| |
| |||||||
Log-Analyse und Auswertung: Security Sphere 2012 - Immer noch Fehler nach Entfernung!Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
06.11.2011, 12:11
| #1 |
 |  Security Sphere 2012 - Immer noch Fehler nach Entfernung! Guten Tag, ich habe mir kürzlich Security Sphere eingefangen, konnte aber dank der super Anleitung hier im Board die Symptome schnell entfernen. Allerdings bleiben noch einige wichtige Fragen offen. Die wichtigste natürlich: 1.) Ist mein System jetzt komplett sauber? (Logfiles hierzu im Anhang) Wird evtl. noch was benötigt? Update:Ich sollte hier vielleicht noch erwähnen, dass Windows vor dem Herunterfahren immer meldet, dass noch Programme im Hintergrund aktiv sind, obwohl ich alles beendet habe. Es wird auch nichts bestimmtes genannt, aber ich muss das Herunterfahren immer erzwingen. 2.) Desweiteren würde mich interessieren, warum nach dem Entfernungsvorgang meine zweite Festplatte nicht mehr angezeigt wurde (auch nicht in der Datenträgerverwaltung) und auch nicht mehr zugänglich war. Erst nachdem ich gerade nochmal einen aktualisierten (hundertsten) Quickscan mit Malwarebytes durchgeführt habe (wurde nichts gefunden) war nach dem Reboot alles wieder so wie vorher. Mich interessiert das nur, weil ich sichergehen möchte, dass da in Zukunft in der Richtung nichts mehr auf mich zukommt oder zurückfällt. Update: Nachdem ich den PC gerade eben nochmal neugestartet habe ist die Festplatte wieder verschwunden. Auch alle Desktopverknüpfungen, die zu der Festplatte führen zeigen das Windows-Default Icon, was ja wohl heißt, dass sie nicht auf das eigentliche Icon auf der Festplatte zugreifen können. 3.) Einige Ordner auf der primären Festplatte sind mit einem Schlosse versehen (lassen sich nicht öffnen). Wurde das von dem Virus oder von einem der Beseitigungsprogramme verursacht und wie kann ich das entfernen? - Screenshot im Anhang - 4.) Nach dem Entfernen hat Malwarebytes und rechts an der Taskleiste öfters eine Meldung hervorgebracht, dass eine schädliche Website erfolgreich geblockt wurde. Nach mehreren Scans ohne Funde ist die Meldung allerdings verschwunden, aber alleine durchs Scannen wird doch nichts entfernt, oder? 5.) Anscheinend werden keine von mir vorgenommenen Einstellungen mehr gespeichert, insbesondere was Firefox angeht. Das Programm ist nach jedem Neustart wieder unten an der Taskleiste angeheftet, obwohl ich es jedes mal von dort entferne und bei jedem Start werde ich immer wieder gefragt, ob ich Firefox als Standardbrowser festlegen möchte. Da scheint also auch noch irgendwas nicht zu stimmen. Könnte das vielleicht was mit der neuen Hosts Datei zu tun haben? 6.) Zum Abschluss eine einfache Nachhaltigkeitsfrage: Ich habe mein System bis jetzt immer nur mit AntiVir geschützt. Was empfehlen denn die Profis hier um solche Zwischenfälle in Zukunft besser vermeiden zu können? Geändert von El_Chuck (06.11.2011 um 12:19 Uhr) |
|
07.11.2011, 11:21
| #2 | ||
| /// Winkelfunktion /// TB-Süch-Tiger™   | Security Sphere 2012 - Immer noch Fehler nach Entfernung!Zitat:
Zitat:
Der Virenscanner - egal welcher - kann und wird niemals 100% Schutz bieten können. Neue/unbekannte Schädlinge können immer durch die Lappen gehen. Bleib bei dem Scanner oder nimm Microsoft Security Essentials. Abgesehen davon nutzen verschiedene Virenscanner unterschiedliche Signaturen und Techniken, das führt dazu, dass zB Scanner1 Schädling X entdeckt, aber Schädling Y übersieht. Scanner2 erkennt Schädling Y, dafür aber Schädling X nicht... Wichtiger ist, dass du dich an Regeln hälst. Der beste Virenscanner bringt nichts, wenn du dich falsch verhälst und fahrlässig/unvorsichtig bist. Airbag und Sicherheitsgurt im Auto sind ja auch keine Gründe dafür auf die Verkehrsregeln zu pfeifen. Halte Dich am besten grob an diese Regeln:
Alles noch genauer erklärt steht hier => Kompromittierung unvermeidbar? Führ bitte auch ESET aus, danach sehen wir weiter: ESET Online Scanner
__________________ |
|
07.11.2011, 13:51
| #3 |
| | Security Sphere 2012 - Immer noch Fehler nach Entfernung! ESETSmartInstaller@High as downloader log:
__________________all ok # version=7 # OnlineScannerApp.exe=1.0.0.1 # OnlineScanner.ocx=1.0.0.6583 # api_version=3.0.2 # EOSSerial=30681a09a98fe9408f0273733e0b969e # end=finished # remove_checked=false # archives_checked=true # unwanted_checked=true # unsafe_checked=false # antistealth_checked=true # utc_time=2011-11-07 12:43:46 # local_time=2011-11-07 01:43:46 (+0100, Mitteleuropäische Zeit) # country="Germany" # lang=1033 # osver=6.1.7600 NT # compatibility_mode=1797 16775145 100 94 149866 57204891 172385 0 # compatibility_mode=5893 16776573 100 94 4326 72297920 0 0 # compatibility_mode=8192 67108863 100 0 3811 3811 0 0 # scanned=157667 # found=6 # cleaned=0 # scan_time=1756 C:\Users\Start\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\0\237a7000-3ec41f4d multiple threats (unable to clean) 00000000000000000000000000000000 I C:\Users\Start\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\11\338e794b-1b558cb2 Java/Exploit.Agent.NAO trojan (unable to clean) 00000000000000000000000000000000 I C:\Users\Start\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\27\5b0c76db-5e9c25b2 multiple threats (unable to clean) 00000000000000000000000000000000 I C:\Users\Start\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\31\1d4e065f-3e966d9c multiple threats (unable to clean) 00000000000000000000000000000000 I C:\Users\Start\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\57\14a81db9-35eb6f23 multiple threats (unable to clean) 00000000000000000000000000000000 I C:\Users\Start\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\60\352c843c-4bbf82c8 Java/TrojanDownloader.OpenStream.NBL trojan (unable to clean) 00000000000000000000000000000000 I |
|
07.11.2011, 13:56
| #4 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Security Sphere 2012 - Immer noch Fehler nach Entfernung! Mach einen OTL-Fix, beende alle evtl. geöffneten Programme, auch Virenscanner deaktivieren (!), starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!) Hinweis: Falls Du Deinen Benutzernamen unkenntlich gemacht hast, musst Du das Ausgesternte in Deinen richtigen Benutzernamen wieder verwandeln, sonst funktioniert das Script nicht!! Code:
ATTFilter :OTL
MOD - C:\Users\Start\AppData\Local\Temp\3dcf2df1-2a83-477c-a7dd-858967792357\CliSecureRT.dll ()
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://online.attc.de/wissen/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = FD C1 9D 02 77 4C CC 01 [binary data]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:62485
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008.11.15 10:52:50 | 000,161,088 | R--- | M] (Take-Two Interactive Software, Inc.) - E:\Autorun.exe -- [ UDF ]
O32 - AutoRun File - [2008.10.11 18:03:48 | 000,000,054 | R--- | M] () - E:\Autorun.inf -- [ UDF ]
O33 - MountPoints2\{173d214b-5a0c-11e0-8a94-1c6f6537e902}\Shell - "" = AutoRun
O33 - MountPoints2\{173d214b-5a0c-11e0-8a94-1c6f6537e902}\Shell\AutoRun\command - "" = F:\LGAutoRun.exe
O33 - MountPoints2\{64d97fa5-17e5-11e0-b554-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{64d97fa5-17e5-11e0-b554-806e6f6e6963}\Shell\AutoRun\command - "" = E:\Autorun.exe -- [2008.11.15 10:52:50 | 000,161,088 | R--- | M] (Take-Two Interactive Software, Inc.)
O33 - MountPoints2\{c863f340-ca98-11e0-946e-1c6f6537e902}\Shell - "" = AutoRun
O33 - MountPoints2\{c863f340-ca98-11e0-946e-1c6f6537e902}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a
[2011.11.05 23:24:57 | 000,000,000 | ---D | C] -- C:\ProgramData\lE10500MfDmN10500
[2011.11.05 23:24:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LP
[2011.11.05 23:24:55 | 000,000,000 | ---D | C] -- C:\Users\Start\AppData\Roaming\5CD88
:Files
C:\Users\Start\AppData\LocalLow\Sun\Java\Deployment\cache\6.0
:Commands
[emptytemp]
[resethosts]
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet. Die mit diesem Script gefixten Einträge, Dateien und Ordner werden zur Sicherheit nicht vollständig gelöscht, es wird eine Sicherheitskopie auf der Systempartition im Ordner "_OTL" erstellt. Hinweis: Das obige Script ist nur für diesen einen User in dieser Situtation erstellt worden. Es ist auf keinen anderen Rechner portierbar und darf nicht anderweitig verwandt werden, da es das System nachhaltig schädigen kann!
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
07.11.2011, 14:18
| #5 |
| | Security Sphere 2012 - Immer noch Fehler nach Entfernung!Code:
ATTFilter All processes killed
========== OTL ==========
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Local Page| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache AcceptLangs| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache_TIMESTAMP| /E : value set successfully!
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable|dword:0 /E : value set successfully!
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyOverride| /E : value set successfully!
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer| /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!
File move failed. E:\Autorun.exe scheduled to be moved on reboot.
File move failed. E:\Autorun.inf scheduled to be moved on reboot.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{173d214b-5a0c-11e0-8a94-1c6f6537e902}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{173d214b-5a0c-11e0-8a94-1c6f6537e902}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{173d214b-5a0c-11e0-8a94-1c6f6537e902}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{173d214b-5a0c-11e0-8a94-1c6f6537e902}\ not found.
File F:\LGAutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{64d97fa5-17e5-11e0-b554-806e6f6e6963}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{64d97fa5-17e5-11e0-b554-806e6f6e6963}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{64d97fa5-17e5-11e0-b554-806e6f6e6963}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{64d97fa5-17e5-11e0-b554-806e6f6e6963}\ not found.
File move failed. E:\Autorun.exe scheduled to be moved on reboot.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c863f340-ca98-11e0-946e-1c6f6537e902}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c863f340-ca98-11e0-946e-1c6f6537e902}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c863f340-ca98-11e0-946e-1c6f6537e902}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c863f340-ca98-11e0-946e-1c6f6537e902}\ not found.
File F:\LaunchU3.exe -a not found.
Folder C:\ProgramData\lE10500MfDmN10500\ not found.
C:\Program Files (x86)\LP\9025 folder moved successfully.
C:\Program Files (x86)\LP folder moved successfully.
C:\Users\Start\AppData\Roaming\5CD88 folder moved successfully.
========== FILES ==========
C:\Users\Start\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\tmp folder moved successfully.
C:\Users\Start\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\muffin folder moved successfully.
C:\Users\Start\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\host folder moved successfully.
C:\Users\Start\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\9 folder moved successfully.
C:\Users\Start\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\8 folder moved successfully.
C:\Users\Start\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\7 folder moved successfully.
C:\Users\Start\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\63 folder moved successfully.
C:\Users\Start\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\62 folder moved successfully.
C:\Users\Start\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\61 folder moved successfully.
C:\Users\Start\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\60 folder moved successfully.
C:\Users\Start\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\6 folder moved successfully.
C:\Users\Start\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\59 folder moved successfully.
C:\Users\Start\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\58 folder moved successfully.
C:\Users\Start\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\57 folder moved successfully.
C:\Users\Start\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\56 folder moved successfully.
C:\Users\Start\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\55 folder moved successfully.
C:\Users\Start\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\54 folder moved successfully.
C:\Users\Start\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\53 folder moved successfully.
C:\Users\Start\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\52 folder moved successfully.
C:\Users\Start\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\51 folder moved successfully.
C:\Users\Start\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\50 folder moved successfully.
C:\Users\Start\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\5 folder moved successfully.
C:\Users\Start\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\49 folder moved successfully.
C:\Users\Start\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\48 folder moved successfully.
C:\Users\Start\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\47 folder moved successfully.
C:\Users\Start\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\46 folder moved successfully.
C:\Users\Start\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\45 folder moved successfully.
C:\Users\Start\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\44 folder moved successfully.
C:\Users\Start\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\43 folder moved successfully.
C:\Users\Start\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\42 folder moved successfully.
C:\Users\Start\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\41 folder moved successfully.
C:\Users\Start\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\40 folder moved successfully.
C:\Users\Start\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\4 folder moved successfully.
C:\Users\Start\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\39 folder moved successfully.
C:\Users\Start\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\38 folder moved successfully.
C:\Users\Start\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\37 folder moved successfully.
C:\Users\Start\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\36 folder moved successfully.
C:\Users\Start\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\35 folder moved successfully.
C:\Users\Start\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\34 folder moved successfully.
C:\Users\Start\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\33 folder moved successfully.
C:\Users\Start\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\32 folder moved successfully.
C:\Users\Start\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\31 folder moved successfully.
C:\Users\Start\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\30 folder moved successfully.
C:\Users\Start\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\3 folder moved successfully.
C:\Users\Start\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\29 folder moved successfully.
C:\Users\Start\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\28 folder moved successfully.
C:\Users\Start\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\27 folder moved successfully.
C:\Users\Start\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\26 folder moved successfully.
C:\Users\Start\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\25 folder moved successfully.
C:\Users\Start\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\24 folder moved successfully.
C:\Users\Start\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\23 folder moved successfully.
C:\Users\Start\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\22 folder moved successfully.
C:\Users\Start\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\21 folder moved successfully.
C:\Users\Start\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\20 folder moved successfully.
C:\Users\Start\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\2 folder moved successfully.
C:\Users\Start\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\19 folder moved successfully.
C:\Users\Start\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\18 folder moved successfully.
C:\Users\Start\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17 folder moved successfully.
C:\Users\Start\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\16 folder moved successfully.
C:\Users\Start\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\15 folder moved successfully.
C:\Users\Start\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\14 folder moved successfully.
C:\Users\Start\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\13 folder moved successfully.
C:\Users\Start\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\12 folder moved successfully.
C:\Users\Start\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\11 folder moved successfully.
C:\Users\Start\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\10 folder moved successfully.
C:\Users\Start\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\1 folder moved successfully.
C:\Users\Start\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\0 folder moved successfully.
C:\Users\Start\AppData\LocalLow\Sun\Java\Deployment\cache\6.0 folder moved successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Public
User: Start
->Temp folder emptied: 3544299722 bytes
->Temporary Internet Files folder emptied: 4682526 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 256712218 bytes
->Flash cache emptied: 23049 bytes
User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 183405268 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 67899 bytes
RecycleBin emptied: 2322184 bytes
Total Files Cleaned = 3.807,00 mb
HOSTS file reset successfully
OTL by OldTimer - Version 3.2.31.0 log created on 11072011_141437
Files\Folders moved on Reboot...
File move failed. E:\Autorun.exe scheduled to be moved on reboot.
File move failed. E:\Autorun.inf scheduled to be moved on reboot.
C:\Users\Start\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
Registry entries deleted on Reboot...
|
|
07.11.2011, 14:37
| #6 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Security Sphere 2012 - Immer noch Fehler nach Entfernung! Bitte nun dieses Tool von Kaspersky ausführen und das Log posten => http://www.trojaner-board.de/82358-t...entfernen.html Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet, Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten. Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition nach, da speichert der TDSS-Killer seine Logs. Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten!  Falls du durch die Infektion auf deine Dokumente/Eigenen Dateien nicht zugreifen kannst, Verknüpfungen auf dem Desktop oder im Startmenü unter "alle Programme" fehlen, bitte unhide ausführen: Downloade dir bitte unhide.exe und speichere diese Datei auf deinem Desktop. Starte das Tool und es sollten alle Dateien und Ordner wieder sichtbar sein. ( Könnte eine Weile dauern )  Windows-Vista und Windows-7-User müssen das Tool per Rechtsklick als Administrator ausführen!
__________________ --> Security Sphere 2012 - Immer noch Fehler nach Entfernung! |
|
07.11.2011, 17:26
| #7 |
| | Security Sphere 2012 - Immer noch Fehler nach Entfernung!Code:
ATTFilter 17:22:30.0923 5064 TDSS rootkit removing tool 2.6.16.0 Nov 7 2011 16:26:51
17:22:31.0016 5064 ============================================================
17:22:31.0016 5064 Current date / time: 2011/11/07 17:22:31.0016
17:22:31.0016 5064 SystemInfo:
17:22:31.0016 5064
17:22:31.0016 5064 OS Version: 6.1.7600 ServicePack: 0.0
17:22:31.0016 5064 Product type: Workstation
17:22:31.0016 5064 ComputerName: START-PC
17:22:31.0016 5064 UserName: Start
17:22:31.0016 5064 Windows directory: C:\Windows
17:22:31.0016 5064 System windows directory: C:\Windows
17:22:31.0016 5064 Running under WOW64
17:22:31.0016 5064 Processor architecture: Intel x64
17:22:31.0016 5064 Number of processors: 6
17:22:31.0016 5064 Page size: 0x1000
17:22:31.0016 5064 Boot type: Normal boot
17:22:31.0016 5064 ============================================================
17:22:31.0097 5064 Initialize success
17:23:44.0421 3148 ============================================================
17:23:44.0421 3148 Scan started
17:23:44.0421 3148 Mode: Manual; SigCheck; TDLFS;
17:23:44.0421 3148 ============================================================
17:23:44.0565 3148 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\DRIVERS\1394ohci.sys
17:23:44.0600 3148 1394ohci - ok
17:23:44.0610 3148 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\DRIVERS\ACPI.sys
17:23:44.0621 3148 ACPI - ok
17:23:44.0628 3148 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\DRIVERS\acpipmi.sys
17:23:44.0647 3148 AcpiPmi - ok
17:23:44.0659 3148 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
17:23:44.0676 3148 adp94xx - ok
17:23:44.0688 3148 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
17:23:44.0702 3148 adpahci - ok
17:23:44.0711 3148 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
17:23:44.0722 3148 adpu320 - ok
17:23:44.0738 3148 AFD (6ef20ddf3172e97d69f596fb90602f29) C:\Windows\system32\drivers\afd.sys
17:23:44.0759 3148 AFD - ok
17:23:44.0767 3148 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\DRIVERS\agp440.sys
17:23:44.0777 3148 agp440 - ok
17:23:44.0786 3148 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\DRIVERS\aliide.sys
17:23:44.0793 3148 aliide - ok
17:23:44.0800 3148 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\DRIVERS\amdide.sys
17:23:44.0808 3148 amdide - ok
17:23:44.0817 3148 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
17:23:44.0829 3148 AmdK8 - ok
17:23:44.0837 3148 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
17:23:44.0845 3148 AmdPPM - ok
17:23:44.0853 3148 amdsata (7a4b413614c055935567cf88a9734d38) C:\Windows\system32\DRIVERS\amdsata.sys
17:23:44.0863 3148 amdsata - ok
17:23:44.0872 3148 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
17:23:44.0883 3148 amdsbs - ok
17:23:44.0891 3148 amdxata (b4ad0cacbab298671dd6f6ef7e20679d) C:\Windows\system32\DRIVERS\amdxata.sys
17:23:44.0896 3148 amdxata - ok
17:23:44.0908 3148 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys
17:23:44.0934 3148 AppID - ok
17:23:44.0947 3148 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
17:23:44.0957 3148 arc - ok
17:23:44.0965 3148 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
17:23:44.0975 3148 arcsas - ok
17:23:44.0989 3148 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
17:23:45.0041 3148 AsyncMac - ok
17:23:45.0048 3148 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\DRIVERS\atapi.sys
17:23:45.0054 3148 atapi - ok
17:23:45.0061 3148 AtiPcie (e82e61f46d1336447f4deff8c074f13e) C:\Windows\system32\DRIVERS\AtiPcie64.sys
17:23:45.0084 3148 AtiPcie - ok
17:23:45.0096 3148 avgntflt (b1224e6b086cd6548315b04ab575a23e) C:\Windows\system32\DRIVERS\avgntflt.sys
17:23:45.0101 3148 avgntflt - ok
17:23:45.0109 3148 avipbb (ed45f12cfa62b83765c9c1496758cc87) C:\Windows\system32\DRIVERS\avipbb.sys
17:23:45.0119 3148 avipbb - ok
17:23:45.0133 3148 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
17:23:45.0151 3148 b06bdrv - ok
17:23:45.0161 3148 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
17:23:45.0176 3148 b57nd60a - ok
17:23:45.0187 3148 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
17:23:45.0211 3148 Beep - ok
17:23:45.0222 3148 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
17:23:45.0232 3148 blbdrive - ok
17:23:45.0243 3148 bowser (19d20159708e152267e53b66677a4995) C:\Windows\system32\DRIVERS\bowser.sys
17:23:45.0252 3148 bowser - ok
17:23:45.0259 3148 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
17:23:45.0269 3148 BrFiltLo - ok
17:23:45.0276 3148 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
17:23:45.0286 3148 BrFiltUp - ok
17:23:45.0297 3148 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
17:23:45.0314 3148 Brserid - ok
17:23:45.0321 3148 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
17:23:45.0334 3148 BrSerWdm - ok
17:23:45.0341 3148 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
17:23:45.0352 3148 BrUsbMdm - ok
17:23:45.0359 3148 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
17:23:45.0368 3148 BrUsbSer - ok
17:23:45.0376 3148 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
17:23:45.0389 3148 BTHMODEM - ok
17:23:45.0400 3148 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
17:23:45.0427 3148 cdfs - ok
17:23:45.0437 3148 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys
17:23:45.0450 3148 cdrom - ok
17:23:45.0459 3148 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
17:23:45.0472 3148 circlass - ok
17:23:45.0483 3148 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
17:23:45.0493 3148 CLFS - ok
17:23:45.0507 3148 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
17:23:45.0517 3148 CmBatt - ok
17:23:45.0524 3148 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\DRIVERS\cmdide.sys
17:23:45.0532 3148 cmdide - ok
17:23:45.0550 3148 cmudaxp (6060489679f0321c2ca492e16aa405b2) C:\Windows\system32\drivers\cmudaxp.sys
17:23:45.0580 3148 cmudaxp - ok
17:23:45.0593 3148 CNG (f95fd4cb7da00ba2a63ce9f6b5c053e1) C:\Windows\system32\Drivers\cng.sys
17:23:45.0609 3148 CNG - ok
17:23:45.0616 3148 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
17:23:45.0622 3148 Compbatt - ok
17:23:45.0629 3148 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\DRIVERS\CompositeBus.sys
17:23:45.0642 3148 CompositeBus - ok
17:23:45.0645 3148 cpuz133 - ok
17:23:45.0654 3148 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
17:23:45.0662 3148 crcdisk - ok
17:23:45.0680 3148 DfsC (9c253ce7311ca60fc11c774692a13208) C:\Windows\system32\Drivers\dfsc.sys
17:23:45.0688 3148 DfsC - ok
17:23:45.0696 3148 dgderdrv - ok
17:23:45.0706 3148 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
17:23:45.0731 3148 discache - ok
17:23:45.0739 3148 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
17:23:45.0745 3148 Disk - ok
17:23:45.0757 3148 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
17:23:45.0767 3148 drmkaud - ok
17:23:45.0786 3148 DXGKrnl (ebce0b0924835f635f620d19f0529dce) C:\Windows\System32\drivers\dxgkrnl.sys
17:23:45.0812 3148 DXGKrnl - ok
17:23:45.0821 3148 E1G60 (edc6e9c057c9d7f83eea22b4cef5dcad) C:\Windows\system32\DRIVERS\E1G6032E.sys
17:23:45.0833 3148 E1G60 - ok
17:23:45.0879 3148 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
17:23:45.0934 3148 ebdrv - ok
17:23:45.0953 3148 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
17:23:45.0970 3148 elxstor - ok
17:23:45.0978 3148 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\DRIVERS\errdev.sys
17:23:45.0987 3148 ErrDev - ok
17:23:46.0001 3148 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
17:23:46.0029 3148 exfat - ok
17:23:46.0038 3148 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
17:23:46.0066 3148 fastfat - ok
17:23:46.0075 3148 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
17:23:46.0085 3148 fdc - ok
17:23:46.0096 3148 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
17:23:46.0102 3148 FileInfo - ok
17:23:46.0110 3148 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
17:23:46.0135 3148 Filetrace - ok
17:23:46.0142 3148 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
17:23:46.0152 3148 flpydisk - ok
17:23:46.0162 3148 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys
17:23:46.0172 3148 FltMgr - ok
17:23:46.0182 3148 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
17:23:46.0192 3148 FsDepends - ok
17:23:46.0200 3148 fssfltr (2bf3b36b96d015af666b6aa63ae2e38f) C:\Windows\system32\DRIVERS\fssfltr.sys
17:23:46.0209 3148 fssfltr - ok
17:23:46.0218 3148 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
17:23:46.0226 3148 Fs_Rec - ok
17:23:46.0236 3148 fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\Windows\system32\DRIVERS\fvevol.sys
17:23:46.0246 3148 fvevol - ok
17:23:46.0254 3148 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
17:23:46.0263 3148 gagp30kx - ok
17:23:46.0271 3148 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
17:23:46.0278 3148 GEARAspiWDM - ok
17:23:46.0290 3148 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
17:23:46.0301 3148 hcw85cir - ok
17:23:46.0312 3148 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\Windows\system32\drivers\HdAudio.sys
17:23:46.0330 3148 HdAudAddService - ok
17:23:46.0339 3148 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\DRIVERS\HDAudBus.sys
17:23:46.0352 3148 HDAudBus - ok
17:23:46.0359 3148 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
17:23:46.0368 3148 HidBatt - ok
17:23:46.0376 3148 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
17:23:46.0391 3148 HidBth - ok
17:23:46.0399 3148 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
17:23:46.0411 3148 HidIr - ok
17:23:46.0421 3148 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys
17:23:46.0431 3148 HidUsb - ok
17:23:46.0444 3148 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\DRIVERS\HpSAMD.sys
17:23:46.0454 3148 HpSAMD - ok
17:23:46.0470 3148 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys
17:23:46.0511 3148 HTTP - ok
17:23:46.0519 3148 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys
17:23:46.0524 3148 hwpolicy - ok
17:23:46.0532 3148 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
17:23:46.0544 3148 i8042prt - ok
17:23:46.0555 3148 iaStorV (d83efb6fd45df9d55e9a1afc63640d50) C:\Windows\system32\DRIVERS\iaStorV.sys
17:23:46.0570 3148 iaStorV - ok
17:23:46.0581 3148 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
17:23:46.0590 3148 iirsp - ok
17:23:46.0600 3148 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\DRIVERS\intelide.sys
17:23:46.0608 3148 intelide - ok
17:23:46.0616 3148 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
17:23:46.0628 3148 intelppm - ok
17:23:46.0638 3148 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:23:46.0666 3148 IpFilterDriver - ok
17:23:46.0675 3148 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\DRIVERS\IPMIDrv.sys
17:23:46.0687 3148 IPMIDRV - ok
17:23:46.0695 3148 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
17:23:46.0722 3148 IPNAT - ok
17:23:46.0731 3148 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
17:23:46.0749 3148 IRENUM - ok
17:23:46.0757 3148 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\DRIVERS\isapnp.sys
17:23:46.0765 3148 isapnp - ok
17:23:46.0774 3148 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\DRIVERS\msiscsi.sys
17:23:46.0787 3148 iScsiPrt - ok
17:23:46.0795 3148 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
17:23:46.0805 3148 kbdclass - ok
17:23:46.0813 3148 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys
17:23:46.0822 3148 kbdhid - ok
17:23:46.0832 3148 KSecDD (e8b6fcc9c83535c67f835d407620bd27) C:\Windows\system32\Drivers\ksecdd.sys
17:23:46.0839 3148 KSecDD - ok
17:23:46.0847 3148 KSecPkg (a8c63880ef6f4d3fec7b616b9c060215) C:\Windows\system32\Drivers\ksecpkg.sys
17:23:46.0854 3148 KSecPkg - ok
17:23:46.0862 3148 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
17:23:46.0887 3148 ksthunk - ok
17:23:46.0901 3148 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
17:23:46.0927 3148 lltdio - ok
17:23:46.0940 3148 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
17:23:46.0951 3148 LSI_FC - ok
17:23:46.0959 3148 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
17:23:46.0969 3148 LSI_SAS - ok
17:23:46.0977 3148 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
17:23:46.0987 3148 LSI_SAS2 - ok
17:23:46.0996 3148 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
17:23:47.0007 3148 LSI_SCSI - ok
17:23:47.0016 3148 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
17:23:47.0040 3148 luafv - ok
17:23:47.0050 3148 MBAMProtector (23a854450dab5c9b7a42ab9be6f2e4bd) C:\Windows\system32\drivers\mbam.sys
17:23:47.0056 3148 MBAMProtector - ok
17:23:47.0067 3148 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
17:23:47.0075 3148 megasas - ok
17:23:47.0085 3148 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
17:23:47.0098 3148 MegaSR - ok
17:23:47.0107 3148 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
17:23:47.0132 3148 Modem - ok
17:23:47.0139 3148 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
17:23:47.0149 3148 monitor - ok
17:23:47.0156 3148 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
17:23:47.0166 3148 mouclass - ok
17:23:47.0174 3148 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
17:23:47.0184 3148 mouhid - ok
17:23:47.0192 3148 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys
17:23:47.0198 3148 mountmgr - ok
17:23:47.0207 3148 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\DRIVERS\mpio.sys
17:23:47.0220 3148 mpio - ok
17:23:47.0228 3148 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
17:23:47.0254 3148 mpsdrv - ok
17:23:47.0264 3148 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys
17:23:47.0279 3148 MRxDAV - ok
17:23:47.0287 3148 mrxsmb (040d62a9d8ad28922632137acdd984f2) C:\Windows\system32\DRIVERS\mrxsmb.sys
17:23:47.0296 3148 mrxsmb - ok
17:23:47.0306 3148 mrxsmb10 (f0067552f8f9b33d7c59403ab808a3cb) C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:23:47.0316 3148 mrxsmb10 - ok
17:23:47.0325 3148 mrxsmb20 (3c142d31de9f2f193218a53fe2632051) C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:23:47.0333 3148 mrxsmb20 - ok
17:23:47.0340 3148 msahci (5c37497276e3b3a5488b23a326a754b7) C:\Windows\system32\DRIVERS\msahci.sys
17:23:47.0346 3148 msahci - ok
17:23:47.0355 3148 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\DRIVERS\msdsm.sys
17:23:47.0366 3148 msdsm - ok
17:23:47.0378 3148 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
17:23:47.0400 3148 Msfs - ok
17:23:47.0408 3148 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
17:23:47.0432 3148 mshidkmdf - ok
17:23:47.0439 3148 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\DRIVERS\msisadrv.sys
17:23:47.0444 3148 msisadrv - ok
17:23:47.0455 3148 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
17:23:47.0480 3148 MSKSSRV - ok
17:23:47.0487 3148 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
17:23:47.0511 3148 MSPCLOCK - ok
17:23:47.0519 3148 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
17:23:47.0542 3148 MSPQM - ok
17:23:47.0553 3148 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys
17:23:47.0564 3148 MsRPC - ok
17:23:47.0573 3148 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
17:23:47.0579 3148 mssmbios - ok
17:23:47.0586 3148 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
17:23:47.0609 3148 MSTEE - ok
17:23:47.0617 3148 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
17:23:47.0626 3148 MTConfig - ok
17:23:47.0634 3148 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
17:23:47.0640 3148 Mup - ok
17:23:47.0651 3148 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
17:23:47.0669 3148 NativeWifiP - ok
17:23:47.0688 3148 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys
17:23:47.0708 3148 NDIS - ok
17:23:47.0716 3148 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
17:23:47.0741 3148 NdisCap - ok
17:23:47.0749 3148 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
17:23:47.0774 3148 NdisTapi - ok
17:23:47.0781 3148 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys
17:23:47.0806 3148 Ndisuio - ok
17:23:47.0815 3148 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys
17:23:47.0844 3148 NdisWan - ok
17:23:47.0852 3148 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys
17:23:47.0878 3148 NDProxy - ok
17:23:47.0886 3148 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
17:23:47.0908 3148 NetBIOS - ok
17:23:47.0919 3148 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys
17:23:47.0950 3148 NetBT - ok
17:23:47.0969 3148 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
17:23:47.0978 3148 nfrd960 - ok
17:23:47.0990 3148 nmwcd (903681bab213d5f84717c0fc42afb28a) C:\Windows\system32\drivers\ccdcmbx64.sys
17:23:48.0010 3148 nmwcd - ok
17:23:48.0018 3148 nmwcdc (ec4c5ebd003e0395bf4ea5a2efd13ce6) C:\Windows\system32\drivers\ccdcmbox64.sys
17:23:48.0036 3148 nmwcdc - ok
17:23:48.0044 3148 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
17:23:48.0068 3148 Npfs - ok
17:23:48.0077 3148 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
17:23:48.0102 3148 nsiproxy - ok
17:23:48.0130 3148 Ntfs (356698a13c4630d5b31c37378d469196) C:\Windows\system32\drivers\Ntfs.sys
17:23:48.0162 3148 Ntfs - ok
17:23:48.0171 3148 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
17:23:48.0195 3148 Null - ok
17:23:48.0203 3148 nusb3hub (285acec1b13a15ba520aae06bacb9cff) C:\Windows\system32\DRIVERS\nusb3hub.sys
17:23:48.0212 3148 nusb3hub - ok
17:23:48.0222 3148 nusb3xhc (f6d625ff7b56bb6ea063f0d3a5bbc996) C:\Windows\system32\DRIVERS\nusb3xhc.sys
17:23:48.0233 3148 nusb3xhc - ok
17:23:48.0242 3148 NVHDA (10204955027011e08a9dc27737a48a54) C:\Windows\system32\drivers\nvhda64v.sys
17:23:48.0253 3148 NVHDA - ok
17:23:48.0388 3148 nvlddmkm (aa043614b7f65eaf7fa83068286d5981) C:\Windows\system32\DRIVERS\nvlddmkm.sys
17:23:48.0588 3148 nvlddmkm - ok
17:23:48.0599 3148 nvraid (3e38712941e9bb4ddbee00affe3fed3d) C:\Windows\system32\DRIVERS\nvraid.sys
17:23:48.0610 3148 nvraid - ok
17:23:48.0619 3148 nvstor (477dc4d6deb99be37084c9ac6d013da1) C:\Windows\system32\DRIVERS\nvstor.sys
17:23:48.0630 3148 nvstor - ok
17:23:48.0642 3148 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\DRIVERS\nv_agp.sys
17:23:48.0653 3148 nv_agp - ok
17:23:48.0661 3148 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\DRIVERS\ohci1394.sys
17:23:48.0673 3148 ohci1394 - ok
17:23:48.0687 3148 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
17:23:48.0698 3148 Parport - ok
17:23:48.0707 3148 partmgr (7daa117143316c4a1537e074a5a9eaf0) C:\Windows\system32\drivers\partmgr.sys
17:23:48.0713 3148 partmgr - ok
17:23:48.0724 3148 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\DRIVERS\pci.sys
17:23:48.0733 3148 pci - ok
17:23:48.0740 3148 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\DRIVERS\pciide.sys
17:23:48.0746 3148 pciide - ok
17:23:48.0755 3148 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
17:23:48.0767 3148 pcmcia - ok
17:23:48.0775 3148 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
17:23:48.0782 3148 pcw - ok
17:23:48.0796 3148 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
17:23:48.0835 3148 PEAUTH - ok
17:23:48.0863 3148 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys
17:23:48.0890 3148 PptpMiniport - ok
17:23:48.0898 3148 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
17:23:48.0910 3148 Processor - ok
17:23:48.0922 3148 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys
17:23:52.0841 3148 Psched - ok
17:23:52.0864 3148 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
17:23:52.0896 3148 ql2300 - ok
17:23:52.0905 3148 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
17:23:52.0917 3148 ql40xx - ok
17:23:52.0926 3148 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
17:23:52.0939 3148 QWAVEdrv - ok
17:23:52.0947 3148 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
17:23:52.0971 3148 RasAcd - ok
17:23:52.0979 3148 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
17:23:53.0004 3148 RasAgileVpn - ok
17:23:53.0014 3148 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys
17:23:53.0042 3148 Rasl2tp - ok
17:23:53.0052 3148 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
17:23:53.0079 3148 RasPppoe - ok
17:23:53.0087 3148 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
17:23:53.0114 3148 RasSstp - ok
17:23:53.0125 3148 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys
17:23:53.0151 3148 rdbss - ok
17:23:53.0159 3148 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
17:23:53.0170 3148 rdpbus - ok
17:23:53.0177 3148 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
17:23:53.0202 3148 RDPCDD - ok
17:23:53.0211 3148 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
17:23:53.0235 3148 RDPENCDD - ok
17:23:53.0244 3148 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
17:23:53.0294 3148 RDPREFMP - ok
17:23:53.0304 3148 RDPWD (8a3e6bea1c53ea6177fe2b6eba2c80d7) C:\Windows\system32\drivers\RDPWD.sys
17:23:53.0332 3148 RDPWD - ok
17:23:53.0342 3148 rdyboost (634b9a2181d98f15941236886164ec8b) C:\Windows\system32\drivers\rdyboost.sys
17:23:53.0351 3148 rdyboost - ok
17:23:53.0367 3148 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
17:23:53.0392 3148 rspndr - ok
17:23:53.0402 3148 RTL8167 (abcb5a38a0d85bdf69b7877e1ad1eed5) C:\Windows\system32\DRIVERS\Rt64win7.sys
17:23:53.0423 3148 RTL8167 - ok
17:23:53.0433 3148 SaiH0BAC (231a3700154b1a49c2f05cb0da4b2747) C:\Windows\system32\DRIVERS\SaiH0BAC.sys
17:23:53.0443 3148 SaiH0BAC - ok
17:23:53.0450 3148 SaiMini (10b72224b9849db47ce5ffd0fc872275) C:\Windows\system32\DRIVERS\SaiMini.sys
17:23:53.0458 3148 SaiMini - ok
17:23:53.0466 3148 SaiNtBus (6187d4e2d8abf14c20bc8a3dd35d7e80) C:\Windows\system32\drivers\SaiBus.sys
17:23:53.0475 3148 SaiNtBus - ok
17:23:53.0485 3148 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\DRIVERS\sbp2port.sys
17:23:53.0495 3148 sbp2port - ok
17:23:53.0504 3148 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys
17:23:53.0530 3148 scfilter - ok
17:23:53.0544 3148 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
17:23:53.0569 3148 secdrv - ok
17:23:53.0581 3148 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
17:23:53.0590 3148 Serenum - ok
17:23:53.0599 3148 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
17:23:53.0610 3148 Serial - ok
17:23:53.0618 3148 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
17:23:53.0627 3148 sermouse - ok
17:23:53.0641 3148 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys
17:23:53.0650 3148 sffdisk - ok
17:23:53.0657 3148 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\DRIVERS\sffp_mmc.sys
17:23:53.0666 3148 sffp_mmc - ok
17:23:53.0674 3148 sffp_sd (178298f767fe638c9fedcbdef58bb5e4) C:\Windows\system32\DRIVERS\sffp_sd.sys
17:23:53.0682 3148 sffp_sd - ok
17:23:53.0689 3148 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
17:23:53.0698 3148 sfloppy - ok
17:23:53.0713 3148 Sftfs (a40abfdcb75f835fdf3ce0cc64e4250d) C:\Windows\system32\DRIVERS\Sftfslh.sys
17:23:53.0733 3148 Sftfs - ok
17:23:53.0745 3148 Sftplay (411769ed1cb12d2b44217734347bdb7a) C:\Windows\system32\DRIVERS\Sftplaylh.sys
17:23:53.0756 3148 Sftplay - ok
17:23:53.0765 3148 Sftredir (a14d0df34bbb00ea94da16193d0c7957) C:\Windows\system32\DRIVERS\Sftredirlh.sys
17:23:53.0769 3148 Sftredir - ok
17:23:53.0777 3148 Sftvol (393b22addd89979eb1c60898f51c3648) C:\Windows\system32\DRIVERS\Sftvollh.sys
17:23:53.0784 3148 Sftvol - ok
17:23:53.0796 3148 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
17:23:53.0805 3148 SiSRaid2 - ok
17:23:53.0813 3148 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
17:23:53.0823 3148 SiSRaid4 - ok
17:23:53.0831 3148 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
17:23:53.0858 3148 Smb - ok
17:23:53.0870 3148 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
17:23:53.0876 3148 spldr - ok
17:23:53.0893 3148 srv (2408c0366d96bcdf63e8f1c78e4a29c5) C:\Windows\system32\DRIVERS\srv.sys
17:23:53.0906 3148 srv - ok
17:23:53.0918 3148 srv2 (76548f7b818881b47d8d1ae1be9c11f8) C:\Windows\system32\DRIVERS\srv2.sys
17:23:53.0929 3148 srv2 - ok
17:23:53.0939 3148 srvnet (0af6e19d39c70844c5caa8fb0183c36e) C:\Windows\system32\DRIVERS\srvnet.sys
17:23:53.0947 3148 srvnet - ok
17:23:53.0956 3148 sscebus (f74634f46692c8315e7f37f698af3225) C:\Windows\system32\DRIVERS\sscebus.sys
17:23:53.0965 3148 sscebus - ok
17:23:53.0972 3148 sscemdfl (82732b391efd69b0548044be9cb37bfc) C:\Windows\system32\DRIVERS\sscemdfl.sys
17:23:53.0979 3148 sscemdfl - ok
17:23:53.0988 3148 sscemdm (43d56ace4469d90f9790e8352d87d9b5) C:\Windows\system32\DRIVERS\sscemdm.sys
17:23:53.0997 3148 sscemdm - ok
17:23:54.0007 3148 ssceserd (db504ef6d73f6b8ab5cf8a18560c4e2a) C:\Windows\system32\DRIVERS\ssceserd.sys
17:23:54.0016 3148 ssceserd - ok
17:23:54.0029 3148 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
17:23:54.0037 3148 stexstor - ok
17:23:54.0046 3148 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
17:23:54.0054 3148 swenum - ok
17:23:54.0088 3148 Tcpip (b9d87c7707f058ac652a398cd28de14b) C:\Windows\system32\drivers\tcpip.sys
17:23:54.0120 3148 Tcpip - ok
17:23:54.0146 3148 TCPIP6 (b9d87c7707f058ac652a398cd28de14b) C:\Windows\system32\DRIVERS\tcpip.sys
17:23:54.0170 3148 TCPIP6 - ok
17:23:54.0180 3148 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys
17:23:54.0205 3148 tcpipreg - ok
17:23:54.0214 3148 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
17:23:54.0239 3148 TDPIPE - ok
17:23:54.0246 3148 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
17:23:54.0271 3148 TDTCP - ok
17:23:54.0279 3148 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys
17:23:54.0306 3148 tdx - ok
17:23:54.0314 3148 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\DRIVERS\termdd.sys
17:23:54.0324 3148 TermDD - ok
17:23:54.0334 3148 TFsExDisk (ce4b6956e4e12492715a53076e58761f) C:\Windows\System32\Drivers\TFsExDisk.sys
17:23:54.0341 3148 TFsExDisk - ok
17:23:54.0356 3148 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys
17:23:54.0381 3148 tssecsrv - ok
17:23:54.0390 3148 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys
17:23:54.0418 3148 tunnel - ok
17:23:54.0426 3148 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
17:23:54.0435 3148 uagp35 - ok
17:23:54.0446 3148 udfs (d47baead86c65d4f4069d7ce0a4edceb) C:\Windows\system32\DRIVERS\udfs.sys
17:23:54.0471 3148 udfs - ok
17:23:54.0485 3148 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\DRIVERS\uliagpkx.sys
17:23:54.0494 3148 uliagpkx - ok
17:23:54.0503 3148 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys
17:23:54.0514 3148 umbus - ok
17:23:54.0521 3148 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
17:23:54.0530 3148 UmPass - ok
17:23:54.0540 3148 upperdev (7168819f30fe9622284ea19bde7f8ab4) C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys
17:23:54.0557 3148 upperdev - ok
17:23:54.0565 3148 usbccgp (b26afb54a534d634523c4fb66765b026) C:\Windows\system32\DRIVERS\usbccgp.sys
17:23:54.0577 3148 usbccgp - ok
17:23:54.0585 3148 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\DRIVERS\usbcir.sys
17:23:54.0600 3148 usbcir - ok
17:23:54.0608 3148 usbehci (df9f9afc9aaabd8ed47975d44e38169a) C:\Windows\system32\DRIVERS\usbehci.sys
17:23:54.0618 3148 usbehci - ok
17:23:54.0626 3148 usbfilter (dc2b306861f42eeeb92ef525f4119f08) C:\Windows\system32\DRIVERS\usbfilter.sys
17:23:54.0633 3148 usbfilter - ok
17:23:54.0645 3148 usbhub (372a91bc3c6603080a793880b0873785) C:\Windows\system32\DRIVERS\usbhub.sys
17:23:54.0662 3148 usbhub - ok
17:23:54.0669 3148 usbohci (58e546bbaf87664fc57e0f6081e4f609) C:\Windows\system32\DRIVERS\usbohci.sys
17:23:54.0678 3148 usbohci - ok
17:23:54.0686 3148 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
17:23:54.0697 3148 usbprint - ok
17:23:54.0705 3148 UsbserFilt (66c25cb20b2974e0c0cfdab49fb72a02) C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys
17:23:54.0721 3148 UsbserFilt - ok
17:23:54.0729 3148 USBSTOR (080d3820da6c046be82fc8b45a893e83) C:\Windows\system32\DRIVERS\USBSTOR.SYS
17:23:54.0736 3148 USBSTOR - ok
17:23:54.0744 3148 usbuhci (81fb2216d3a60d1284455d511797db3d) C:\Windows\system32\DRIVERS\usbuhci.sys
17:23:54.0753 3148 usbuhci - ok
17:23:54.0764 3148 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\DRIVERS\vdrvroot.sys
17:23:54.0770 3148 vdrvroot - ok
17:23:54.0780 3148 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
17:23:54.0791 3148 vga - ok
17:23:54.0799 3148 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
17:23:54.0823 3148 VgaSave - ok
17:23:54.0832 3148 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\DRIVERS\vhdmp.sys
17:23:54.0845 3148 vhdmp - ok
17:23:54.0853 3148 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\DRIVERS\viaide.sys
17:23:54.0860 3148 viaide - ok
17:23:54.0869 3148 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\DRIVERS\volmgr.sys
17:23:54.0875 3148 volmgr - ok
17:23:54.0886 3148 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys
17:23:54.0896 3148 volmgrx - ok
17:23:54.0907 3148 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\DRIVERS\volsnap.sys
17:23:54.0917 3148 volsnap - ok
17:23:54.0926 3148 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
17:23:54.0937 3148 vsmraid - ok
17:23:54.0947 3148 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys
17:23:54.0958 3148 vwifibus - ok
17:23:54.0968 3148 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
17:23:54.0978 3148 WacomPen - ok
17:23:54.0987 3148 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
17:23:55.0013 3148 WANARP - ok
17:23:55.0017 3148 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
17:23:55.0038 3148 Wanarpv6 - ok
17:23:55.0052 3148 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
17:23:55.0060 3148 Wd - ok
17:23:55.0075 3148 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
17:23:55.0091 3148 Wdf01000 - ok
17:23:55.0108 3148 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
17:23:55.0131 3148 WfpLwf - ok
17:23:55.0139 3148 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
17:23:55.0147 3148 WIMMount - ok
17:23:55.0168 3148 WinUsb (817eaff5d38674edd7713b9dfb8e9791) C:\Windows\system32\DRIVERS\WinUsb.sys
17:23:55.0180 3148 WinUsb - ok
17:23:55.0191 3148 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys
17:23:55.0199 3148 WmiAcpi - ok
17:23:55.0214 3148 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
17:23:55.0238 3148 ws2ifsl - ok
17:23:55.0253 3148 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys
17:23:55.0280 3148 WudfPf - ok
17:23:55.0289 3148 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\Windows\system32\DRIVERS\WUDFRd.sys
17:23:55.0316 3148 WUDFRd - ok
17:23:55.0330 3148 xusb21 (2ee48cfce7ca8e0db4c44c7476c0943b) C:\Windows\system32\DRIVERS\xusb21.sys
17:23:55.0341 3148 xusb21 - ok
17:23:55.0344 3148 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
17:23:55.0366 3148 \Device\Harddisk0\DR0 - ok
17:23:55.0369 3148 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk1\DR1
17:23:55.0430 3148 \Device\Harddisk1\DR1 - ok
17:23:55.0432 3148 Boot (0x1200) (4dfe591110e894a8e39aa68d951bd56a) \Device\Harddisk0\DR0\Partition0
17:23:55.0433 3148 \Device\Harddisk0\DR0\Partition0 - ok
17:23:55.0435 3148 Boot (0x1200) (bffc3afe980d697ab9e0666fa47cfb7f) \Device\Harddisk1\DR1\Partition0
17:23:55.0436 3148 \Device\Harddisk1\DR1\Partition0 - ok
17:23:55.0437 3148 ============================================================
17:23:55.0437 3148 Scan finished
17:23:55.0437 3148 ============================================================
17:23:55.0444 2780 Detected object count: 0
17:23:55.0444 2780 Actual detected object count: 0
|
|
07.11.2011, 18:52
| #8 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Security Sphere 2012 - Immer noch Fehler nach Entfernung! Dann bitte jetzt CF ausführen: ComboFix Ein Leitfaden und Tutorium zur Nutzung von ComboFix
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat! Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie Zitat:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
07.11.2011, 21:25
| #9 |
| | Security Sphere 2012 - Immer noch Fehler nach Entfernung!Code:
ATTFilter ComboFix 11-11-07.03 - Start 07.11.2011 20:15:45.1.6 - x64
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.49.1031.18.4093.2642 [GMT 1:00]
ausgeführt von:: c:\users\Start\Desktop\ComboFix.exe
AV: AntiVir Desktop *Disabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}
SP: AntiVir Desktop *Disabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Neuer Wiederherstellungspunkt wurde erstellt
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Uninstall.exe
c:\windows\system32\drivers\etc\hosts.txt
c:\windows\SysWow64\muzapp.exe
c:\windows\SysWow64\system32
c:\windows\SysWow64\system32\3DAudio.ax
c:\windows\SysWow64\system32\avrt.dll
c:\windows\SysWow64\system32\cis-2.4.dll
c:\windows\SysWow64\system32\issacapi_bs-2.3.dll
c:\windows\SysWow64\system32\issacapi_pe-2.3.dll
c:\windows\SysWow64\system32\issacapi_se-2.3.dll
c:\windows\SysWow64\system32\MACXMLProto.dll
c:\windows\SysWow64\system32\MaDRM.dll
c:\windows\SysWow64\system32\MaJGUILib.dll
c:\windows\SysWow64\system32\MAMACExtract.dll
c:\windows\SysWow64\system32\MASetupCleaner.exe
c:\windows\SysWow64\system32\MaXMLProto.dll
c:\windows\SysWow64\system32\mfplat.dll
c:\windows\SysWow64\system32\MK_Lyric.dll
c:\windows\SysWow64\system32\MSCLib.dll
c:\windows\SysWow64\system32\MSFLib.dll
c:\windows\SysWow64\system32\MSLUR71.dll
c:\windows\SysWow64\system32\msvcp60.dll
c:\windows\SysWow64\system32\MTTELECHIP.dll
c:\windows\SysWow64\system32\MTXSYNCICON.dll
c:\windows\SysWow64\system32\muzaf1.dll
c:\windows\SysWow64\system32\muzapp.dll
c:\windows\SysWow64\system32\muzapp.exe
c:\windows\SysWow64\system32\muzdecode.ax
c:\windows\SysWow64\system32\muzeffect.ax
c:\windows\SysWow64\system32\muzmp4sp.ax
c:\windows\SysWow64\system32\muzmpgsp.ax
c:\windows\SysWow64\system32\muzoggsp.ax
c:\windows\SysWow64\system32\muzwmts.dll
c:\windows\SysWow64\system32\psapi.dll
.
.
((((((((((((((((((((((( Dateien erstellt von 2011-10-07 bis 2011-11-07 ))))))))))))))))))))))))))))))
.
.
2011-11-07 19:53 . 2011-11-07 19:53 69000 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{BFE54F21-1559-416A-9FA7-B11904862483}\offreg.dll
2011-11-07 19:49 . 2011-11-07 19:49 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2011-11-07 19:49 . 2011-11-07 19:49 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-11-07 13:14 . 2011-11-07 13:14 -------- d-----w- C:\_OTL
2011-11-07 12:10 . 2011-11-07 12:10 -------- d-----w- c:\program files (x86)\ESET
2011-11-06 09:47 . 2011-11-06 09:47 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2011-11-05 23:00 . 2011-11-05 23:00 -------- d-----w- c:\users\Start\AppData\Roaming\Malwarebytes
2011-11-05 23:00 . 2011-11-05 23:00 -------- d-----w- c:\programdata\Malwarebytes
2011-11-05 23:00 . 2011-08-31 16:00 25416 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-11-05 22:24 . 2011-11-05 23:09 -------- d-----w- c:\programdata\lE10500MfDmN10500
2011-11-04 10:25 . 2011-10-07 04:16 8570192 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{BFE54F21-1559-416A-9FA7-B11904862483}\mpengine.dll
2011-10-11 14:33 . 2011-10-11 14:34 -------- d-----w- c:\users\Start\AppData\Roaming\SkyTestFQ1
2011-10-11 14:32 . 2011-10-11 14:34 -------- d-----w- c:\program files (x86)\ToPilotsFQ
2011-10-11 14:32 . 2011-10-11 14:32 -------- d-----w- c:\windows\ToPilots FQ Software
2011-10-09 13:40 . 2011-10-09 13:40 -------- d-----w- c:\users\Start\AppData\Roaming\dvdcss
2011-10-09 13:36 . 2011-10-09 13:36 -------- d-----w- c:\users\Start\AppData\Roaming\Canneverbe Limited
2011-10-09 13:36 . 2011-10-09 13:36 -------- d-----w- c:\programdata\Canneverbe Limited
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-10-09 18:54 . 2011-05-15 18:38 280904 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2011-10-09 18:54 . 2011-01-04 11:18 280904 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2011-10-09 18:50 . 2011-01-04 11:18 280904 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2011-10-01 10:35 . 2011-01-04 11:18 75136 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2011-09-22 22:41 . 2011-10-01 09:03 837952 ----a-w- c:\windows\system32\easyupdatusapiu64.dll
2011-09-22 22:41 . 2011-10-01 09:02 7580992 ----a-w- c:\windows\system32\nvcuda.dll
2011-09-22 22:41 . 2011-10-01 09:02 68928 ----a-w- c:\windows\system32\OpenCL.dll
2011-09-22 22:41 . 2011-10-01 09:02 61248 ----a-w- c:\windows\SysWow64\OpenCL.dll
2011-09-22 22:41 . 2011-10-01 09:02 5576000 ----a-w- c:\windows\SysWow64\nvcuda.dll
2011-09-22 22:41 . 2011-10-01 09:02 2542912 ----a-w- c:\windows\system32\nvcuvid.dll
2011-09-22 22:41 . 2011-10-01 09:02 24796480 ----a-w- c:\windows\system32\nvcompiler.dll
2011-09-22 22:41 . 2011-10-01 09:02 24743232 ----a-w- c:\windows\system32\nvoglv64.dll
2011-09-22 22:41 . 2011-10-01 09:02 2401088 ----a-w- c:\windows\SysWow64\nvcuvid.dll
2011-09-22 22:41 . 2011-10-01 09:02 2232128 ----a-w- c:\windows\system32\nvcuvenc.dll
2011-09-22 22:41 . 2011-10-01 09:02 2099520 ----a-w- c:\windows\SysWow64\nvcuvenc.dll
2011-09-22 22:41 . 2011-10-01 09:02 18870592 ----a-w- c:\windows\SysWow64\nvoglv32.dll
2011-09-22 22:41 . 2011-10-01 09:02 17248576 ----a-w- c:\windows\SysWow64\nvcompiler.dll
2011-09-22 22:41 . 2011-10-01 09:02 15688512 ----a-w- c:\windows\system32\nvd3dumx.dll
2011-09-22 22:41 . 2011-10-01 09:02 1533248 ----a-w- c:\windows\system32\nvdispco64.dll
2011-09-22 22:41 . 2011-10-01 09:02 1454400 ----a-w- c:\windows\system32\nvgenco64.dll
2011-09-22 22:41 . 2011-10-01 09:02 12961088 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2011-09-22 22:41 . 2010-12-28 18:52 8930624 ----a-w- c:\windows\system32\nvwgf2umx.dll
2011-09-22 22:41 . 2010-12-28 18:52 7183168 ----a-w- c:\windows\SysWow64\nvwgf2um.dll
2011-09-22 22:41 . 2010-12-28 18:52 2808640 ----a-w- c:\windows\system32\nvapi64.dll
2011-09-22 22:41 . 2010-12-28 18:52 2458432 ----a-w- c:\windows\SysWow64\nvapi.dll
2011-09-22 22:41 . 2010-12-28 18:52 13200704 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2011-09-22 22:41 . 2010-11-09 10:17 10406208 ----a-w- c:\windows\system32\nvcpl.dll
2011-09-22 22:41 . 2010-11-09 10:17 5067584 ----a-w- c:\windows\system32\nvsvc64.dll
2011-09-22 22:41 . 2010-11-09 10:17 3074368 ----a-w- c:\windows\system32\nvsvcr.dll
2011-09-22 22:41 . 2010-11-09 10:17 222528 ----a-w- c:\windows\system32\nvmctray.dll
2011-09-22 22:41 . 2010-11-09 10:17 1640768 ----a-w- c:\windows\system32\nvvsvc.exe
2011-09-22 22:41 . 2010-11-09 10:17 137536 ----a-w- c:\windows\system32\nvshext.dll
2011-09-22 10:29 . 2011-09-22 10:29 321856 ----a-w- c:\windows\SysWow64\nvStreaming.exe
2011-02-10 13:01 . 2011-02-10 13:01 76464 ----a-w- c:\program files (x86)\fraps64.dat
2011-02-10 13:01 . 2011-02-10 13:01 253104 ----a-w- c:\program files (x86)\fraps32.dll
2011-02-10 13:01 . 2011-02-10 13:01 198832 ----a-w- c:\program files (x86)\fraps64.dll
2011-02-10 13:01 . 2011-02-10 13:01 2514096 ----a-w- c:\program files (x86)\fraps.exe
2011-02-10 12:59 . 2011-02-10 12:59 163840 ----a-w- c:\program files (x86)\frapslcd.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RocketDock"="c:\program files (x86)\RocketDock\RocketDock.exe" [2007-09-02 495616]
"Facebook Update"="c:\users\Start\AppData\Local\Facebook\Update\FacebookUpdate.exe" [2011-09-16 137536]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"NUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2010-04-27 113288]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2010-12-13 281768]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2010-11-29 421888]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2010-12-13 421160]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" [2011-01-30 35736]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 937920]
"DivX Download Manager"="c:\program files (x86)\DivX\DivX Plus Web Player\DDmService.exe" [2011-02-08 63360]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2010-10-29 249064]
"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" [2011-02-15 1230704]
"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-08-31 449608]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Rainmeter.lnk - c:\program files\Rainmeter\Rainmeter.exe [2010-10-10 117248]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Google Update-Dienst (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-05-02 136176]
R3 cpuz133;cpuz133;c:\users\ADMINI~1\AppData\Local\Temp\cpuz133\cpuz133_x64.sys [x]
R3 dgderdrv;dgderdrv;c:\windows\system32\drivers\dgderdrv.sys [x]
R3 gupdatem;Google Update-Dienst (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-05-02 136176]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 SaiH0BAC;SaiH0BAC;c:\windows\system32\DRIVERS\SaiH0BAC.sys [x]
R3 sscebus;SAMSUNG USB Composite Device V2 driver (WDM);c:\windows\system32\DRIVERS\sscebus.sys [x]
R3 sscemdfl;SAMSUNG Mobile Modem V2 Filter;c:\windows\system32\DRIVERS\sscemdfl.sys [x]
R3 sscemdm;SAMSUNG Mobile Modem V2 Drivers;c:\windows\system32\DRIVERS\sscemdm.sys [x]
R3 ssceserd;SAMSUNG Mobile Modem Diagnostic Serial Port V2 (WDM);c:\windows\system32\DRIVERS\ssceserd.sys [x]
R3 TFsExDisk;TFsExDisk;c:\windows\System32\Drivers\TFsExDisk.sys [2011-01-04 16392]
S2 AntiVirSchedulerService;Avira AntiVir Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2011-04-29 136360]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2010-10-20 821664]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2011-08-31 366152]
S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-09-22 2253120]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2010-09-14 508264]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-09-22 381248]
S3 cmudaxp;ASUS Xonar D1 Audio Interface;c:\windows\system32\drivers\cmudaxp.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [x]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [x]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [x]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [x]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [x]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [x]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2010-09-14 219496]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys [x]
.
.
Inhalt des "geplante Tasks" Ordners
.
2011-11-05 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3229880689-1388367887-1604517294-1003Core.job
- c:\users\Start\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-09-16 13:32]
.
2011-11-07 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3229880689-1388367887-1604517294-1003UA.job
- c:\users\Start\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-09-16 13:32]
.
2011-11-07 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-05-02 14:07]
.
2011-11-07 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-05-02 14:07]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Cmaudio8788"="c:\windows\Syswow64\cmicnfgp.dll" [2009-09-07 8151040]
"Cmaudio8788GX"="c:\windows\syswow64\HsMgr.exe" [2008-07-11 200704]
"Cmaudio8788GX64"="c:\windows\system\HsMgr64.exe" [2008-07-11 282112]
"ProfilerU"="c:\program files\Saitek\SD6\Software\ProfilerU.exe" [2007-07-12 347648]
"SaiMfd"="c:\program files\Saitek\SD6\Software\SaiMfd.exe" [2007-07-12 194560]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page =
mLocal Page =
IE: Free YouTube to MP3 Converter - c:\users\Start\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\Start\AppData\Roaming\Mozilla\Firefox\Profiles\mletpd8x.default\
FF - prefs.js: browser.search.selectedEngine - Wikipedia (de)
FF - prefs.js: browser.startup.homepage - hxxp://www.google.de/
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Wow6432Node-HKCU-Run-KiesHelper - d:\programme\Kies\KiesHelper.exe
Wow6432Node-HKCU-Run-KiesTrayAgent - d:\programme\Kies\KiesTrayAgent.exe
Wow6432Node-HKCU-Run-RGSC - d:\spiele\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe
Wow6432Node-HKCU-Run-KiesPDLR - d:\programme\Kies\External\FirmwareUpdate\KiesPDLR.exe
AddRemove-767CAPTAIN - d:\spiele\Microsoft Flight Simulator X\csX767_uninstall.exe
AddRemove-ATTC BU-Trainingssoftware_is1 - d:\programme\ATTC\unins000.exe
AddRemove-Audacity 1.3 Beta (Unicode)_is1 - d:\programme\Audacity 1.3 Beta (Unicode)\unins000.exe
AddRemove-DBS Walk And Follow - d:\spiele\Microsoft Flight Simulator X\Dbs.Waf.Uninstal.exe
AddRemove-Easy Video Joiner_is1 - d:\programme\Easy Video Joiner\unins000.exe
AddRemove-FormatFactory - d:\programme\FormatFactory\uninst.exe
AddRemove-Fraps - c:\program files (x86)\uninstall.exe
AddRemove-Ground Environment X Europe - d:\spiele\UninstalEurope.exe
AddRemove-IrfanView - d:\programme\IrfanView\iv_uninstall.exe
AddRemove-LAME for Audacity_is1 - d:\programme\Audacity 1.3 Beta (Unicode)\LameCodecforAudacity\unins000.exe
AddRemove-MyTraffic X 5.2 Simmarket Edition - c:\program files (x86)\Microsoft Games\Microsoft Flight Simulator X\MyTrafficX52uninst.exe
AddRemove-Neat Image_is1 - d:\programme\Neat Image\unins000.exe
AddRemove-Project Reality SP Map Pack_is1 - d:\spiele\EA GAMES\Battlefield 2\unins001.exe
AddRemove-Project Reality_is1 - d:\spiele\EA GAMES\Battlefield 2\unins000.exe
AddRemove-uTorrent - d:\programme\uTorrent.exe
AddRemove-Aerosoft Mega Airport Munich v 1.00 for FSX - d:\spiele\Microsoft Flight Simulator X\Mega Airport Munich 1_00 for FSX Uninstal.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-3229880689-1388367887-1604517294-1003\Software\SecuROM\License information*]
@Allowed: (Read) (RestrictedCode)
"datasecu"=hex:51,d2,9e,74,f0,93,c3,d7,b8,26,6d,b1,13,42,1e,f7,52,64,d5,4e,21,
1b,89,17,61,9a,4e,c0,04,0e,3f,a6,58,75,38,b5,a1,30,57,15,d4,46,90,d1,c9,ba,\
"rkeysecu"=hex:2f,0f,d5,3e,02,2b,06,63,b1,0b,dd,b6,71,e2,54,98
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10u_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10u_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10u.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10u.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10u.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10u.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\Bonjour\mDNSResponder.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\program files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\program files\ASUS Xonar D1 Audio\Customapp\ASUSAUDIOCENTER.EXE
.
**************************************************************************
.
Zeit der Fertigstellung: 2011-11-07 21:10:43 - PC wurde neu gestartet
ComboFix-quarantined-files.txt 2011-11-07 20:10
.
Vor Suchlauf: 9 Verzeichnis(se), 21.680.459.776 Bytes frei
Nach Suchlauf: 13 Verzeichnis(se), 21.381.914.624 Bytes frei
.
- - End Of File - - E829CE36D40FB6E29140C0CBD9D06A69
|
|
08.11.2011, 09:03
| #10 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Security Sphere 2012 - Immer noch Fehler nach Entfernung! Combofix - Scripten 1. Starte das Notepad (Start / Ausführen / notepad[Enter]) 2. Jetzt füge mit copy/paste den ganzen Inhalt der untenstehenden Codebox in das Notepad Fenster ein. Code:
ATTFilter Folder::
c:\programdata\lE10500MfDmN10500
4. Deaktivere den Guard Deines Antivirenprogramms und eine eventuell vorhandene Software Firewall. (Auch Guards von Ad-, Spyware Programmen und den Tea Timer (wenn vorhanden) !) 5. Dann ziehe die CFScript.txt auf die cofi.exe, so wie es im unteren Bild zu sehen ist. Damit wird Combofix neu gestartet.  6. Nach dem Neustart (es wird gefragt ob Du neustarten willst), poste bitte die folgenden Log Dateien: Combofix.txt Hinweis: Das obige Script ist nur für diesen einen User in dieser Situtation erstellt worden. Es ist auf keinen anderen Rechner portierbar und darf nicht anderweitig verwandt werden, da es das System nachhaltig schädigen kann!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
08.11.2011, 11:20
| #11 |
| | Security Sphere 2012 - Immer noch Fehler nach Entfernung!Code:
ATTFilter ComboFix 11-11-08.01 - Start 08.11.2011 10:26:21.2.6 - x64
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.49.1031.18.4093.2668 [GMT 1:00]
ausgeführt von:: c:\users\Start\Desktop\ComboFix.exe
Benutzte Befehlsschalter :: c:\users\Start\Desktop\CFScript.txt
AV: AntiVir Desktop *Disabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}
SP: AntiVir Desktop *Disabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\lE10500MfDmN10500
c:\programdata\lE10500MfDmN10500\lE10500MfDmN10500
.
.
((((((((((((((((((((((( Dateien erstellt von 2011-10-08 bis 2011-11-08 ))))))))))))))))))))))))))))))
.
.
2011-11-08 09:56 . 2011-11-08 09:56 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2011-11-08 09:56 . 2011-11-08 09:56 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-11-08 09:10 . 2011-11-08 10:00 69000 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{BFE54F21-1559-416A-9FA7-B11904862483}\offreg.dll
2011-11-07 13:14 . 2011-11-07 13:14 -------- d-----w- C:\_OTL
2011-11-07 12:10 . 2011-11-07 12:10 -------- d-----w- c:\program files (x86)\ESET
2011-11-06 09:47 . 2011-11-06 09:47 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2011-11-05 23:00 . 2011-11-05 23:00 -------- d-----w- c:\users\Start\AppData\Roaming\Malwarebytes
2011-11-05 23:00 . 2011-11-05 23:00 -------- d-----w- c:\programdata\Malwarebytes
2011-11-05 23:00 . 2011-08-31 16:00 25416 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-11-04 10:25 . 2011-10-07 04:16 8570192 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{BFE54F21-1559-416A-9FA7-B11904862483}\mpengine.dll
2011-10-11 14:33 . 2011-10-11 14:34 -------- d-----w- c:\users\Start\AppData\Roaming\SkyTestFQ1
2011-10-11 14:32 . 2011-10-11 14:34 -------- d-----w- c:\program files (x86)\ToPilotsFQ
2011-10-11 14:32 . 2011-10-11 14:32 -------- d-----w- c:\windows\ToPilots FQ Software
2011-10-09 13:40 . 2011-10-09 13:40 -------- d-----w- c:\users\Start\AppData\Roaming\dvdcss
2011-10-09 13:36 . 2011-10-09 13:36 -------- d-----w- c:\users\Start\AppData\Roaming\Canneverbe Limited
2011-10-09 13:36 . 2011-10-09 13:36 -------- d-----w- c:\programdata\Canneverbe Limited
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-10-09 18:54 . 2011-05-15 18:38 280904 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2011-10-09 18:54 . 2011-01-04 11:18 280904 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2011-10-09 18:50 . 2011-01-04 11:18 280904 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2011-10-01 10:35 . 2011-01-04 11:18 75136 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2011-09-22 22:41 . 2011-10-01 09:03 837952 ----a-w- c:\windows\system32\easyupdatusapiu64.dll
2011-09-22 22:41 . 2011-10-01 09:02 7580992 ----a-w- c:\windows\system32\nvcuda.dll
2011-09-22 22:41 . 2011-10-01 09:02 68928 ----a-w- c:\windows\system32\OpenCL.dll
2011-09-22 22:41 . 2011-10-01 09:02 61248 ----a-w- c:\windows\SysWow64\OpenCL.dll
2011-09-22 22:41 . 2011-10-01 09:02 5576000 ----a-w- c:\windows\SysWow64\nvcuda.dll
2011-09-22 22:41 . 2011-10-01 09:02 2542912 ----a-w- c:\windows\system32\nvcuvid.dll
2011-09-22 22:41 . 2011-10-01 09:02 24796480 ----a-w- c:\windows\system32\nvcompiler.dll
2011-09-22 22:41 . 2011-10-01 09:02 24743232 ----a-w- c:\windows\system32\nvoglv64.dll
2011-09-22 22:41 . 2011-10-01 09:02 2401088 ----a-w- c:\windows\SysWow64\nvcuvid.dll
2011-09-22 22:41 . 2011-10-01 09:02 2232128 ----a-w- c:\windows\system32\nvcuvenc.dll
2011-09-22 22:41 . 2011-10-01 09:02 2099520 ----a-w- c:\windows\SysWow64\nvcuvenc.dll
2011-09-22 22:41 . 2011-10-01 09:02 18870592 ----a-w- c:\windows\SysWow64\nvoglv32.dll
2011-09-22 22:41 . 2011-10-01 09:02 17248576 ----a-w- c:\windows\SysWow64\nvcompiler.dll
2011-09-22 22:41 . 2011-10-01 09:02 15688512 ----a-w- c:\windows\system32\nvd3dumx.dll
2011-09-22 22:41 . 2011-10-01 09:02 1533248 ----a-w- c:\windows\system32\nvdispco64.dll
2011-09-22 22:41 . 2011-10-01 09:02 1454400 ----a-w- c:\windows\system32\nvgenco64.dll
2011-09-22 22:41 . 2011-10-01 09:02 12961088 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2011-09-22 22:41 . 2010-12-28 18:52 8930624 ----a-w- c:\windows\system32\nvwgf2umx.dll
2011-09-22 22:41 . 2010-12-28 18:52 7183168 ----a-w- c:\windows\SysWow64\nvwgf2um.dll
2011-09-22 22:41 . 2010-12-28 18:52 2808640 ----a-w- c:\windows\system32\nvapi64.dll
2011-09-22 22:41 . 2010-12-28 18:52 2458432 ----a-w- c:\windows\SysWow64\nvapi.dll
2011-09-22 22:41 . 2010-12-28 18:52 13200704 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2011-09-22 22:41 . 2010-11-09 10:17 10406208 ----a-w- c:\windows\system32\nvcpl.dll
2011-09-22 22:41 . 2010-11-09 10:17 5067584 ----a-w- c:\windows\system32\nvsvc64.dll
2011-09-22 22:41 . 2010-11-09 10:17 3074368 ----a-w- c:\windows\system32\nvsvcr.dll
2011-09-22 22:41 . 2010-11-09 10:17 222528 ----a-w- c:\windows\system32\nvmctray.dll
2011-09-22 22:41 . 2010-11-09 10:17 1640768 ----a-w- c:\windows\system32\nvvsvc.exe
2011-09-22 22:41 . 2010-11-09 10:17 137536 ----a-w- c:\windows\system32\nvshext.dll
2011-09-22 10:29 . 2011-09-22 10:29 321856 ----a-w- c:\windows\SysWow64\nvStreaming.exe
2011-02-10 13:01 . 2011-02-10 13:01 76464 ----a-w- c:\program files (x86)\fraps64.dat
2011-02-10 13:01 . 2011-02-10 13:01 253104 ----a-w- c:\program files (x86)\fraps32.dll
2011-02-10 13:01 . 2011-02-10 13:01 198832 ----a-w- c:\program files (x86)\fraps64.dll
2011-02-10 13:01 . 2011-02-10 13:01 2514096 ----a-w- c:\program files (x86)\fraps.exe
2011-02-10 12:59 . 2011-02-10 12:59 163840 ----a-w- c:\program files (x86)\frapslcd.dll
.
.
((((((((((((((((((((((((((((( SnapShot@2011-11-07_19.52.49 )))))))))))))))))))))))))))))))))))))))))
.
- 2011-11-07 19:50 . 2011-11-07 19:50 13318 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\SoftGrid Client\Icon Cache\icon_ex.dat
+ 2011-11-08 09:57 . 2011-11-08 09:57 13318 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\SoftGrid Client\Icon Cache\icon_ex.dat
- 2009-07-14 04:54 . 2011-11-07 19:51 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:54 . 2011-11-08 09:58 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:54 . 2011-11-08 09:58 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54 . 2011-11-07 19:51 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54 . 2011-11-08 09:58 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-07-14 04:54 . 2011-11-07 19:51 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-08-21 07:20 . 2011-11-08 09:09 42924 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
- 2009-07-14 05:10 . 2011-11-07 15:33 50594 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 05:10 . 2011-11-08 09:09 50594 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
- 2011-11-05 22:37 . 2011-11-07 19:51 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2011-11-05 22:37 . 2011-11-08 09:58 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2011-11-05 22:37 . 2011-11-07 19:51 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2011-11-05 22:37 . 2011-11-08 09:58 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-08-21 07:12 . 2011-11-07 19:51 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-08-21 07:12 . 2011-11-08 09:58 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2011-01-04 09:38 . 2011-11-08 09:16 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2011-01-04 09:38 . 2011-11-07 19:02 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-08-21 07:12 . 2011-11-07 19:02 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-08-21 07:12 . 2011-11-08 09:16 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2011-01-04 10:04 . 2011-11-08 09:09 7146 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-3229880689-1388367887-1604517294-1003_UserData.bin
- 2011-01-04 10:04 . 2011-11-07 15:33 7146 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-3229880689-1388367887-1604517294-1003_UserData.bin
- 2011-11-07 19:51 . 2011-11-07 19:51 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2011-11-08 09:58 . 2011-11-08 09:58 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2011-11-08 09:58 . 2011-11-08 09:58 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2011-11-07 19:51 . 2011-11-07 19:51 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2009-07-14 02:36 . 2011-11-07 15:36 661370 c:\windows\system32\perfh009.dat
+ 2009-07-14 02:36 . 2011-11-08 09:12 661370 c:\windows\system32\perfh009.dat
+ 2009-07-14 17:58 . 2011-11-08 09:12 707752 c:\windows\system32\perfh007.dat
- 2009-07-14 17:58 . 2011-11-07 15:36 707752 c:\windows\system32\perfh007.dat
- 2009-07-14 02:36 . 2011-11-07 15:36 125302 c:\windows\system32\perfc009.dat
+ 2009-07-14 02:36 . 2011-11-08 09:12 125302 c:\windows\system32\perfc009.dat
+ 2009-07-14 17:58 . 2011-11-08 09:12 153086 c:\windows\system32\perfc007.dat
- 2009-07-14 17:58 . 2011-11-07 15:36 153086 c:\windows\system32\perfc007.dat
- 2009-07-14 05:01 . 2011-11-07 19:50 456840 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2009-07-14 05:01 . 2011-11-08 09:57 456840 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2009-07-14 02:34 . 2011-11-08 09:18 10485760 c:\windows\system32\SMI\Store\Machine\SCHEMA.DAT
- 2009-07-14 02:34 . 2011-11-07 15:42 10485760 c:\windows\system32\SMI\Store\Machine\SCHEMA.DAT
- 2011-02-08 22:14 . 2011-11-07 19:50 39381969 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-3229880689-1388367887-1604517294-1003-12288.dat
+ 2011-02-08 22:14 . 2011-11-08 09:57 39381969 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-3229880689-1388367887-1604517294-1003-12288.dat
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RocketDock"="c:\program files (x86)\RocketDock\RocketDock.exe" [2007-09-02 495616]
"Facebook Update"="c:\users\Start\AppData\Local\Facebook\Update\FacebookUpdate.exe" [2011-09-16 137536]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"NUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2010-04-27 113288]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2010-12-13 281768]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2010-11-29 421888]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2010-12-13 421160]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" [2011-01-30 35736]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 937920]
"DivX Download Manager"="c:\program files (x86)\DivX\DivX Plus Web Player\DDmService.exe" [2011-02-08 63360]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2010-10-29 249064]
"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" [2011-02-15 1230704]
"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-08-31 449608]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Rainmeter.lnk - c:\program files\Rainmeter\Rainmeter.exe [2010-10-10 117248]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Google Update-Dienst (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-05-02 136176]
R3 cpuz133;cpuz133;c:\users\ADMINI~1\AppData\Local\Temp\cpuz133\cpuz133_x64.sys [x]
R3 dgderdrv;dgderdrv;c:\windows\system32\drivers\dgderdrv.sys [x]
R3 gupdatem;Google Update-Dienst (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-05-02 136176]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 SaiH0BAC;SaiH0BAC;c:\windows\system32\DRIVERS\SaiH0BAC.sys [x]
R3 sscebus;SAMSUNG USB Composite Device V2 driver (WDM);c:\windows\system32\DRIVERS\sscebus.sys [x]
R3 sscemdfl;SAMSUNG Mobile Modem V2 Filter;c:\windows\system32\DRIVERS\sscemdfl.sys [x]
R3 sscemdm;SAMSUNG Mobile Modem V2 Drivers;c:\windows\system32\DRIVERS\sscemdm.sys [x]
R3 ssceserd;SAMSUNG Mobile Modem Diagnostic Serial Port V2 (WDM);c:\windows\system32\DRIVERS\ssceserd.sys [x]
R3 TFsExDisk;TFsExDisk;c:\windows\System32\Drivers\TFsExDisk.sys [2011-01-04 16392]
S2 AntiVirSchedulerService;Avira AntiVir Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2011-04-29 136360]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2010-10-20 821664]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2011-08-31 366152]
S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-09-22 2253120]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2010-09-14 508264]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-09-22 381248]
S3 cmudaxp;ASUS Xonar D1 Audio Interface;c:\windows\system32\drivers\cmudaxp.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [x]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [x]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [x]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [x]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [x]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [x]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2010-09-14 219496]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys [x]
.
.
Inhalt des "geplante Tasks" Ordners
.
2011-11-05 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3229880689-1388367887-1604517294-1003Core.job
- c:\users\Start\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-09-16 13:32]
.
2011-11-07 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3229880689-1388367887-1604517294-1003UA.job
- c:\users\Start\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-09-16 13:32]
.
2011-11-08 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-05-02 14:07]
.
2011-11-08 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-05-02 14:07]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Cmaudio8788"="c:\windows\Syswow64\cmicnfgp.dll" [2009-09-07 8151040]
"Cmaudio8788GX"="c:\windows\syswow64\HsMgr.exe" [2008-07-11 200704]
"Cmaudio8788GX64"="c:\windows\system\HsMgr64.exe" [2008-07-11 282112]
"ProfilerU"="c:\program files\Saitek\SD6\Software\ProfilerU.exe" [2007-07-12 347648]
"SaiMfd"="c:\program files\Saitek\SD6\Software\SaiMfd.exe" [2007-07-12 194560]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page =
mLocal Page =
IE: Free YouTube to MP3 Converter - c:\users\Start\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\Start\AppData\Roaming\Mozilla\Firefox\Profiles\mletpd8x.default\
FF - prefs.js: browser.search.selectedEngine - Wikipedia (de)
FF - prefs.js: browser.startup.homepage - hxxp://www.google.de/
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-3229880689-1388367887-1604517294-1003\Software\SecuROM\License information*]
@Allowed: (Read) (RestrictedCode)
"datasecu"=hex:51,d2,9e,74,f0,93,c3,d7,b8,26,6d,b1,13,42,1e,f7,52,64,d5,4e,21,
1b,89,17,61,9a,4e,c0,04,0e,3f,a6,58,75,38,b5,a1,30,57,15,d4,46,90,d1,c9,ba,\
"rkeysecu"=hex:2f,0f,d5,3e,02,2b,06,63,b1,0b,dd,b6,71,e2,54,98
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10u_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10u_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10u.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10u.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10u.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10u.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\Bonjour\mDNSResponder.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\program files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\program files\ASUS Xonar D1 Audio\Customapp\ASUSAUDIOCENTER.EXE
.
**************************************************************************
.
Zeit der Fertigstellung: 2011-11-08 11:15:49 - PC wurde neu gestartet
ComboFix-quarantined-files.txt 2011-11-08 10:15
ComboFix2.txt 2011-11-07 20:11
.
Vor Suchlauf: 12 Verzeichnis(se), 21.063.327.744 Bytes frei
Nach Suchlauf: 13 Verzeichnis(se), 20.956.012.544 Bytes frei
.
- - End Of File - - 675B2457885BCB422487932FE1374BC8
|
|
08.11.2011, 11:47
| #12 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Security Sphere 2012 - Immer noch Fehler nach Entfernung! Downloade dir bitte aswMBR.exe und speichere die Datei auf deinem Desktop.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
08.11.2011, 13:01
| #13 |
| | Security Sphere 2012 - Immer noch Fehler nach Entfernung!Code:
ATTFilter aswMBR version 0.9.8.986 Copyright(c) 2011 AVAST Software
Run date: 2011-11-08 12:55:06
-----------------------------
12:55:06.619 OS Version: Windows x64 6.1.7600
12:55:06.619 Number of processors: 6 586 0xA00
12:55:06.620 ComputerName: START-PC UserName: Start
12:55:06.774 Initialize success
12:56:50.884 AVAST engine defs: 11110800
12:57:38.093 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
12:57:38.095 Disk 0 Vendor: OCZ-VERTEX2 1.25 Size: 57241MB BusType: 11
12:57:45.179 Disk 1 \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP1T0L0-1
12:57:45.180 Disk 1 Vendor: WDC_WD10EVDS-63U8B0 01.00A01 Size: 57241MB BusType: 11
12:57:47.181 Disk 0 MBR read successfully
12:57:47.182 Disk 0 MBR scan
12:57:47.186 Disk 0 Windows 7 default MBR code
12:57:47.187 Disk 0 MBR hidden
12:57:47.190 Service scanning
12:57:48.650 Modules scanning
12:57:48.652 Disk 0 trace - called modules:
12:57:48.655 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys >>UNKNOWN [0xfffffa8004ae3334]<<
12:57:48.657 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80049f9790]
12:57:48.661 3 CLASSPNP.SYS[fffff88000c4143f] -> nt!IofCallDriver -> [0xfffffa800490a940]
12:57:48.664 5 ACPI.sys[fffff88000fae781] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa80049c7680]
12:57:48.667 \Driver\atapi[0xfffffa80043b5ae0] -> IRP_MJ_INTERNAL_DEVICE_CONTROL -> 0xfffffa8004ae3334
12:57:48.804 AVAST engine scan C:\Windows
12:57:51.064 AVAST engine scan C:\Windows\system32
12:58:40.476 AVAST engine scan C:\Windows\system32\drivers
12:58:44.037 AVAST engine scan C:\Users\Start
12:59:37.995 AVAST engine scan C:\ProgramData
12:59:47.645 Scan finished successfully
13:00:40.612 Disk 0 MBR has been saved successfully to "C:\Users\Start\Desktop\MBR.dat"
13:00:40.616 The log file has been saved successfully to "C:\Users\Start\Desktop\aswMBR.txt"
|
|
08.11.2011, 14:25
| #14 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Security Sphere 2012 - Immer noch Fehler nach Entfernung! Sieht ok aus. Mach bitte zur Kontrolle Vollscans mit Malwarebytes und SUPERAntiSpyware und poste die Logs. Denk dran beide Tools zu updaten vor dem Scan!! Anschließend über den OnlineScanner von ESET eine zusätzliche Meinung zu holen ist auch nicht verkehrt: ESET Online Scanner
__________________ Logfiles bitte immer in CODE-Tags posten |
|
08.11.2011, 16:06
| #15 |
| | Security Sphere 2012 - Immer noch Fehler nach Entfernung! Malwarebytes Log Code:
ATTFilter Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org
Datenbank Version: 8114
Windows 6.1.7600
Internet Explorer 8.0.7600.16385
08.11.2011 16:18:47
mbam-log-2011-11-08 (16-18-47).txt
Art des Suchlaufs: Vollständiger Suchlauf (C:\|Q:\|)
Durchsuchte Objekte: 333317
Laufzeit: 11 Minute(n), 24 Sekunde(n)
Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0
Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)
Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)
Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)
Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)
Infizierte Dateien:
(Keine bösartigen Objekte gefunden)
Code:
ATTFilter SUPERAntiSpyware Scan Log
hxxp://www.superantispyware.com
Generated 11/08/2011 at 03:26 PM
Application Version : 5.0.1134
Core Rules Database Version : 7910
Trace Rules Database Version: 5722
Scan type : Complete Scan
Total Scan Time : 00:10:48
Operating System Information
Windows 7 Home Premium 64-bit (Build 6.01.7600)
UAC Off - Administrator
Memory items scanned : 596
Memory threats detected : 0
Registry items scanned : 75592
Registry threats detected : 0
File items scanned : 45111
File threats detected : 528
Adware.Tracking Cookie
C:\Users\Start\AppData\Roaming\Microsoft\Windows\Cookies\start@ad.yieldmanager[1].txt [ /ad.yieldmanager ]
C:\Users\Start\AppData\Roaming\Microsoft\Windows\Cookies\start@ad.zanox[2].txt [ /ad.zanox ]
C:\Users\Start\AppData\Roaming\Microsoft\Windows\Cookies\start@ad2.adfarm1.adition[1].txt [ /ad2.adfarm1.adition ]
C:\Users\Start\AppData\Roaming\Microsoft\Windows\Cookies\start@adcentriconline[2].txt [ /adcentriconline ]
C:\Users\Start\AppData\Roaming\Microsoft\Windows\Cookies\start@adfarm1.adition[1].txt [ /adfarm1.adition ]
C:\Users\Start\AppData\Roaming\Microsoft\Windows\Cookies\start@ads.creative-serving[2].txt [ /ads.creative-serving ]
C:\Users\Start\AppData\Roaming\Microsoft\Windows\Cookies\start@adx.chip[2].txt [ /adx.chip ]
C:\Users\Start\AppData\Roaming\Microsoft\Windows\Cookies\start@apmebf[2].txt [ /apmebf ]
C:\Users\Start\AppData\Roaming\Microsoft\Windows\Cookies\start@atdmt.combing[2].txt [ /atdmt.combing ]
C:\Users\Start\AppData\Roaming\Microsoft\Windows\Cookies\start@atwola[1].txt [ /atwola ]
C:\Users\Start\AppData\Roaming\Microsoft\Windows\Cookies\start@bs.serving-sys[1].txt [ /bs.serving-sys ]
C:\Users\Start\AppData\Roaming\Microsoft\Windows\Cookies\start@content.yieldmanager[1].txt [ /content.yieldmanager ]
C:\Users\Start\AppData\Roaming\Microsoft\Windows\Cookies\start@content.yieldmanager[3].txt [ /content.yieldmanager ]
C:\Users\Start\AppData\Roaming\Microsoft\Windows\Cookies\start@ehg-systemax.hitbox[1].txt [ /ehg-systemax.hitbox ]
C:\Users\Start\AppData\Roaming\Microsoft\Windows\Cookies\start@ero-advertising[1].txt [ /ero-advertising ]
C:\Users\Start\AppData\Roaming\Microsoft\Windows\Cookies\start@fastclick[1].txt [ /fastclick ]
C:\Users\Start\AppData\Roaming\Microsoft\Windows\Cookies\start@hitbox[2].txt [ /hitbox ]
C:\Users\Start\AppData\Roaming\Microsoft\Windows\Cookies\start@imrworldwide[2].txt [ /imrworldwide ]
C:\Users\Start\AppData\Roaming\Microsoft\Windows\Cookies\start@mediaplex[2].txt [ /mediaplex ]
C:\Users\Start\AppData\Roaming\Microsoft\Windows\Cookies\start@microsoftinternetexplorer.112.2o7[1].txt [ /microsoftinternetexplorer.112.2o7 ]
C:\Users\Start\AppData\Roaming\Microsoft\Windows\Cookies\start@msnportal.112.2o7[1].txt [ /msnportal.112.2o7 ]
C:\Users\Start\AppData\Roaming\Microsoft\Windows\Cookies\start@partypoker[2].txt [ /partypoker ]
C:\Users\Start\AppData\Roaming\Microsoft\Windows\Cookies\start@serving-sys[1].txt [ /serving-sys ]
C:\Users\Start\AppData\Roaming\Microsoft\Windows\Cookies\start@smartadserver[1].txt [ /smartadserver ]
C:\Users\Start\AppData\Roaming\Microsoft\Windows\Cookies\start@statcounter[2].txt [ /statcounter ]
C:\Users\Start\AppData\Roaming\Microsoft\Windows\Cookies\start@tracking.quisma[2].txt [ /tracking.quisma ]
C:\Users\Start\AppData\Roaming\Microsoft\Windows\Cookies\start@tradedoubler[2].txt [ /tradedoubler ]
C:\Users\Start\AppData\Roaming\Microsoft\Windows\Cookies\start@view.advert-layer[1].txt [ /view.advert-layer ]
C:\Users\Start\AppData\Roaming\Microsoft\Windows\Cookies\start@www.zanox-affiliate[2].txt [ /www.zanox-affiliate ]
C:\Users\Start\AppData\Roaming\Microsoft\Windows\Cookies\start@zedo[2].txt [ /zedo ]
C:\Users\Start\AppData\Roaming\Microsoft\Windows\Cookies\FP0TJKSN.txt [ /doubleclick.net ]
C:\Users\Start\AppData\Roaming\Microsoft\Windows\Cookies\Y16A7I96.txt [ /atdmt.com ]
C:\USERS\START\AppData\Roaming\Microsoft\Windows\Cookies\Low\start@doubleclick[1].txt [ Cookie:start@doubleclick.net/ ]
C:\USERS\START\AppData\Roaming\Microsoft\Windows\Cookies\Low\start@atdmt[1].txt [ Cookie:start@atdmt.com/ ]
C:\USERS\START\AppData\Roaming\Microsoft\Windows\Cookies\Low\start@ad.yieldmanager[2].txt [ Cookie:start@ad.yieldmanager.com/ ]
C:\USERS\START\AppData\Roaming\Microsoft\Windows\Cookies\Low\start@fastclick[1].txt [ Cookie:start@fastclick.net/ ]
C:\USERS\START\AppData\Roaming\Microsoft\Windows\Cookies\Low\start@msnportal.112.2o7[1].txt [ Cookie:start@msnportal.112.2o7.net/ ]
C:\USERS\START\Cookies\start@atwola[1].txt [ Cookie:start@atwola.com/ ]
C:\USERS\START\Cookies\FP0TJKSN.txt [ Cookie:start@doubleclick.net/ ]
C:\USERS\START\Cookies\start@ad2.adfarm1.adition[1].txt [ Cookie:start@ad2.adfarm1.adition.com/ ]
C:\USERS\START\Cookies\Y16A7I96.txt [ Cookie:start@atdmt.com/ ]
C:\USERS\START\Cookies\start@partypoker[2].txt [ Cookie:start@partypoker.com/ ]
C:\USERS\START\Cookies\start@ad.yieldmanager[1].txt [ Cookie:start@ad.yieldmanager.com/ ]
C:\USERS\START\Cookies\start@content.yieldmanager[1].txt [ Cookie:start@content.yieldmanager.com/ ]
C:\USERS\START\Cookies\start@bs.serving-sys[1].txt [ Cookie:start@bs.serving-sys.com/ ]
C:\USERS\START\Cookies\start@tracking.quisma[2].txt [ Cookie:start@tracking.quisma.com/ ]
C:\USERS\START\Cookies\start@adcentriconline[2].txt [ Cookie:start@adcentriconline.com/ ]
C:\USERS\START\Cookies\start@statcounter[2].txt [ Cookie:start@statcounter.com/ ]
C:\USERS\START\Cookies\start@zedo[2].txt [ Cookie:start@zedo.com/ ]
C:\USERS\START\Cookies\start@fastclick[1].txt [ Cookie:start@fastclick.net/ ]
C:\USERS\START\Cookies\start@microsoftinternetexplorer.112.2o7[1].txt [ Cookie:start@microsoftinternetexplorer.112.2o7.net/ ]
C:\USERS\START\Cookies\start@content.yieldmanager[3].txt [ Cookie:start@content.yieldmanager.com/ak/ ]
C:\USERS\START\Cookies\start@serving-sys[1].txt [ Cookie:start@serving-sys.com/ ]
C:\USERS\START\Cookies\start@tradedoubler[2].txt [ Cookie:start@tradedoubler.com/ ]
C:\USERS\START\Cookies\start@imrworldwide[2].txt [ Cookie:start@imrworldwide.com/cgi-bin ]
C:\USERS\START\Cookies\start@adfarm1.adition[1].txt [ Cookie:start@adfarm1.adition.com/ ]
C:\USERS\START\Cookies\start@hitbox[2].txt [ Cookie:start@hitbox.com/ ]
C:\USERS\START\Cookies\start@msnportal.112.2o7[1].txt [ Cookie:start@msnportal.112.2o7.net/ ]
C:\USERS\START\Cookies\start@smartadserver[1].txt [ Cookie:start@smartadserver.com/ ]
C:\USERS\START\Cookies\start@mediaplex[2].txt [ Cookie:start@mediaplex.com/ ]
media.rockstargames.com [ C:\USERS\START\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\WLPF9PHL ]
C:\USERS\START\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\START@INTERCLICK[1].TXT [ /INTERCLICK ]
.mediaplex.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.atdmt.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.specificclick.net [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.imrworldwide.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.imrworldwide.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.daimlerag.122.2o7.net [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.frontlinegmbh.122.2o7.net [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.fastclick.net [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
eas.apm.emediate.eu [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.apmebf.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.adbrite.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
ads.247activemedia.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
adsrv1.admediate.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.ru4.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.eaeacom.112.2o7.net [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.e-2dj6wjloahdzcbo.stats.esomniture.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.eyewonder.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.eyewonder.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.getclicky.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.static.getclicky.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
in.getclicky.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
wstat.wibiya.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
track.adform.net [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.sevenoneintermedia.112.2o7.net [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.mediafire.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.xiti.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
tracking.klicktel.de [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
tracking.klicktel.de [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.adserver.adtechus.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.zedo.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
adserver.wolterskluwer.de [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
perfectadserver.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.ad.adnet.de [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.tns-counter.ru [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.e-2dj6wjlyqkczoap.stats.esomniture.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
track.effiliation.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.advertising.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.advertising.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.komtrack.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.komtrack.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
adserver.avianex.de [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
eas4.emediate.eu [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.velmedia.net [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.trafficmp.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.count.spring.de [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
nl.sitestat.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
nl.sitestat.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
nl.sitestat.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
beacons.hottraffic.nl [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.weborama.fr [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.bluemango.solution.weborama.fr [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.bluemango.solution.weborama.fr [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.bluemango.solution.weborama.fr [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.bluemango.solution.weborama.fr [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.a.revenuemax.de [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
ads.adxvalue.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
ads.adxvalue.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
ads.adxvalue.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
ads.adxvalue.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
auth.breakmedia.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.apmebf.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.audiag.112.2o7.net [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
adserver.adreactor.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.anrtx.tacoda.net [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.gmeurope.112.2o7.net [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.adinterax.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.adinterax.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
statse.webtrendslive.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.adxpose.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
adsystem.tech-review.de [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.click.payperclick.co.il [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.mtvn.112.2o7.net [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.viacom.adbureau.net [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.aim4media.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.microsoftgamestudio.112.2o7.net [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.ru4.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.mediabrandsww.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.paypal.112.2o7.net [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.amazon-adsystem.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
fidelity.rotator.hadj7.adjuggler.net [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
fidelity.rotator.hadj7.adjuggler.net [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.autoscout24.112.2o7.net [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.legolas-media.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.at.atwola.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.tacoda.at.atwola.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.tacoda.at.atwola.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.at.atwola.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.ar.atwola.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
www.traffective-tracking.net [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
www.traffective-tracking.net [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.im.banner.t-online.de [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
www.zanox-affiliate.de [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.yadro.ru [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.histats.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.myroitracking.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.clicksor.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.clicksor.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.clicksor.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.clicksor.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.histats.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.countomat.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.picadmedia.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.deutschepostag.112.2o7.net [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.im.banner.t-online.de [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.tripod.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.tripod.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.doubleclick.net [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.tracking.quisma.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
tracking.quisma.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
spielerstats.de [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
ad.adition.net [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
ad.adition.net [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
eas.apm.emediate.eu [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.stats.paypal.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.ad.adnet.de [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.ad.adnet.de [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.e-2dj6wgkyukdzkep.stats.esomniture.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.im.banner.t-online.de [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.tracking.quisma.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.kontera.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.tracking.quisma.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.tracking.quisma.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
eas4.emediate.eu [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.admediate.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.adviva.net [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
media.gan-online.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
www.zanox-affiliate.de [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
adserv.quality-channel.de [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.azjmp.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.azjmp.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.mediaplex.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.trafficmp.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.trafficmp.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.aim4media.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.rambler.ru [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.overture.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.overture.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.gametracker.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.ero-advertising.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
ad.zanox.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.traffictrack.de [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.traffictrack.de [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.tto2.traffictrack.de [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
www.usenext.de [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
www.usenext.de [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
www.usenext.de [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
www.usenext.de [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.usenext.de [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.usenext.de [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.viewablemedia.net [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.doubleclick.net [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.amazon-adsystem.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
adserv.quality-channel.de [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.content.yieldmanager.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
studivz.adfarm1.adition.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.zedo.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.yieldmanager.net [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.lucidmedia.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.legolas-media.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.zedo.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.pro-market.net [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.adbrite.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.adbrite.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.mediafire.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.mediafire.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
adserver.ignitad.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
ox-d.yadomedia.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
www.usenext.de [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.zedo.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.zanox-affiliate.de [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.ad.velmedia.net [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.ad.velmedia.net [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.statcounter.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.im.banner.t-online.de [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.ads.pointroll.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.pointroll.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.ads.pointroll.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.pointroll.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.ads.pointroll.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.ads.pointroll.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.ads.pointroll.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.ads.pointroll.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.ads.pointroll.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.ads.pointroll.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.122.2o7.net [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
adserver.ps3m.de [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.viacom.adbureau.net [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.im.banner.t-online.de [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.www.burstnet.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
track.shop2market.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.adbrite.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.pro-market.net [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.adbrite.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.adbrite.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
delivery.way2traffic.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
delivery.way2traffic.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
delivery.way2traffic.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
delivery.way2traffic.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.philips.112.2o7.net [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.mediaplex.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.burstnet.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.burstnet.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
www.burstnet.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
ww251.smartadserver.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
stats.bmw.de [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.tracking.quisma.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.im.banner.t-online.de [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.kantarmedia.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.kantarmedia.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
adx.chip.de [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.questionmarket.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
adx.chip.de [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
adx.chip.de [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
adx.chip.de [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
adx.chip.de [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
adx.chip.de [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
adx.chip.de [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
adx.chip.de [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
adx.chip.de [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.nextag.de [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.nextag.de [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.nextag.de [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.nextag.de [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.nextag.de [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.atdmt.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.atdmt.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.atdmt.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.c1.atdmt.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.interclick.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.interclick.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.interclick.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
sso-de.bestofmedia.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.overture.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
ad.adserver01.de [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
track.adform.net [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.adform.net [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.tracking.quisma.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.bs.serving-sys.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
track.effiliation.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
track.effiliation.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
track.effiliation.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
track.effiliation.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
track.effiliation.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
tracking.mobile.de [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
eas.apm.emediate.eu [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
eas.apm.emediate.eu [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
adfarm1.adition.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.googleads.g.doubleclick.net [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
eas.apm.emediate.eu [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
media.gan-online.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
adserver.ignitad.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
adserver.ignitad.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.tracking.quisma.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.clickfuse.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
ads.motomedia.nl [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.fastclick.net [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
adserv.quality-channel.de [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.doubleclick.net [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.bs.serving-sys.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.traffictrack.de [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.mediaplex.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
ad4.adfarm1.adition.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.tracking.mindshare.de [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.tribalfusion.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.advertising.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.advertising.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.tracking.quisma.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.unitymedia.de [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.unitymedia.de [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.tracking.quisma.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.questionmarket.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
ad1.adfarm1.adition.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
ad2.adfarm1.adition.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
ad.zanox.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
tracking.quisma.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
accounts.youtube.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
accounts.google.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
accounts.google.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
accounts.google.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
ad3.adfarm1.adition.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
www.warez-bb.org [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.ad.yieldmanager.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.ad.yieldmanager.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.ad.yieldmanager.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.warez-bb.org [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.warez-bb.org [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.warez-bb.org [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.nextag.de [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
stats.computecmedia.de [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
.zanox.com [ C:\USERS\START\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MLETPD8X.DEFAULT\COOKIES.SQLITE ]
ESET Log Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=30681a09a98fe9408f0273733e0b969e
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2011-11-07 12:43:46
# local_time=2011-11-07 01:43:46 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1033
# osver=6.1.7600 NT
# compatibility_mode=1797 16775145 100 94 149866 57204891 172385 0
# compatibility_mode=5893 16776573 100 94 4326 72297920 0 0
# compatibility_mode=8192 67108863 100 0 3811 3811 0 0
# scanned=157667
# found=6
# cleaned=0
# scan_time=1756
C:\Users\Start\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\0\237a7000-3ec41f4d multiple threats (unable to clean) 00000000000000000000000000000000 I
C:\Users\Start\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\11\338e794b-1b558cb2 Java/Exploit.Agent.NAO trojan (unable to clean) 00000000000000000000000000000000 I
C:\Users\Start\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\27\5b0c76db-5e9c25b2 multiple threats (unable to clean) 00000000000000000000000000000000 I
C:\Users\Start\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\31\1d4e065f-3e966d9c multiple threats (unable to clean) 00000000000000000000000000000000 I
C:\Users\Start\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\57\14a81db9-35eb6f23 multiple threats (unable to clean) 00000000000000000000000000000000 I
C:\Users\Start\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\60\352c843c-4bbf82c8 Java/TrojanDownloader.OpenStream.NBL trojan (unable to clean) 00000000000000000000000000000000 I
ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=30681a09a98fe9408f0273733e0b969e
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2011-11-08 03:02:30
# local_time=2011-11-08 04:02:30 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1033
# osver=6.1.7600 NT
# compatibility_mode=1797 16775145 100 94 14568 57299660 7314 0
# compatibility_mode=5893 16776573 100 94 4311 72392689 0 0
# compatibility_mode=8192 67108863 100 0 98580 98580 0 0
# scanned=153910
# found=6
# cleaned=0
# scan_time=1710
C:\_OTL\MovedFiles\11072011_141437\C_Users\Start\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\0\237a7000-3ec41f4d multiple threats (unable to clean) 00000000000000000000000000000000 I
C:\_OTL\MovedFiles\11072011_141437\C_Users\Start\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\11\338e794b-1b558cb2 Java/Exploit.Agent.NAO trojan (unable to clean) 00000000000000000000000000000000 I
C:\_OTL\MovedFiles\11072011_141437\C_Users\Start\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\27\5b0c76db-5e9c25b2 multiple threats (unable to clean) 00000000000000000000000000000000 I
C:\_OTL\MovedFiles\11072011_141437\C_Users\Start\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\31\1d4e065f-3e966d9c multiple threats (unable to clean) 00000000000000000000000000000000 I
C:\_OTL\MovedFiles\11072011_141437\C_Users\Start\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\57\14a81db9-35eb6f23 multiple threats (unable to clean) 00000000000000000000000000000000 I
C:\_OTL\MovedFiles\11072011_141437\C_Users\Start\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\60\352c843c-4bbf82c8 Java/TrojanDownloader.OpenStream.NBL trojan (unable to clean) 00000000000000000000000000000000 I
Geändert von El_Chuck (08.11.2011 um 16:19 Uhr) |
|
| Themen zu Security Sphere 2012 - Immer noch Fehler nach Entfernung! |
| anleitung, antivir, datei, datenträgerverwaltung, einstellungen, entfernen, fehler, festplatte, firefox, frage, geblockt, gen, logfiles, malwarebytes, neue, neustart, nicht mehr, nicht öffnen, ordner, reboot, schnell, screenshot, security, sphere, super, system, taskleiste, verschwunden, virus, warum, zugänglich, öffnen |
Linear-Darstellung
