 4352 usbuhci - ok
17:54:49.0400 4352 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
17:54:49.0416 4352 usbvideo - ok
17:54:49.0431 4352 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
17:54:49.0447 4352 UxSms - ok
17:54:49.0463 4352 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
17:54:49.0463 4352 VaultSvc - ok
17:54:49.0494 4352 [ 8C51E58D59CBF2639832484EC9ED8DDA ] vcsFPService C:\Windows\system32\vcsFPService.exe
17:54:49.0541 4352 vcsFPService - ok
17:54:49.0556 4352 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
17:54:49.0556 4352 vdrvroot - ok
17:54:49.0572 4352 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
17:54:49.0603 4352 vds - ok
17:54:49.0603 4352 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
17:54:49.0619 4352 vga - ok
17:54:49.0619 4352 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
17:54:49.0650 4352 VgaSave - ok
17:54:49.0650 4352 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
17:54:49.0665 4352 vhdmp - ok
17:54:49.0665 4352 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
17:54:49.0681 4352 viaide - ok
17:54:49.0681 4352 [ 86EA3E79AE350FEA5331A1303054005F ] vmbus C:\Windows\system32\drivers\vmbus.sys
17:54:49.0697 4352 vmbus - ok
17:54:49.0697 4352 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
17:54:49.0697 4352 VMBusHID - ok
17:54:49.0712 4352 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
17:54:49.0712 4352 volmgr - ok
17:54:49.0728 4352 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
17:54:49.0728 4352 volmgrx - ok
17:54:49.0743 4352 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
17:54:49.0743 4352 volsnap - ok
17:54:49.0759 4352 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
17:54:49.0759 4352 vsmraid - ok
17:54:49.0790 4352 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
17:54:49.0837 4352 VSS - ok
17:54:49.0837 4352 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
17:54:49.0853 4352 vwifibus - ok
17:54:49.0853 4352 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
17:54:49.0868 4352 vwififlt - ok
17:54:49.0868 4352 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
17:54:49.0899 4352 W32Time - ok
17:54:49.0899 4352 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
17:54:49.0915 4352 WacomPen - ok
17:54:49.0915 4352 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
17:54:49.0946 4352 WANARP - ok
17:54:49.0946 4352 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
17:54:49.0977 4352 Wanarpv6 - ok
17:54:49.0993 4352 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
17:54:50.0024 4352 wbengine - ok
17:54:50.0024 4352 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
17:54:50.0040 4352 WbioSrvc - ok
17:54:50.0055 4352 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
17:54:50.0071 4352 wcncsvc - ok
17:54:50.0071 4352 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
17:54:50.0087 4352 WcsPlugInService - ok
17:54:50.0087 4352 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
17:54:50.0087 4352 Wd - ok
17:54:50.0102 4352 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
17:54:50.0118 4352 Wdf01000 - ok
17:54:50.0118 4352 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
17:54:50.0149 4352 WdiServiceHost - ok
17:54:50.0149 4352 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
17:54:50.0165 4352 WdiSystemHost - ok
17:54:50.0180 4352 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
17:54:50.0196 4352 WebClient - ok
17:54:50.0196 4352 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
17:54:50.0227 4352 Wecsvc - ok
17:54:50.0227 4352 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
17:54:50.0258 4352 wercplsupport - ok
17:54:50.0258 4352 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
17:54:50.0289 4352 WerSvc - ok
17:54:50.0289 4352 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
17:54:50.0321 4352 WfpLwf - ok
17:54:50.0321 4352 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
17:54:50.0336 4352 WIMMount - ok
17:54:50.0336 4352 WinDefend - ok
17:54:50.0336 4352 WinHttpAutoProxySvc - ok
17:54:50.0352 4352 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
17:54:50.0383 4352 Winmgmt - ok
17:54:50.0399 4352 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
17:54:50.0445 4352 WinRM - ok
17:54:50.0461 4352 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
17:54:50.0477 4352 WinUsb - ok
17:54:50.0492 4352 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
17:54:50.0508 4352 Wlansvc - ok
17:54:50.0508 4352 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
17:54:50.0523 4352 WmiAcpi - ok
17:54:50.0523 4352 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
17:54:50.0539 4352 wmiApSrv - ok
17:54:50.0539 4352 WMPNetworkSvc - ok
17:54:50.0555 4352 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
17:54:50.0555 4352 WPCSvc - ok
17:54:50.0570 4352 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
17:54:50.0586 4352 WPDBusEnum - ok
17:54:50.0586 4352 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
17:54:50.0617 4352 ws2ifsl - ok
17:54:50.0617 4352 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
17:54:50.0633 4352 wscsvc - ok
17:54:50.0633 4352 WSearch - ok
17:54:50.0664 4352 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
17:54:50.0711 4352 wuauserv - ok
17:54:50.0711 4352 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
17:54:50.0742 4352 WudfPf - ok
17:54:50.0742 4352 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
17:54:50.0773 4352 WUDFRd - ok
17:54:50.0773 4352 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
17:54:50.0804 4352 wudfsvc - ok
17:54:50.0804 4352 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
17:54:50.0820 4352 WwanSvc - ok
17:54:50.0835 4352 ================ Scan global ===============================
17:54:50.0835 4352 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
17:54:50.0835 4352 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
17:54:50.0851 4352 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
17:54:50.0851 4352 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
17:54:50.0851 4352 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
17:54:50.0867 4352 [Global] - ok
17:54:50.0867 4352 ================ Scan MBR ==================================
17:54:50.0867 4352 [ 8E734BD7AA1D4F7E9AF58DF495F6CF9E ] \Device\Harddisk0\DR0
17:54:50.0882 4352 \Device\Harddisk0\DR0 - ok
17:54:50.0882 4352 ================ Scan VBR ==================================
17:54:50.0882 4352 [ 77E1D1643F5106F1242368AB5C51F450 ] \Device\Harddisk0\DR0\Partition1
17:54:50.0898 4352 \Device\Harddisk0\DR0\Partition1 - ok
17:54:50.0898 4352 [ 6BB0B2A9F6659BFEFCF3F59957F9202F ] \Device\Harddisk0\DR0\Partition2
17:54:50.0898 4352 \Device\Harddisk0\DR0\Partition2 - ok
17:54:50.0898 4352 ============================================================
17:54:50.0898 4352 Scan finished
17:54:50.0898 4352 ============================================================
17:54:50.0898 11080 Detected object count: 2
17:54:50.0898 11080 Actual detected object count: 2
17:54:59.0259 11080 Atheros Bt&Wlan Coex Agent ( UnsignedFile.Multi.Generic ) - skipped by user
17:54:59.0259 11080 Atheros Bt&Wlan Coex Agent ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:54:59.0259 11080 Macromedia Licensing Service ( UnsignedFile.Multi.Generic ) - skipped by user
17:54:59.0259 11080 Macromedia Licensing Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
|
|
23.10.2012, 20:53
| #14 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Icredibar unter Google Chrome Ebenfalls unauffällig  Noch Probleme oder Fragen offen? Sieht ok aus. Wir sollten fast durch sein. Mach bitte zur Kontrolle Vollscans mit Malwarebytes und SUPERAntiSpyware und poste die Logs. Denk dran beide Tools zu updaten vor dem Scan!!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
24.10.2012, 20:13
| #15 |
| | Icredibar unter Google Chrome Logfile Malware Code:
ATTFilter Malwarebytes Anti-Malware (Test) 1.65.1.1000 www.malwarebytes.org Datenbank Version: v2012.10.24.06 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 Alexander Bär :: ALEXPC2 [Administrator] Schutz: Aktiviert 24.10.2012 20:31:45 mbam-log-2012-10-24 (20-31-45).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|) Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 323194 Laufzeit: 11 Minute(n), 25 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 3 C:\Users\Alexander Bär\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MSNT6UQR\WORLD_21_target_5830[1].exe (PUP.Adware.Agent) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Alexander Bär\AppData\Local\Opera\Opera\cache\g_006B\opr00ANY.tmp (PUP.BundleInstaller.SOL) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Alexander Bär\Downloads\dvd shrink.exe (PUP.BundleInstaller.SOL) -> Erfolgreich gelöscht und in Quarantäne gestellt. (Ende) Logfile SuperAntiSpyware Code:
ATTFilter SUPERAntiSpyware Scan Log
hxxp://www.superantispyware.com
Generated 10/24/2012 at 09:04 PM
Application Version : 5.6.1012
Core Rules Database Version : 9466
Trace Rules Database Version: 7278
Scan type : Quick Scan
Total Scan Time : 00:02:25
Operating System Information
Windows 7 Professional 64-bit, Service Pack 1 (Build 6.01.7601)
UAC On - Limited User
Memory items scanned : 800
Memory threats detected : 0
Registry items scanned : 60402
Registry threats detected : 28
File items scanned : 10784
File threats detected : 281
Adware.Yontoo
(x86) HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
(x86) HKCR\CLSID\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
(x86) HKCR\CLSID\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
(x86) HKCR\CLSID\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}\InprocServer32
(x86) HKCR\CLSID\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}\InprocServer32#ThreadingModel
(x86) HKCR\CLSID\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}\ProgID
(x86) HKCR\CLSID\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}\Programmable
(x86) HKCR\CLSID\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}\TypeLib
(x86) HKCR\CLSID\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}\VersionIndependentProgID
(x86) HKCR\YontooIEClient.Layers.1
(x86) HKCR\YontooIEClient.Layers.1\CLSID
(x86) HKCR\YontooIEClient.Layers
(x86) HKCR\YontooIEClient.Layers\CLSID
(x86) HKCR\YontooIEClient.Layers\CurVer
(x86) HKCR\TypeLib\{D372567D-67C1-4B29-B3F0-159B52B3E967}
(x86) HKCR\TypeLib\{D372567D-67C1-4B29-B3F0-159B52B3E967}\1.0
(x86) HKCR\TypeLib\{D372567D-67C1-4B29-B3F0-159B52B3E967}\1.0\0
(x86) HKCR\TypeLib\{D372567D-67C1-4B29-B3F0-159B52B3E967}\1.0\0\win32
(x86) HKCR\TypeLib\{D372567D-67C1-4B29-B3F0-159B52B3E967}\1.0\FLAGS
(x86) HKCR\TypeLib\{D372567D-67C1-4B29-B3F0-159B52B3E967}\1.0\HELPDIR
C:\PROGRAM FILES (X86)\YONTOO\YONTOOIECLIENT.DLL
(x86) HKCR\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
(x86) HKCR\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}\ProxyStubClsid32
(x86) HKCR\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}\TypeLib
(x86) HKCR\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}\TypeLib#Version
(x86) HKCR\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
(x86) HKCR\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}\ProxyStubClsid32
(x86) HKCR\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}\TypeLib
(x86) HKCR\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}\TypeLib#Version
Adware.Tracking Cookie
revsci.net [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
invitemedia.com [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
C:\Users\Alexander Bär\AppData\Roaming\Microsoft\Windows\Cookies\FQRW2PG8.txt [ /c.atdmt.com ]
apmebf.com [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
mediaplex.com [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
track.adform.net [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
atdmt.com [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
atdmt.com [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
C:\USERS\ALEXANDER BäR\AppData\Roaming\Microsoft\Windows\Cookies\Low\PQT1NG5B.txt [ Cookie:alexander bär@ads.pornerbros.com/ ]
revenuemax.de [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
a.revenuemax.de [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
C:\USERS\ALEXANDER BäR\AppData\Roaming\Microsoft\Windows\Cookies\Low\alexander_bär@ads2.zeusclicks[1].txt [ Cookie:alexander bär@ads2.zeusclicks.com/ ]
ad.yieldmanager.com [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
zanox.com [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
adxpose.com [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
fuckyouverymuch.dk [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
fuckyouverymuch.dk [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
C:\USERS\ALEXANDER BäR\AppData\Roaming\Microsoft\Windows\Cookies\Low\RV1ED7WB.txt [ Cookie:alexander bär@rpc.trafficfactory.biz/ ]
adtech.de [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
C:\USERS\ALEXANDER BäR\AppData\Roaming\Microsoft\Windows\Cookies\Low\alexander_bär@www.googleadservices[2].txt [ Cookie:alexander bär@www.googleadservices.com/pagead/conversion/1052825818/ ]
C:\USERS\ALEXANDER BäR\AppData\Roaming\Microsoft\Windows\Cookies\Low\52ZY9ZMW.txt [ Cookie:alexander bär@ubesttorrent2011.com/tracking/ ]
C:\USERS\ALEXANDER BäR\AppData\Roaming\Microsoft\Windows\Cookies\Low\IJIJRTTL.txt [ Cookie:alexander bär@mediaplex.com/ ]
C:\USERS\ALEXANDER BäR\AppData\Roaming\Microsoft\Windows\Cookies\Low\BBIZJAV5.txt [ Cookie:alexander bär@api.firestormmedia.tv/iptv/ ]
C:\USERS\ALEXANDER BäR\AppData\Roaming\Microsoft\Windows\Cookies\Low\91A083KF.txt [ Cookie:alexander bär@hardsextube.com/video/1073584/Busty-Granny-Ginette/ ]
C:\USERS\ALEXANDER BäR\AppData\Roaming\Microsoft\Windows\Cookies\Low\HDXYZ1B1.txt [ Cookie:alexander bär@service.clicksvenue.com/ ]
C:\USERS\ALEXANDER BäR\AppData\Roaming\Microsoft\Windows\Cookies\Low\PCKVX3TO.txt [ Cookie:alexander bär@adxpansion.com/ ]
C:\USERS\ALEXANDER BäR\AppData\Roaming\Microsoft\Windows\Cookies\Low\WRVS3027.txt [ Cookie:alexander bär@de.youporn.com/ ]
revsci.net [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
C:\USERS\ALEXANDER BäR\AppData\Roaming\Microsoft\Windows\Cookies\Low\0PQTN5V2.txt [ Cookie:alexander bär@dev.hardsextube.com/ ]
serving-sys.com [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
C:\USERS\ALEXANDER BäR\AppData\Roaming\Microsoft\Windows\Cookies\Low\E5UL762N.txt [ Cookie:alexander bär@ero-advertising.com/ ]
serving-sys.com [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
C:\USERS\ALEXANDER BäR\AppData\Roaming\Microsoft\Windows\Cookies\Low\KCQMHDC6.txt [ Cookie:alexander bär@adserver.hardsextube.com/ ]
C:\USERS\ALEXANDER BäR\AppData\Roaming\Microsoft\Windows\Cookies\Low\FF7TJ28I.txt [ Cookie:alexander bär@ads.crakmedia.com/ ]
C:\USERS\ALEXANDER BäR\AppData\Roaming\Microsoft\Windows\Cookies\Low\ISJRIA4A.txt [ Cookie:alexander bär@hardsextube.com/ ]
amazon-adsystem.com [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
C:\USERS\ALEXANDER BäR\AppData\Roaming\Microsoft\Windows\Cookies\Low\XIITWWEX.txt [ Cookie:alexander bär@youporn.com/ ]
amazon-adsystem.com [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
C:\USERS\ALEXANDER BäR\AppData\Roaming\Microsoft\Windows\Cookies\Low\VVNPBLQH.txt [ Cookie:alexander bär@panzertraffic.com/ ]
C:\USERS\ALEXANDER BäR\AppData\Roaming\Microsoft\Windows\Cookies\Low\alexander_bär@atdmt[2].txt [ Cookie:alexander bär@atdmt.com/ ]
in.getclicky.com [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
track.effiliation.com [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
doubleclick.net [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
imrworldwide.com [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
imrworldwide.com [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
ads.pointroll.com [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
pointroll.com [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
pointroll.com [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
ads.pointroll.com [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
ads.pointroll.com [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
ads.pointroll.com [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
ads.pointroll.com [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
ads.pointroll.com [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
ads.pointroll.com [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
legolas-media.com [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
insightexpressai.com [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
insightexpressai.com [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
server.adformdsp.net [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
adformdsp.net [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
adform.net [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
webmasterplan.com [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
webmasterplan.com [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
ad4.adfarm1.adition.com [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
zanox-affiliate.de [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
adx.chip.de [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
kontera.com [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
clicksor.com [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
clicksor.com [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
myroitracking.com [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
clicksor.com [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
clicksor.com [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
fastclick.net [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
webmasterplan.com [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
eas4.emediate.eu [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
mediathek.rbb-online.de [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
invitemedia.com [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
adx2.chip.de [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
generaltracking.de [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
generaltracking.de [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
generaltracking.de [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
generaltracking.de [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
ad.adnet.de [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
webmasterplan.com [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
revsci.net [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
xiti.com [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
adbrite.com [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
adbrite.com [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
casalemedia.com [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
casalemedia.com [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
casalemedia.com [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
casalemedia.com [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
invitemedia.com [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
generaltracking.de [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
ad.dyntracker.com [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
tracking.quisma.com [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
tracking.quisma.com [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
tradedoubler.com [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
unister-adservices.com [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
unister-adservices.com [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
smartadserver.com [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
smartadserver.com [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
ww251.smartadserver.com [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
smartadserver.com [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
smartadserver.com [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
www7.addfreestats.com [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
warez-load.com [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
warez-load.com [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
yadro.ru [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
yadro.ru [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
aim4media.com [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
webmasterplan.com [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
webmasterplan.com [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
banners.victor.com [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
webmasterplan.com [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
invitemedia.com [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
smartadserver.com [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
apmebf.com [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
adtech.de [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
webmasterplan.com [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
guj.122.2o7.net [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
questionmarket.com [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
questionmarket.com [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
webmasterplan.com [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
webmasterplan.com [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
tradedoubler.com [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
eas5.emediate.eu [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
mediaplex.com [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
eas.apm.emediate.eu [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
tracking.quisma.com [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
traffictrack.de [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
advertising.com [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
webmasterplan.com [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
eas4.emediate.eu [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
eas.apm.emediate.eu [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
track.adform.net [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
adform.net [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
invitemedia.com [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
invitemedia.com [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
invitemedia.com [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
zanox-affiliate.de [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
www.zanox-affiliate.de [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
tracking.quisma.com [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
quartermedia.de [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
tracker.vinsight.de [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
revsci.net [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
revsci.net [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
revsci.net [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
revsci.net [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
adx.chip.de [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
adx.chip.de [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
adx.chip.de [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
adx.chip.de [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
adx.chip.de [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
adx.chip.de [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
adtech.de [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
webmasterplan.com [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
webmasterplan.com [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
webmasterplan.com [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
tradedoubler.com [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
tradedoubler.com [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
www.ardmediathek.de [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
statcounter.com [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
doubleclick.net [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
zanox.com [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
adfarm1.adition.com [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
adfarm1.adition.com [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
adfarm1.adition.com [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
adfarm1.adition.com [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
serving-sys.com [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
serving-sys.com [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
serving-sys.com [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
accounts.google.com [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
accounts.google.com [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
.imrworldwide.com [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
.imrworldwide.com [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
.zanox.com [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
.apmebf.com [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
.amazon-adsystem.com [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
.amazon-adsystem.com [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
track.effiliation.com [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
track.effiliation.com [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
track.effiliation.com [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
track.effiliation.com [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
track.effiliation.com [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
tomtailor.dyntracker.com [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
.fastclick.net [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
tracking.mlsat02.de [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
.zanox-affiliate.de [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
.zanox-affiliate.de [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
.revenuemax.de [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
.atdmt.com [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
.atdmt.com [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
ad.adserver01.de [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
.ru4.com [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
.questionmarket.com [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
.questionmarket.com [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
track.effiliation.com [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
track.effiliation.com [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
track.effiliation.com [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
track.effiliation.com [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
track.effiliation.com [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
track.effiliation.com [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
ad1.adfarm1.adition.com [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
server.adform.net [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
server.adform.net [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
.adform.net [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
adfarm1.adition.com [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
www.usenext.de [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
.doubleclick.net [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
statse.webtrendslive.com [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
ad2.adfarm1.adition.com [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
.zanox.com [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
ad.zanox.com [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
.quartermedia.de [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
.quartermedia.de [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
ad3.adfarm1.adition.com [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
.bs.serving-sys.com [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
.doubleclick.net [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
.statcounter.com [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
.statcounter.com [ C:\USERS\ALEXANDER BäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RLGQ0F03.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\ALEXANDER BäR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\ALEXANDER BäR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\ALEXANDER BäR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
in.getclicky.com [ C:\USERS\ALEXANDER BäR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
www.googleadservices.com [ C:\USERS\ALEXANDER BäR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
statse.webtrendslive.com [ C:\USERS\ALEXANDER BäR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\ALEXANDER BäR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\ALEXANDER BäR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\ALEXANDER BäR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
|
|
| Themen zu Icredibar unter Google Chrome |
| administrator, aktiviert, anleitung, autostart, bösartige, dateien, downloads, erfolgreich, explorer, folge, folgender, gelöscht, google, installiert, kommt immer wieder, leute, logfile, neuinstallieren, quarantäne, registrierung, seite, service, speicher, startseite, toolbar, version |
Textbox von OTL - wenn OTL auf deutsch ist wird sie mit 
beschriftet
.
Linear-Darstellung
