| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Security Shield trojan.lameshieldWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
12.07.2012, 15:07
| #16 |
 |  Security Shield trojan.lameshield Das hat mir OTL nach dem Reboot ausgespuckt: Files\Folders moved on Reboot... PendingFileRenameOperations files... Registry entries deleted on Reboot... |
|
12.07.2012, 15:19
| #17 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Security Shield trojan.lameshield Mehr nicht?
__________________
__________________ |
|
12.07.2012, 15:24
| #18 |
| | Security Shield trojan.lameshield Ne, leider nicht.
__________________OTL hat gearbeitet, dann Reboot und nach dem Reboot die kurze Ausgabe. |
|
12.07.2012, 17:58
| #19 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Security Shield trojan.lameshield Wiederhol den FIx bitte
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
12.07.2012, 18:09
| #20 |
| | Security Shield trojan.lameshield jetzt sah das schon anders aus: Code:
ATTFilter All processes killed
========== OTL ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Restrictions\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDrives not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\ConsentPromptBehaviorAdmin not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\ConsentPromptBehaviorUser not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\PromptOnSecureDesktop not found.
Registry key HKEY_USERS\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel\ not found.
Registry key HKEY_USERS\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel\ not found.
Registry key HKEY_USERS\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel\ not found.
Registry key HKEY_USERS\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel\ not found.
Registry key HKEY_USERS\S-1-5-21-291211984-3754166486-409696321-1001\Software\Policies\Microsoft\Internet Explorer\Control Panel\ not found.
Registry value HKEY_USERS\S-1-5-21-291211984-3754166486-409696321-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDrives not found.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!
File C:\autoexec.bat not found.
File C:\Program Files\prg_e.cfg not found.
Unable to delete ADS C:\Windows:AE5BD8534628327D .
========== COMMANDS ==========
[EMPTYTEMP]
User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: MD
->Temp folder emptied: 9150 bytes
->Temporary Internet Files folder emptied: 366301 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 72521912 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 492 bytes
User: Public
->Temp folder emptied: 0 bytes
User: SYSTEM
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 10408 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 70,00 mb
[EMPTYFLASH]
User: Administrator
->Flash cache emptied: 0 bytes
User: All Users
User: Default
->Flash cache emptied: 0 bytes
User: Default User
->Flash cache emptied: 0 bytes
User: MD
->Flash cache emptied: 0 bytes
User: Public
User: SYSTEM
Total Flash Files Cleaned = 0,00 mb
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
OTL by OldTimer - Version 3.2.54.0 log created on 07122012_190452
Files\Folders moved on Reboot...
PendingFileRenameOperations files...
Registry entries deleted on Reboot...
|
|
12.07.2012, 19:31
| #21 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Security Shield trojan.lameshield Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten Anleitung und Downloadlink hier => http://www.trojaner-board.de/82358-t...entfernen.html Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm! Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet, Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten. Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition (meistens Laufwerk C nach, da speichert der TDSS-Killer seine Logs.Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten! 
__________________ --> Security Shield trojan.lameshield |
|
12.07.2012, 21:10
| #22 |
| | Security Shield trojan.lameshieldCode:
ATTFilter 21:59:39.0498 3604 TDSS rootkit removing tool 2.7.45.0 Jul 9 2012 12:46:35
21:59:39.0591 3604 ============================================================
21:59:39.0591 3604 Current date / time: 2012/07/12 21:59:39.0591
21:59:39.0591 3604 SystemInfo:
21:59:39.0591 3604
21:59:39.0591 3604 OS Version: 6.1.7601 ServicePack: 1.0
21:59:39.0591 3604 Product type: Workstation
21:59:39.0591 3604 ComputerName: MD-LAPTOP
21:59:39.0592 3604 UserName: MD
21:59:39.0592 3604 Windows directory: C:\Windows
21:59:39.0592 3604 System windows directory: C:\Windows
21:59:39.0592 3604 Processor architecture: Intel x86
21:59:39.0592 3604 Number of processors: 2
21:59:39.0592 3604 Page size: 0x1000
21:59:39.0592 3604 Boot type: Normal boot
21:59:39.0592 3604 ============================================================
21:59:41.0343 3604 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
21:59:41.0349 3604 ============================================================
21:59:41.0349 3604 \Device\Harddisk0\DR0:
21:59:41.0349 3604 MBR partitions:
21:59:41.0349 3604 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x2EE000
21:59:41.0349 3604 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0x1BB4E000
21:59:41.0349 3604 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1BE3C800, BlocksNum 0x1388970
21:59:41.0349 3604 ============================================================
21:59:41.0394 3604 C: <-> \Device\Harddisk0\DR0\Partition1
21:59:41.0418 3604 S: <-> \Device\Harddisk0\DR0\Partition0
21:59:41.0474 3604 Q: <-> \Device\Harddisk0\DR0\Partition2
21:59:41.0474 3604 ============================================================
21:59:41.0475 3604 Initialize success
21:59:41.0475 3604 ============================================================
22:02:45.0090 3724 ============================================================
22:02:45.0090 3724 Scan started
22:02:45.0090 3724 Mode: Manual; SigCheck; TDLFS;
22:02:45.0090 3724 ============================================================
22:02:46.0681 3724 1394ohci (1b133875b8aa8ac48969bd3458afe9f5) C:\Windows\system32\drivers\1394ohci.sys
22:02:46.0884 3724 1394ohci - ok
22:02:46.0993 3724 ACPI (cea80c80bed809aa0da6febc04733349) C:\Windows\system32\drivers\ACPI.sys
22:02:47.0040 3724 ACPI - ok
22:02:47.0071 3724 AcpiPmi (1efbc664abff416d1d07db115dcb264f) C:\Windows\system32\drivers\acpipmi.sys
22:02:47.0118 3724 AcpiPmi - ok
22:02:47.0149 3724 AcPrfMgrSvc - ok
22:02:47.0165 3724 AcSvc - ok
22:02:47.0321 3724 AdobeFlashPlayerUpdateSvc (5e1a953c6472e7bb644892a4d0df5e72) C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
22:02:47.0352 3724 AdobeFlashPlayerUpdateSvc - ok
22:02:47.0461 3724 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys
22:02:47.0539 3724 adp94xx - ok
22:02:47.0602 3724 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys
22:02:47.0649 3724 adpahci - ok
22:02:47.0695 3724 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys
22:02:47.0742 3724 adpu320 - ok
22:02:47.0789 3724 AeLookupSvc (8b5eefeec1e6d1a72a06c526628ad161) C:\Windows\System32\aelupsvc.dll
22:02:47.0836 3724 AeLookupSvc - ok
22:02:48.0101 3724 AFD (9ebbba55060f786f0fcaa3893bfa2806) C:\Windows\system32\drivers\afd.sys
22:02:48.0148 3724 AFD - ok
22:02:48.0195 3724 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\drivers\agp440.sys
22:02:48.0241 3724 agp440 - ok
22:02:48.0288 3724 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys
22:02:48.0335 3724 aic78xx - ok
22:02:48.0397 3724 ALG (18a54e132947cd98fea9accc57f98f13) C:\Windows\System32\alg.exe
22:02:48.0444 3724 ALG - ok
22:02:48.0460 3724 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\drivers\aliide.sys
22:02:48.0491 3724 aliide - ok
22:02:48.0538 3724 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\drivers\amdagp.sys
22:02:48.0585 3724 amdagp - ok
22:02:48.0600 3724 amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\drivers\amdide.sys
22:02:48.0631 3724 amdide - ok
22:02:48.0647 3724 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys
22:02:48.0694 3724 AmdK8 - ok
22:02:48.0709 3724 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys
22:02:48.0741 3724 AmdPPM - ok
22:02:48.0803 3724 amdsata (d320bf87125326f996d4904fe24300fc) C:\Windows\system32\drivers\amdsata.sys
22:02:48.0850 3724 amdsata - ok
22:02:48.0912 3724 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys
22:02:48.0959 3724 amdsbs - ok
22:02:48.0990 3724 amdxata (46387fb17b086d16dea267d5be23a2f2) C:\Windows\system32\drivers\amdxata.sys
22:02:49.0021 3724 amdxata - ok
22:02:49.0146 3724 AntiVirSchedulerService (466a0d95960dad3222c896d2cea99993) C:\Program Files\Avira\AntiVir Desktop\sched.exe
22:02:49.0193 3724 AntiVirSchedulerService - ok
22:02:49.0255 3724 AntiVirService (a489be6bb0aa1ff406b488b60542314b) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
22:02:49.0287 3724 AntiVirService - ok
22:02:49.0349 3724 AppID (aea177f783e20150ace5383ee368da19) C:\Windows\system32\drivers\appid.sys
22:02:49.0411 3724 AppID - ok
22:02:49.0474 3724 AppIDSvc (62a9c86cb6085e20db4823e4e97826f5) C:\Windows\System32\appidsvc.dll
22:02:49.0536 3724 AppIDSvc - ok
22:02:49.0583 3724 Appinfo (fb1959012294d6ad43e5304df65e3c26) C:\Windows\System32\appinfo.dll
22:02:49.0645 3724 Appinfo - ok
22:02:49.0723 3724 AppMgmt (a45d184df6a8803da13a0b329517a64a) C:\Windows\System32\appmgmts.dll
22:02:49.0755 3724 AppMgmt - ok
22:02:49.0817 3724 arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys
22:02:49.0864 3724 arc - ok
22:02:49.0895 3724 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys
22:02:49.0942 3724 arcsas - ok
22:02:50.0035 3724 ASLDRService (ad699abb71c9bea804d5fe02cc32708b) C:\Program Files\Lenovo\ATK Hotkey\ASLDRSrv.exe
22:02:50.0051 3724 ASLDRService ( UnsignedFile.Multi.Generic ) - warning
22:02:50.0051 3724 ASLDRService - detected UnsignedFile.Multi.Generic (1)
22:02:50.0082 3724 ASMMAP (7b4d08d2017ac06689d422e06c43f0aa) C:\Program Files\Lenovo\ATK Hotkey\ASMMAP.sys
22:02:50.0223 3724 ASMMAP - ok
22:02:50.0457 3724 aspnet_state (776acefa0ca9df0faa51a5fb2f435705) C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
22:02:50.0519 3724 aspnet_state - ok
22:02:50.0566 3724 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys
22:02:50.0628 3724 AsyncMac - ok
22:02:50.0675 3724 atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\drivers\atapi.sys
22:02:50.0706 3724 atapi - ok
22:02:50.0769 3724 ATKGFNEXSrv (f62ca1881d057a98ab8c4ba2020d3d0e) C:\Program Files\Lenovo\ATK Hotkey\GFNEXSrv.exe
22:02:50.0769 3724 ATKGFNEXSrv ( UnsignedFile.Multi.Generic ) - warning
22:02:50.0769 3724 ATKGFNEXSrv - detected UnsignedFile.Multi.Generic (1)
22:02:50.0862 3724 AudioEndpointBuilder (ce3b4e731638d2ef62fcb419be0d39f0) C:\Windows\System32\Audiosrv.dll
22:02:50.0940 3724 AudioEndpointBuilder - ok
22:02:50.0956 3724 Audiosrv (ce3b4e731638d2ef62fcb419be0d39f0) C:\Windows\System32\Audiosrv.dll
22:02:51.0034 3724 Audiosrv - ok
22:02:51.0112 3724 avgntflt (d5541f0afb767e85fc412fc609d96a74) C:\Windows\system32\DRIVERS\avgntflt.sys
22:02:51.0143 3724 avgntflt - ok
22:02:51.0205 3724 avipbb (7d967a682d4694df7fa57d63a2db01fe) C:\Windows\system32\DRIVERS\avipbb.sys
22:02:51.0237 3724 avipbb - ok
22:02:51.0268 3724 avkmgr (271cfd1a989209b1964e24d969552bf7) C:\Windows\system32\DRIVERS\avkmgr.sys
22:02:51.0299 3724 avkmgr - ok
22:02:51.0361 3724 avmaudio (728c4a6c722535c16d1025f51aa31e22) C:\Windows\system32\DRIVERS\avmaudio.sys
22:02:51.0408 3724 avmaudio - ok
22:02:51.0455 3724 AVMUNET (980f4c96c73c61cc6fcf657a721b35d3) C:\Windows\system32\DRIVERS\avmunet.sys
22:02:51.0502 3724 AVMUNET - ok
22:02:51.0564 3724 AxInstSV (6e30d02aac9cac84f421622e3a2f6178) C:\Windows\System32\AxInstSV.dll
22:02:51.0611 3724 AxInstSV - ok
22:02:51.0705 3724 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys
22:02:51.0767 3724 b06bdrv - ok
22:02:51.0845 3724 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys
22:02:51.0892 3724 b57nd60x - ok
22:02:51.0985 3724 BDESVC (ee1e9c3bb8228ae423dd38db69128e71) C:\Windows\System32\bdesvc.dll
22:02:52.0032 3724 BDESVC - ok
22:02:52.0063 3724 Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys
22:02:52.0126 3724 Beep - ok
22:02:52.0235 3724 BFE (1e2bac209d184bb851e1a187d8a29136) C:\Windows\System32\bfe.dll
22:02:52.0313 3724 BFE - ok
22:02:52.0422 3724 BITS (e585445d5021971fae10393f0f1c3961) C:\Windows\system32\qmgr.dll
22:02:52.0516 3724 BITS - ok
22:02:52.0531 3724 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys
22:02:52.0563 3724 blbdrive - ok
22:02:52.0594 3724 bowser (8f2da3028d5fcbd1a060a3de64cd6506) C:\Windows\system32\DRIVERS\bowser.sys
22:02:52.0641 3724 bowser - ok
22:02:52.0656 3724 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys
22:02:52.0703 3724 BrFiltLo - ok
22:02:52.0719 3724 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys
22:02:52.0750 3724 BrFiltUp - ok
22:02:52.0812 3724 Browser (6e11f33d14d020f58d5e02e4d67dfa19) C:\Windows\System32\browser.dll
22:02:52.0875 3724 Browser - ok
22:02:52.0906 3724 Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys
22:02:52.0968 3724 Brserid - ok
22:02:52.0999 3724 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys
22:02:53.0031 3724 BrSerWdm - ok
22:02:53.0077 3724 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys
22:02:53.0109 3724 BrUsbMdm - ok
22:02:53.0140 3724 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys
22:02:53.0171 3724 BrUsbSer - ok
22:02:53.0218 3724 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys
22:02:53.0249 3724 BTHMODEM - ok
22:02:53.0327 3724 bthserv (1df19c96eef6c29d1c3e1a8678e07190) C:\Windows\system32\bthserv.dll
22:02:53.0405 3724 bthserv - ok
22:02:53.0530 3724 catchme - ok
22:02:53.0592 3724 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys
22:02:53.0670 3724 cdfs - ok
22:02:53.0748 3724 cdrom (be167ed0fdb9c1fa1133953c18d5a6c9) C:\Windows\system32\DRIVERS\cdrom.sys
22:02:53.0779 3724 cdrom - ok
22:02:53.0873 3724 CertPropSvc (319c6b309773d063541d01df8ac6f55f) C:\Windows\System32\certprop.dll
22:02:53.0935 3724 CertPropSvc - ok
22:02:53.0951 3724 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys
22:02:53.0998 3724 circlass - ok
22:02:54.0076 3724 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys
22:02:54.0123 3724 CLFS - ok
22:02:54.0232 3724 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
22:02:54.0279 3724 clr_optimization_v2.0.50727_32 - ok
22:02:54.0357 3724 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
22:02:54.0403 3724 clr_optimization_v4.0.30319_32 - ok
22:02:54.0435 3724 CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys
22:02:54.0481 3724 CmBatt - ok
22:02:54.0513 3724 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\drivers\cmdide.sys
22:02:54.0544 3724 cmdide - ok
22:02:54.0606 3724 CNG (247b4ce2dab1160cd422d532d5241e1f) C:\Windows\system32\Drivers\cng.sys
22:02:54.0684 3724 CNG - ok
22:02:54.0715 3724 Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys
22:02:54.0747 3724 Compbatt - ok
22:02:54.0778 3724 CompositeBus (cbe8c58a8579cfe5fccf809e6f114e89) C:\Windows\system32\drivers\CompositeBus.sys
22:02:54.0809 3724 CompositeBus - ok
22:02:54.0840 3724 COMSysApp - ok
22:02:54.0871 3724 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys
22:02:54.0903 3724 crcdisk - ok
22:02:54.0981 3724 CryptSvc (06e771aa596b8761107ab57e99f128d7) C:\Windows\system32\cryptsvc.dll
22:02:55.0027 3724 CryptSvc - ok
22:02:55.0137 3724 CSC (3c2177a897b4ca2788c6fb0c3fd81d4b) C:\Windows\system32\drivers\csc.sys
22:02:55.0183 3724 CSC - ok
22:02:55.0308 3724 CscService (15f93b37f6801943360d9eb42485d5d3) C:\Windows\System32\cscsvc.dll
22:02:55.0371 3724 CscService - ok
22:02:55.0417 3724 CVirtA (b5ecadf7708960f1818c7fa015f4c239) C:\Windows\system32\DRIVERS\CVirtA.sys
22:02:55.0480 3724 CVirtA - ok
22:02:55.0558 3724 CVPND - ok
22:02:55.0636 3724 CVPNDRVA (1c2999966f0f36aa44eaecbee70cf770) C:\Windows\system32\Drivers\CVPNDRVA.sys
22:02:55.0667 3724 CVPNDRVA ( UnsignedFile.Multi.Generic ) - warning
22:02:55.0683 3724 CVPNDRVA - detected UnsignedFile.Multi.Generic (1)
22:02:55.0761 3724 DcomLaunch (7660f01d3b38aca1747e397d21d790af) C:\Windows\system32\rpcss.dll
22:02:55.0839 3724 DcomLaunch - ok
22:02:55.0917 3724 defragsvc (8d6e10a2d9a5eed59562d9b82cf804e1) C:\Windows\System32\defragsvc.dll
22:02:55.0995 3724 defragsvc - ok
22:02:56.0041 3724 DfsC (f024449c97ec1e464aaffda18593db88) C:\Windows\system32\Drivers\dfsc.sys
22:02:56.0104 3724 DfsC - ok
22:02:56.0119 3724 DgiVecp - ok
22:02:56.0197 3724 Dhcp (e9e01eb683c132f7fa27cd607b8a2b63) C:\Windows\system32\dhcpcore.dll
22:02:56.0275 3724 Dhcp - ok
22:02:56.0307 3724 discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys
22:02:56.0385 3724 discache - ok
22:02:56.0416 3724 Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys
22:02:56.0463 3724 Disk - ok
22:02:56.0509 3724 DNE (7b4fdfbe97c047175e613aa96f3de987) C:\Windows\system32\DRIVERS\dne2000.sys
22:02:56.0541 3724 DNE - ok
22:02:56.0587 3724 Dnscache (33ef4861f19a0736b11314aad9ae28d0) C:\Windows\System32\dnsrslvr.dll
22:02:56.0634 3724 Dnscache - ok
22:02:56.0681 3724 dot3svc (366ba8fb4b7bb7435e3b9eacb3843f67) C:\Windows\System32\dot3svc.dll
22:02:56.0759 3724 dot3svc - ok
22:02:56.0837 3724 dot4 (b5e479eb83707dd698f66953e922042c) C:\Windows\system32\DRIVERS\Dot4.sys
22:02:56.0884 3724 dot4 - ok
22:02:56.0962 3724 Dot4Print (caefd09b6a6249c53a67d55a9a9fcabf) C:\Windows\system32\drivers\Dot4Prt.sys
22:02:56.0993 3724 Dot4Print - ok
22:02:57.0024 3724 Dot4Scan (9f7de667c505ce6500becdd8e11644d7) C:\Windows\system32\DRIVERS\Dot4Scan.sys
22:02:57.0055 3724 Dot4Scan - ok
22:02:57.0087 3724 dot4usb (cf491ff38d62143203c065260567e2f7) C:\Windows\system32\DRIVERS\dot4usb.sys
22:02:57.0118 3724 dot4usb - ok
22:02:57.0165 3724 DPS (8ec04ca86f1d68da9e11952eb85973d6) C:\Windows\system32\dps.dll
22:02:57.0243 3724 DPS - ok
22:02:57.0289 3724 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys
22:02:57.0321 3724 drmkaud - ok
22:02:57.0414 3724 DXGKrnl (23f5d28378a160352ba8f817bd8c71cb) C:\Windows\System32\drivers\dxgkrnl.sys
22:02:57.0477 3724 DXGKrnl - ok
22:02:57.0539 3724 EapHost (8600142fa91c1b96367d3300ad0f3f3a) C:\Windows\System32\eapsvc.dll
22:02:57.0617 3724 EapHost - ok
22:02:57.0976 3724 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys
22:02:58.0147 3724 ebdrv - ok
22:02:58.0397 3724 EFS (81951f51e318aecc2d68559e47485cc4) C:\Windows\System32\lsass.exe
22:02:58.0444 3724 EFS - ok
22:02:58.0600 3724 ehRecvr (a8c362018efc87beb013ee28f29c0863) C:\Windows\ehome\ehRecvr.exe
22:02:58.0647 3724 ehRecvr - ok
22:02:58.0709 3724 ehSched (d389bff34f80caede417bf9d1507996a) C:\Windows\ehome\ehsched.exe
22:02:58.0740 3724 ehSched - ok
22:02:58.0896 3724 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys
22:02:58.0943 3724 elxstor - ok
22:02:58.0990 3724 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\drivers\errdev.sys
22:02:59.0021 3724 ErrDev - ok
22:02:59.0099 3724 EventSystem (f6916efc29d9953d5d0df06882ae8e16) C:\Windows\system32\es.dll
22:02:59.0193 3724 EventSystem - ok
22:02:59.0224 3724 exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys
22:02:59.0302 3724 exfat - ok
22:02:59.0333 3724 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys
22:02:59.0411 3724 fastfat - ok
22:02:59.0505 3724 Fax (967ea5b213e9984cbe270205df37755b) C:\Windows\system32\fxssvc.exe
22:02:59.0583 3724 Fax - ok
22:02:59.0598 3724 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys
22:02:59.0629 3724 fdc - ok
22:02:59.0645 3724 fdPHost (f3222c893bd2f5821a0179e5c71e88fb) C:\Windows\system32\fdPHost.dll
22:02:59.0723 3724 fdPHost - ok
22:02:59.0739 3724 FDResPub (7dbe8cbfe79efbdeb98c9fb08d3a9a5b) C:\Windows\system32\fdrespub.dll
22:02:59.0801 3724 FDResPub - ok
22:02:59.0832 3724 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys
22:02:59.0863 3724 FileInfo - ok
22:02:59.0895 3724 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys
22:02:59.0957 3724 Filetrace - ok
22:03:00.0129 3724 FLEXnet Licensing Service (f76d04f7413b07daa029f6520b64b4e8) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
22:03:00.0191 3724 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - warning
22:03:00.0191 3724 FLEXnet Licensing Service - detected UnsignedFile.Multi.Generic (1)
22:03:00.0222 3724 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys
22:03:00.0253 3724 flpydisk - ok
22:03:00.0316 3724 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys
22:03:00.0347 3724 FltMgr - ok
22:03:00.0487 3724 FontCache (b3a5ec6b6b6673db7e87c2bcdbddc074) C:\Windows\system32\FntCache.dll
22:03:00.0581 3724 FontCache - ok
22:03:00.0706 3724 FontCache3.0.0.0 (e56f39f6b7fda0ac77a79b0fd3de1a2f) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
22:03:00.0737 3724 FontCache3.0.0.0 - ok
22:03:00.0784 3724 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys
22:03:00.0831 3724 FsDepends - ok
22:03:00.0862 3724 Fs_Rec (7dae5ebcc80e45d3253f4923dc424d05) C:\Windows\system32\drivers\Fs_Rec.sys
22:03:00.0909 3724 Fs_Rec - ok
22:03:00.0971 3724 fvevol (8a73e79089b282100b9393b644cb853b) C:\Windows\system32\DRIVERS\fvevol.sys
22:03:01.0018 3724 fvevol - ok
22:03:01.0049 3724 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys
22:03:01.0096 3724 gagp30kx - ok
22:03:01.0143 3724 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
22:03:01.0174 3724 GEARAspiWDM - ok
22:03:01.0283 3724 gpsvc (e897eaf5ed6ba41e081060c9b447a673) C:\Windows\System32\gpsvc.dll
22:03:01.0361 3724 gpsvc - ok
22:03:01.0392 3724 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys
22:03:01.0439 3724 hcw85cir - ok
22:03:01.0517 3724 HdAudAddService (a5ef29d5315111c80a5c1abad14c8972) C:\Windows\system32\drivers\HdAudio.sys
22:03:01.0564 3724 HdAudAddService - ok
22:03:01.0642 3724 HDAudBus (9036377b8a6c15dc2eec53e489d159b5) C:\Windows\system32\drivers\HDAudBus.sys
22:03:01.0689 3724 HDAudBus - ok
22:03:01.0704 3724 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys
22:03:01.0735 3724 HidBatt - ok
22:03:01.0782 3724 HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys
22:03:01.0829 3724 HidBth - ok
22:03:01.0860 3724 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys
22:03:01.0907 3724 HidIr - ok
22:03:01.0938 3724 hidserv (2bc6f6a1992b3a77f5f41432ca6b3b6b) C:\Windows\System32\hidserv.dll
22:03:02.0016 3724 hidserv - ok
22:03:02.0063 3724 HidUsb (10c19f8290891af023eaec0832e1eb4d) C:\Windows\system32\DRIVERS\hidusb.sys
22:03:02.0094 3724 HidUsb - ok
22:03:02.0141 3724 hkmsvc (196b4e3f4cccc24af836ce58facbb699) C:\Windows\system32\kmsvc.dll
22:03:02.0203 3724 hkmsvc - ok
22:03:02.0266 3724 HomeGroupListener (6658f4404de03d75fe3ba09f7aba6a30) C:\Windows\system32\ListSvc.dll
22:03:02.0328 3724 HomeGroupListener - ok
22:03:02.0391 3724 HomeGroupProvider (dbc02d918fff1cad628acbe0c0eaa8e8) C:\Windows\system32\provsvc.dll
22:03:02.0422 3724 HomeGroupProvider - ok
22:03:02.0484 3724 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\drivers\HpSAMD.sys
22:03:02.0531 3724 HpSAMD - ok
22:03:02.0656 3724 HTTP (871917b07a141bff43d76d8844d48106) C:\Windows\system32\drivers\HTTP.sys
22:03:02.0734 3724 HTTP - ok
22:03:02.0796 3724 hwdatacard - ok
22:03:02.0843 3724 hwpolicy (0c4e035c7f105f1299258c90886c64c5) C:\Windows\system32\drivers\hwpolicy.sys
22:03:02.0874 3724 hwpolicy - ok
22:03:02.0952 3724 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\drivers\i8042prt.sys
22:03:02.0983 3724 i8042prt - ok
22:03:03.0077 3724 iaStorV (5cd5f9a5444e6cdcb0ac89bd62d8b76e) C:\Windows\system32\drivers\iaStorV.sys
22:03:03.0139 3724 iaStorV - ok
22:03:03.0202 3724 IBMPMDRV (4a8ab38fdf3649c1fe3e9d16bf79927d) C:\Windows\system32\DRIVERS\ibmpmdrv.sys
22:03:03.0233 3724 IBMPMDRV - ok
22:03:03.0264 3724 IBMPMSVC (bb5cb196922c9f57598ae98c036de246) C:\Windows\system32\ibmpmsvc.exe
22:03:03.0280 3724 IBMPMSVC - ok
22:03:03.0561 3724 idsvc (c521d7eb6497bb1af6afa89e322fb43c) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
22:03:03.0623 3724 idsvc - ok
22:03:04.0965 3724 igfx (8266ae06df974e5ba047b3e9e9e70b3f) C:\Windows\system32\DRIVERS\igdkmd32.sys
22:03:05.0479 3724 igfx - ok
22:03:05.0760 3724 iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys
22:03:05.0791 3724 iirsp - ok
22:03:05.0963 3724 IKEEXT (f95622f161474511b8d80d6b093aa610) C:\Windows\System32\ikeext.dll
22:03:06.0057 3724 IKEEXT - ok
22:03:06.0103 3724 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\drivers\intelide.sys
22:03:06.0135 3724 intelide - ok
22:03:06.0166 3724 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys
22:03:06.0213 3724 intelppm - ok
22:03:06.0275 3724 IPBusEnum (acb364b9075a45c0736e5c47be5cae19) C:\Windows\system32\ipbusenum.dll
22:03:06.0337 3724 IPBusEnum - ok
22:03:06.0369 3724 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys
22:03:06.0431 3724 IpFilterDriver - ok
22:03:06.0493 3724 iphlpsvc (4d65a07b795d6674312f879d09aa7663) C:\Windows\System32\iphlpsvc.dll
22:03:06.0587 3724 iphlpsvc - ok
22:03:06.0618 3724 IPMIDRV (4bd7134618c1d2a27466a099062547bf) C:\Windows\system32\drivers\IPMIDrv.sys
22:03:06.0665 3724 IPMIDRV - ok
22:03:06.0681 3724 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys
22:03:06.0759 3724 IPNAT - ok
22:03:06.0993 3724 iPod Service (33642c17c232aa272c68e446a2619899) C:\Program Files\iPod\bin\iPodService.exe
22:03:07.0071 3724 iPod Service - ok
22:03:07.0086 3724 IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys
22:03:07.0133 3724 IRENUM - ok
22:03:07.0180 3724 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\drivers\isapnp.sys
22:03:07.0211 3724 isapnp - ok
22:03:07.0273 3724 iScsiPrt (cb7a9abb12b8415bce5d74994c7ba3ae) C:\Windows\system32\drivers\msiscsi.sys
22:03:07.0336 3724 iScsiPrt - ok
22:03:07.0383 3724 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\drivers\kbdclass.sys
22:03:07.0414 3724 kbdclass - ok
22:03:07.0461 3724 kbdhid (9e3ced91863e6ee98c24794d05e27a71) C:\Windows\system32\drivers\kbdhid.sys
22:03:07.0507 3724 kbdhid - ok
22:03:07.0539 3724 KeyIso (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
22:03:07.0585 3724 KeyIso - ok
22:03:07.0632 3724 KSecDD (b7895b4182c0d16f6efadeb8081e8d36) C:\Windows\system32\Drivers\ksecdd.sys
22:03:07.0679 3724 KSecDD - ok
22:03:07.0726 3724 KSecPkg (d30159ac9237519fbc62c6ec247d2d46) C:\Windows\system32\Drivers\ksecpkg.sys
22:03:07.0773 3724 KSecPkg - ok
22:03:07.0819 3724 KtmRm (89a7b9cc98d0d80c6f31b91c0a310fcd) C:\Windows\system32\msdtckrm.dll
22:03:07.0913 3724 KtmRm - ok
22:03:07.0960 3724 LanmanServer (d64af876d53eca3668bb97b51b4e70ab) C:\Windows\System32\srvsvc.dll
22:03:08.0038 3724 LanmanServer - ok
22:03:08.0085 3724 LanmanWorkstation (58405e4f68ba8e4057c6e914f326aba2) C:\Windows\System32\wkssvc.dll
22:03:08.0163 3724 LanmanWorkstation - ok
22:03:08.0334 3724 LFKAS (270723e97ca3b26b82700dc02f082c9f) C:\Program Files\Lenovo\ATK Hotkey\LFKAS.exe
22:03:08.0350 3724 LFKAS ( UnsignedFile.Multi.Generic ) - warning
22:03:08.0350 3724 LFKAS - detected UnsignedFile.Multi.Generic (1)
22:03:08.0397 3724 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys
22:03:08.0475 3724 lltdio - ok
22:03:08.0537 3724 lltdsvc (5700673e13a2117fa3b9020c852c01e2) C:\Windows\System32\lltdsvc.dll
22:03:08.0615 3724 lltdsvc - ok
22:03:08.0631 3724 lmhosts (55ca01ba19d0006c8f2639b6c045e08b) C:\Windows\System32\lmhsvc.dll
22:03:08.0709 3724 lmhosts - ok
22:03:08.0755 3724 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys
22:03:08.0787 3724 LSI_FC - ok
22:03:08.0818 3724 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys
22:03:08.0849 3724 LSI_SAS - ok
22:03:08.0880 3724 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys
22:03:08.0911 3724 LSI_SAS2 - ok
22:03:08.0943 3724 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys
22:03:08.0989 3724 LSI_SCSI - ok
22:03:09.0036 3724 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys
22:03:09.0099 3724 luafv - ok
22:03:09.0223 3724 lxdoCATSCustConnectService (51836e7cf12f174527a6a6232ff3767b) C:\Windows\system32\spool\DRIVERS\W32X86\3\\lxdoserv.exe
22:03:09.0270 3724 lxdoCATSCustConnectService - ok
22:03:09.0286 3724 lxdo_device - ok
22:03:09.0364 3724 MBAMProtector (fb097bbc1a18f044bd17bd2fccf97865) C:\Windows\system32\drivers\mbam.sys
22:03:09.0395 3724 MBAMProtector - ok
22:03:09.0551 3724 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
22:03:09.0598 3724 MBAMService - ok
22:03:09.0660 3724 Mcx2Svc (bfb9ee8ee977efe85d1a3105abef6dd1) C:\Windows\system32\Mcx2Svc.dll
22:03:09.0707 3724 Mcx2Svc - ok
22:03:09.0738 3724 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys
22:03:09.0785 3724 megasas - ok
22:03:09.0832 3724 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys
22:03:09.0879 3724 MegaSR - ok
22:03:09.0910 3724 MMCSS (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll
22:03:09.0988 3724 MMCSS - ok
22:03:09.0988 3724 Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys
22:03:10.0066 3724 Modem - ok
22:03:10.0097 3724 monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys
22:03:10.0144 3724 monitor - ok
22:03:10.0175 3724 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\drivers\mouclass.sys
22:03:10.0206 3724 mouclass - ok
22:03:10.0222 3724 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys
22:03:10.0253 3724 mouhid - ok
22:03:10.0300 3724 mountmgr (fc8771f45ecccfd89684e38842539b9b) C:\Windows\system32\drivers\mountmgr.sys
22:03:10.0347 3724 mountmgr - ok
22:03:10.0471 3724 MozillaMaintenance (15d5398eed42c2504bb3d4fc875c15d1) C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
22:03:10.0503 3724 MozillaMaintenance - ok
22:03:10.0549 3724 mpio (2d699fb6e89ce0d8da14ecc03b3edfe0) C:\Windows\system32\drivers\mpio.sys
22:03:10.0581 3724 mpio - ok
22:03:10.0612 3724 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys
22:03:10.0674 3724 mpsdrv - ok
22:03:10.0752 3724 MpsSvc (9835584e999d25004e1ee8e5f3e3b881) C:\Windows\system32\mpssvc.dll
22:03:10.0846 3724 MpsSvc - ok
22:03:10.0893 3724 MRxDAV (ceb46ab7c01c9f825f8cc6babc18166a) C:\Windows\system32\drivers\mrxdav.sys
22:03:10.0939 3724 MRxDAV - ok
22:03:10.0986 3724 mrxsmb (5d16c921e3671636c0eba3bbaac5fd25) C:\Windows\system32\DRIVERS\mrxsmb.sys
22:03:11.0033 3724 mrxsmb - ok
22:03:11.0080 3724 mrxsmb10 (6d17a4791aca19328c685d256349fefc) C:\Windows\system32\DRIVERS\mrxsmb10.sys
22:03:11.0127 3724 mrxsmb10 - ok
22:03:11.0158 3724 mrxsmb20 (b81f204d146000be76651a50670a5e9e) C:\Windows\system32\DRIVERS\mrxsmb20.sys
22:03:11.0189 3724 mrxsmb20 - ok
22:03:11.0236 3724 msahci (012c5f4e9349e711e11e0f19a8589f0a) C:\Windows\system32\drivers\msahci.sys
22:03:11.0267 3724 msahci - ok
22:03:11.0314 3724 msdsm (55055f8ad8be27a64c831322a780a228) C:\Windows\system32\drivers\msdsm.sys
22:03:11.0361 3724 msdsm - ok
22:03:11.0423 3724 MSDTC (e1bce74a3bd9902b72599c0192a07e27) C:\Windows\System32\msdtc.exe
22:03:11.0470 3724 MSDTC - ok
22:03:11.0532 3724 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys
22:03:11.0595 3724 Msfs - ok
22:03:11.0626 3724 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys
22:03:11.0688 3724 mshidkmdf - ok
22:03:11.0735 3724 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\drivers\msisadrv.sys
22:03:11.0766 3724 msisadrv - ok
22:03:11.0813 3724 MSiSCSI (90f7d9e6b6f27e1a707d4a297f077828) C:\Windows\system32\iscsiexe.dll
22:03:11.0891 3724 MSiSCSI - ok
22:03:11.0907 3724 msiserver - ok
22:03:11.0938 3724 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys
22:03:12.0016 3724 MSKSSRV - ok
22:03:12.0031 3724 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys
22:03:12.0094 3724 MSPCLOCK - ok
22:03:12.0109 3724 MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys
22:03:12.0187 3724 MSPQM - ok
22:03:12.0219 3724 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys
22:03:12.0265 3724 MsRPC - ok
22:03:12.0297 3724 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\drivers\mssmbios.sys
22:03:12.0328 3724 mssmbios - ok
22:03:12.0343 3724 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys
22:03:12.0421 3724 MSTEE - ok
22:03:12.0437 3724 MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys
22:03:12.0468 3724 MTConfig - ok
22:03:12.0515 3724 MTsensor32 (648cbe572ffe978bf33b8d7e60ac441b) C:\Windows\system32\DRIVERS\PuAcpi32.sys
22:03:12.0546 3724 MTsensor32 - ok
22:03:12.0562 3724 Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys
22:03:12.0593 3724 Mup - ok
22:03:12.0671 3724 MySQL - ok
22:03:12.0733 3724 NalServ (ac051ef24e4bfd010651dbc83e4e9470) C:\Windows\system32\nalserv.exe
22:03:12.0749 3724 NalServ ( UnsignedFile.Multi.Generic ) - warning
22:03:12.0749 3724 NalServ - detected UnsignedFile.Multi.Generic (1)
22:03:12.0827 3724 napagent (61d57a5d7c6d9afe10e77dae6e1b445e) C:\Windows\system32\qagentRT.dll
22:03:12.0905 3724 napagent - ok
22:03:12.0983 3724 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys
22:03:13.0030 3724 NativeWifiP - ok
22:03:13.0123 3724 NDIS (e7c54812a2aaf43316eb6930c1ffa108) C:\Windows\system32\drivers\ndis.sys
22:03:13.0186 3724 NDIS - ok
22:03:13.0233 3724 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys
22:03:13.0295 3724 NdisCap - ok
22:03:13.0326 3724 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys
22:03:13.0389 3724 NdisTapi - ok
22:03:13.0435 3724 Ndisuio (d8a65dafb3eb41cbb622745676fcd072) C:\Windows\system32\DRIVERS\ndisuio.sys
22:03:13.0498 3724 Ndisuio - ok
22:03:13.0545 3724 NdisWan (38fbe267e7e6983311179230facb1017) C:\Windows\system32\DRIVERS\ndiswan.sys
22:03:13.0623 3724 NdisWan - ok
22:03:13.0654 3724 NDProxy (a4bdc541e69674fbff1a8ff00be913f2) C:\Windows\system32\drivers\NDProxy.sys
22:03:13.0716 3724 NDProxy - ok
22:03:13.0732 3724 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys
22:03:13.0810 3724 NetBIOS - ok
22:03:13.0857 3724 NetBT (280122ddcf04b378edd1ad54d71c1e54) C:\Windows\system32\DRIVERS\netbt.sys
22:03:13.0919 3724 NetBT - ok
22:03:13.0966 3724 Netlogon (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
22:03:13.0997 3724 Netlogon - ok
22:03:14.0091 3724 Netman (7cccfca7510684768da22092d1fa4db2) C:\Windows\System32\netman.dll
22:03:14.0169 3724 Netman - ok
22:03:14.0325 3724 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
22:03:14.0371 3724 NetMsmqActivator - ok
22:03:14.0371 3724 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
22:03:14.0403 3724 NetPipeActivator - ok
22:03:14.0449 3724 netprofm (8c338238c16777a802d6a9211eb2ba50) C:\Windows\System32\netprofm.dll
22:03:14.0543 3724 netprofm - ok
22:03:14.0543 3724 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
22:03:14.0574 3724 NetTcpActivator - ok
22:03:14.0590 3724 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
22:03:14.0621 3724 NetTcpPortSharing - ok
22:03:15.0541 3724 NETw5s32 (ef51b405ad8acaae6f0231290d20f516) C:\Windows\system32\DRIVERS\NETw5s32.sys
22:03:15.0838 3724 NETw5s32 - ok
22:03:16.0696 3724 netw5v32 (58218ec6b61b1169cf54aab0d00f5fe2) C:\Windows\system32\DRIVERS\netw5v32.sys
22:03:16.0914 3724 netw5v32 - ok
22:03:17.0211 3724 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys
22:03:17.0257 3724 nfrd960 - ok
22:03:17.0320 3724 NlaSvc (912084381d30d8b89ec4e293053f4710) C:\Windows\System32\nlasvc.dll
22:03:17.0398 3724 NlaSvc - ok
22:03:17.0476 3724 nlsX86cc (b1ef4686961986dffb7fe8f18e6fcb5b) C:\Windows\system32\nlssrv32.exe
22:03:17.0507 3724 nlsX86cc - ok
22:03:17.0523 3724 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys
22:03:17.0601 3724 Npfs - ok
22:03:17.0647 3724 nsi (ba387e955e890c8a88306d9b8d06bf17) C:\Windows\system32\nsisvc.dll
22:03:17.0710 3724 nsi - ok
22:03:17.0725 3724 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys
22:03:17.0803 3724 nsiproxy - ok
22:03:17.0928 3724 Ntfs (81189c3d7763838e55c397759d49007a) C:\Windows\system32\drivers\Ntfs.sys
22:03:18.0037 3724 Ntfs - ok
22:03:18.0240 3724 Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys
22:03:18.0318 3724 Null - ok
22:03:18.0381 3724 nvraid (b3e25ee28883877076e0e1ff877d02e0) C:\Windows\system32\drivers\nvraid.sys
22:03:18.0427 3724 nvraid - ok
22:03:18.0490 3724 nvstor (4380e59a170d88c4f1022eff6719a8a4) C:\Windows\system32\drivers\nvstor.sys
22:03:18.0552 3724 nvstor - ok
22:03:18.0583 3724 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\drivers\nv_agp.sys
22:03:18.0630 3724 nv_agp - ok
22:03:18.0817 3724 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
22:03:18.0880 3724 odserv - ok
22:03:18.0927 3724 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\drivers\ohci1394.sys
22:03:18.0973 3724 ohci1394 - ok
22:03:19.0036 3724 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
22:03:19.0067 3724 ose - ok
22:03:19.0161 3724 p2pimsvc (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll
22:03:19.0207 3724 p2pimsvc - ok
22:03:19.0285 3724 p2psvc (59c3ddd501e39e006dac31bf55150d91) C:\Windows\system32\p2psvc.dll
22:03:19.0332 3724 p2psvc - ok
22:03:19.0395 3724 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys
22:03:19.0426 3724 Parport - ok
22:03:19.0488 3724 partmgr (3f34a1b4c5f6475f320c275e63afce9b) C:\Windows\system32\drivers\partmgr.sys
22:03:19.0519 3724 partmgr - ok
22:03:19.0535 3724 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys
22:03:19.0566 3724 Parvdm - ok
22:03:19.0597 3724 PcaSvc (358ab7956d3160000726574083dfc8a6) C:\Windows\System32\pcasvc.dll
22:03:19.0644 3724 PcaSvc - ok
22:03:19.0707 3724 pccsmcfd (fd2041e9ba03db7764b2248f02475079) C:\Windows\system32\DRIVERS\pccsmcfd.sys
22:03:19.0753 3724 pccsmcfd - ok
22:03:19.0769 3724 PcdrNdisuio - ok
22:03:19.0831 3724 pci (673e55c3498eb970088e812ea820aa8f) C:\Windows\system32\drivers\pci.sys
22:03:19.0878 3724 pci - ok
22:03:19.0894 3724 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\drivers\pciide.sys
22:03:19.0925 3724 pciide - ok
22:03:19.0972 3724 pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys
22:03:20.0019 3724 pcmcia - ok
22:03:20.0034 3724 pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys
22:03:20.0081 3724 pcw - ok
22:03:20.0159 3724 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys
22:03:20.0253 3724 PEAUTH - ok
22:03:20.0377 3724 PeerDistSvc (af4d64d2a57b9772cf3801950b8058a6) C:\Windows\system32\peerdistsvc.dll
22:03:20.0455 3724 PeerDistSvc - ok
22:03:20.0752 3724 pla (414bba67a3ded1d28437eb66aeb8a720) C:\Windows\system32\pla.dll
22:03:20.0877 3724 pla - ok
22:03:21.0111 3724 PlugPlay (ec7bc28d207da09e79b3e9faf8b232ca) C:\Windows\system32\umpnpmgr.dll
22:03:21.0173 3724 PlugPlay - ok
22:03:21.0220 3724 PNRPAutoReg (63ff8572611249931eb16bb8eed6afc8) C:\Windows\system32\pnrpauto.dll
22:03:21.0251 3724 PNRPAutoReg - ok
22:03:21.0298 3724 PNRPsvc (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll
22:03:21.0345 3724 PNRPsvc - ok
22:03:21.0407 3724 PolicyAgent (53946b69ba0836bd95b03759530c81ec) C:\Windows\System32\ipsecsvc.dll
22:03:21.0485 3724 PolicyAgent - ok
22:03:21.0547 3724 Power (f87d30e72e03d579a5199ccb3831d6ea) C:\Windows\system32\umpo.dll
22:03:21.0610 3724 Power - ok
22:03:21.0641 3724 Power Manager DBC Service - ok
22:03:21.0719 3724 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys
22:03:21.0797 3724 PptpMiniport - ok
22:03:21.0844 3724 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys
22:03:21.0875 3724 Processor - ok
22:03:21.0953 3724 ProfSvc (cadefac453040e370a1bdff3973be00d) C:\Windows\system32\profsvc.dll
22:03:22.0000 3724 ProfSvc - ok
22:03:22.0031 3724 ProtectedStorage (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
22:03:22.0062 3724 ProtectedStorage - ok
22:03:22.0125 3724 psadd (72de205cd4006dc45b1401859c506679) C:\Windows\system32\DRIVERS\psadd.sys
22:03:22.0140 3724 psadd - ok
22:03:22.0203 3724 Psched (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys
22:03:22.0281 3724 Psched - ok
22:03:22.0515 3724 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys
22:03:22.0608 3724 ql2300 - ok
22:03:22.0873 3724 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys
22:03:22.0920 3724 ql40xx - ok
22:03:22.0983 3724 QWAVE (31ac809e7707eb580b2bdb760390765a) C:\Windows\system32\qwave.dll
22:03:23.0045 3724 QWAVE - ok
22:03:23.0061 3724 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys
22:03:23.0092 3724 QWAVEdrv - ok
22:03:23.0170 3724 RapiMgr (8f97d374ad1857e1eed85a79f29a1d3d) C:\Windows\WindowsMobile\rapimgr.dll
22:03:23.0201 3724 RapiMgr - ok
22:03:23.0217 3724 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys
22:03:23.0295 3724 RasAcd - ok
22:03:23.0341 3724 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys
22:03:23.0404 3724 RasAgileVpn - ok
22:03:23.0451 3724 RasAuto (a60f1839849c0c00739787fd5ec03f13) C:\Windows\System32\rasauto.dll
22:03:23.0529 3724 RasAuto - ok
22:03:23.0544 3724 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys
22:03:23.0607 3724 Rasl2tp - ok
22:03:23.0685 3724 RasMan (cb9e04dc05eacf5b9a36ca276d475006) C:\Windows\System32\rasmans.dll
22:03:23.0763 3724 RasMan - ok
22:03:23.0809 3724 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys
22:03:23.0872 3724 RasPppoe - ok
22:03:23.0903 3724 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys
22:03:23.0965 3724 RasSstp - ok
22:03:23.0997 3724 rdbss (d528bc58a489409ba40334ebf96a311b) C:\Windows\system32\DRIVERS\rdbss.sys
22:03:24.0075 3724 rdbss - ok
22:03:24.0090 3724 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys
22:03:24.0121 3724 rdpbus - ok
22:03:24.0168 3724 RDPCDD (23dae03f29d253ae74c44f99e515f9a1) C:\Windows\system32\DRIVERS\RDPCDD.sys
22:03:24.0246 3724 RDPCDD - ok
22:03:24.0277 3724 RDPDR (b973fcfc50dc1434e1970a146f7e3885) C:\Windows\system32\drivers\rdpdr.sys
22:03:24.0340 3724 RDPDR - ok
22:03:24.0371 3724 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys
22:03:24.0449 3724 RDPENCDD - ok
22:03:24.0465 3724 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys
22:03:24.0527 3724 RDPREFMP - ok
22:03:24.0605 3724 RDPWD (f031683e6d1fea157abb2ff260b51e61) C:\Windows\system32\drivers\RDPWD.sys
22:03:24.0667 3724 RDPWD - ok
22:03:24.0745 3724 rdyboost (518395321dc96fe2c9f0e96ac743b656) C:\Windows\system32\drivers\rdyboost.sys
22:03:24.0777 3724 rdyboost - ok
22:03:24.0839 3724 RemoteAccess (7b5e1419717fac363a31cc302895217a) C:\Windows\System32\mprdim.dll
22:03:24.0901 3724 RemoteAccess - ok
22:03:24.0964 3724 RemoteRegistry (cb9a8683f4ef2bf99e123d79950d7935) C:\Windows\system32\regsvc.dll
22:03:25.0042 3724 RemoteRegistry - ok
22:03:25.0104 3724 rimmptsk (7a6648b61661b1421ffab762e391e33f) C:\Windows\system32\DRIVERS\rimmptsk.sys
22:03:25.0135 3724 rimmptsk - ok
22:03:25.0167 3724 rimsptsk (d0a35b7670aa3558eaab483f64446496) C:\Windows\system32\DRIVERS\rimsptsk.sys
22:03:25.0213 3724 rimsptsk - ok
22:03:25.0245 3724 rismxdp (6c1f93c0760c9f79a1869d07233df39d) C:\Windows\system32\DRIVERS\rixdptsk.sys
22:03:25.0276 3724 rismxdp - ok
22:03:25.0323 3724 RpcEptMapper (78d072f35bc45d9e4e1b61895c152234) C:\Windows\System32\RpcEpMap.dll
22:03:25.0401 3724 RpcEptMapper - ok
22:03:25.0448 3724 RpcLocator (94d36c0e44677dd26981d2bfeef2a29d) C:\Windows\system32\locator.exe
22:03:25.0479 3724 RpcLocator - ok
22:03:25.0572 3724 RpcSs (7660f01d3b38aca1747e397d21d790af) C:\Windows\system32\rpcss.dll
22:03:25.0650 3724 RpcSs - ok
22:03:25.0713 3724 rspndr (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys
22:03:25.0775 3724 rspndr - ok
22:03:25.0838 3724 RTL8167 (aa9c3881a74a6d66a2ad869b03e8d3f5) C:\Windows\system32\DRIVERS\Rt86win7.sys
22:03:25.0869 3724 RTL8167 - ok
22:03:25.0900 3724 s3cap (7fa7f2e249a5dcbb7970630e15e1f482) C:\Windows\system32\drivers\vms3cap.sys
22:03:25.0947 3724 s3cap - ok
22:03:25.0962 3724 SamSs (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
22:03:26.0009 3724 SamSs - ok
22:03:26.0134 3724 SbieDrv (2b12749cc05f32d217735770d2eeabe3) C:\Program Files\Sandboxie\SbieDrv.sys
22:03:26.0165 3724 SbieDrv - ok
22:03:26.0228 3724 SbieSvc (226d6068a955635259a3abef2f13827c) C:\Program Files\Sandboxie\SbieSvc.exe
22:03:26.0259 3724 SbieSvc - ok
22:03:26.0321 3724 sbp2port (05d860da1040f111503ac416ccef2bca) C:\Windows\system32\drivers\sbp2port.sys
22:03:26.0368 3724 sbp2port - ok
22:03:26.0430 3724 SCardSvr (8fc518ffe9519c2631d37515a68009c4) C:\Windows\System32\SCardSvr.dll
22:03:26.0508 3724 SCardSvr - ok
22:03:26.0555 3724 scfilter (0693b5ec673e34dc147e195779a4dcf6) C:\Windows\system32\DRIVERS\scfilter.sys
22:03:26.0618 3724 scfilter - ok
22:03:26.0758 3724 Schedule (a04bb13f8a72f8b6e8b4071723e4e336) C:\Windows\system32\schedsvc.dll
22:03:26.0852 3724 Schedule - ok
22:03:26.0914 3724 SCPolicySvc (319c6b309773d063541d01df8ac6f55f) C:\Windows\System32\certprop.dll
22:03:26.0976 3724 SCPolicySvc - ok
22:03:27.0054 3724 SCREAMINGBDRIVER (a643d6df1b7546256b11fb5d6b5d1375) C:\Windows\system32\drivers\ScreamingBAudio.sys
22:03:27.0070 3724 SCREAMINGBDRIVER - ok
22:03:27.0148 3724 sdbus (0328be1c7f1cba23848179f8762e391c) C:\Windows\system32\drivers\sdbus.sys
22:03:27.0179 3724 sdbus - ok
22:03:27.0242 3724 SDRSVC (08236c4bce5edd0a0318a438af28e0f7) C:\Windows\System32\SDRSVC.dll
22:03:27.0288 3724 SDRSVC - ok
22:03:27.0351 3724 Secdrv (65ee3435a9131bee1608f99f16c48e08) C:\Windows\system32\drivers\SECDRV.SYS
22:03:27.0351 3724 Secdrv ( UnsignedFile.Multi.Generic ) - warning
22:03:27.0351 3724 Secdrv - detected UnsignedFile.Multi.Generic (1)
22:03:27.0398 3724 seclogon (a59b3a4442c52060cc7a85293aa3546f) C:\Windows\system32\seclogon.dll
22:03:27.0476 3724 seclogon - ok
22:03:27.0491 3724 SENS (dcb7fcdcc97f87360f75d77425b81737) C:\Windows\system32\sens.dll
22:03:27.0569 3724 SENS - ok
22:03:27.0616 3724 SensrSvc (50087fe1ee447009c9cc2997b90de53f) C:\Windows\system32\sensrsvc.dll
22:03:27.0663 3724 SensrSvc - ok
22:03:27.0710 3724 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys
22:03:27.0741 3724 Serenum - ok
22:03:27.0788 3724 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys
22:03:27.0819 3724 Serial - ok
22:03:27.0881 3724 sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys
22:03:27.0912 3724 sermouse - ok
22:03:28.0178 3724 ServiceLayer (f31e9531af225ca25350d5e87e999b31) C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
22:03:28.0224 3724 ServiceLayer - ok
22:03:28.0302 3724 SessionEnv (4ae380f39a0032eab7dd953030b26d28) C:\Windows\system32\sessenv.dll
22:03:28.0380 3724 SessionEnv - ok
22:03:28.0412 3724 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\drivers\sffdisk.sys
22:03:28.0458 3724 sffdisk - ok
22:03:28.0474 3724 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\drivers\sffp_mmc.sys
22:03:28.0505 3724 sffp_mmc - ok
22:03:28.0536 3724 sffp_sd (6d4ccaedc018f1cf52866bbbaa235982) C:\Windows\system32\drivers\sffp_sd.sys
22:03:28.0583 3724 sffp_sd - ok
22:03:28.0630 3724 sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys
22:03:28.0661 3724 sfloppy - ok
22:03:28.0755 3724 SharedAccess (d1a079a0de2ea524513b6930c24527a2) C:\Windows\System32\ipnathlp.dll
22:03:28.0833 3724 SharedAccess - ok
22:03:28.0895 3724 ShellHWDetection (414da952a35bf5d50192e28263b40577) C:\Windows\System32\shsvcs.dll
22:03:28.0973 3724 ShellHWDetection - ok
22:03:29.0036 3724 Shockprf (fc0127343bd1ce1986ba12f8937f1057) C:\Windows\system32\DRIVERS\Apsx86.sys
22:03:29.0067 3724 Shockprf - ok
22:03:29.0114 3724 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\drivers\sisagp.sys
22:03:29.0145 3724 sisagp - ok
22:03:29.0176 3724 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys
22:03:29.0223 3724 SiSRaid2 - ok
22:03:29.0254 3724 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys
22:03:29.0301 3724 SiSRaid4 - ok
22:03:29.0394 3724 SkypeUpdate (6128e98eaaed364ed1a32708d2fd22cb) C:\Program Files\Skype\Updater\Updater.exe
22:03:29.0426 3724 SkypeUpdate - ok
22:03:29.0472 3724 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys
22:03:29.0550 3724 Smb - ok
22:03:29.0628 3724 SNMPTRAP (6a984831644eca1a33ffeae4126f4f37) C:\Windows\System32\snmptrap.exe
22:03:29.0660 3724 SNMPTRAP - ok
22:03:29.0675 3724 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys
22:03:29.0706 3724 spldr - ok
22:03:29.0800 3724 Spooler (866a43013535dc8587c258e43579c764) C:\Windows\System32\spoolsv.exe
22:03:29.0878 3724 Spooler - ok
22:03:30.0377 3724 sppsvc (cf87a1de791347e75b98885214ced2b8) C:\Windows\system32\sppsvc.exe
22:03:30.0549 3724 sppsvc - ok
22:03:30.0767 3724 sppuinotify (b0180b20b065d89232a78a40fe56eaa6) C:\Windows\system32\sppuinotify.dll
22:03:30.0845 3724 sppuinotify - ok
22:03:30.0954 3724 srv (e4c2764065d66ea1d2d3ebc28fe99c46) C:\Windows\system32\DRIVERS\srv.sys
22:03:31.0001 3724 srv - ok
22:03:31.0064 3724 srv2 (03f0545bd8d4c77fa0ae1ceedfcc71ab) C:\Windows\system32\DRIVERS\srv2.sys
22:03:31.0110 3724 srv2 - ok
22:03:31.0188 3724 SrvHsfHDA (e00fdfaff025e94f9821153750c35a6d) C:\Windows\system32\DRIVERS\VSTAZL3.SYS
22:03:31.0235 3724 SrvHsfHDA - ok
22:03:31.0407 3724 SrvHsfV92 (ceb4e3b6890e1e42dca6694d9e59e1a0) C:\Windows\system32\DRIVERS\VSTDPV3.SYS
22:03:31.0485 3724 SrvHsfV92 - ok
22:03:31.0547 3724 SrvHsfWinac (bc0c7ea89194c299f051c24119000e17) C:\Windows\system32\DRIVERS\VSTCNXT3.SYS
22:03:31.0625 3724 SrvHsfWinac - ok
22:03:31.0656 3724 srvnet (be6bd660caa6f291ae06a718a4fa8abc) C:\Windows\system32\DRIVERS\srvnet.sys
22:03:31.0688 3724 srvnet - ok
22:03:31.0750 3724 SSDPSRV (d887c9fd02ac9fa880f6e5027a43e118) C:\Windows\System32\ssdpsrv.dll
22:03:31.0828 3724 SSDPSRV - ok
22:03:31.0890 3724 ssmdrv (a36ee93698802cd899f98bfd553d8185) C:\Windows\system32\DRIVERS\ssmdrv.sys
22:03:31.0906 3724 ssmdrv - ok
22:03:31.0953 3724 SSPORT (ef3458337d7341a05169cefc73709264) C:\Windows\system32\Drivers\SSPORT.sys
22:03:31.0968 3724 SSPORT ( UnsignedFile.Multi.Generic ) - warning
22:03:31.0968 3724 SSPORT - detected UnsignedFile.Multi.Generic (1)
22:03:32.0000 3724 SstpSvc (d318f23be45d5e3a107469eb64815b50) C:\Windows\system32\sstpsvc.dll
22:03:32.0078 3724 SstpSvc - ok
22:03:32.0109 3724 stexstor (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys
22:03:32.0140 3724 stexstor - ok
22:03:32.0234 3724 StiSvc (e1fb3706030fb4578a0d72c2fc3689e4) C:\Windows\System32\wiaservc.dll
22:03:32.0296 3724 StiSvc - ok
22:03:32.0343 3724 storflt (472af0311073dceceaa8fa18ba2bdf89) C:\Windows\system32\drivers\vmstorfl.sys
22:03:32.0374 3724 storflt - ok
22:03:32.0405 3724 StorSvc (0bf669f0a910beda4a32258d363af2a5) C:\Windows\system32\storsvc.dll
22:03:32.0452 3724 StorSvc - ok
22:03:32.0514 3724 storvsc (dcaffd62259e0bdb433dd67b5bb37619) C:\Windows\system32\drivers\storvsc.sys
22:03:32.0561 3724 storvsc - ok
22:03:32.0577 3724 swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\drivers\swenum.sys
22:03:32.0608 3724 swenum - ok
22:03:32.0655 3724 swprv (a28bd92df340e57b024ba433165d34d7) C:\Windows\System32\swprv.dll
22:03:32.0748 3724 swprv - ok
22:03:32.0826 3724 SynTP (d7dc30b8b41e7a913c3fccc0631e72ec) C:\Windows\system32\DRIVERS\SynTP.sys
22:03:32.0858 3724 SynTP - ok
22:03:32.0998 3724 SysMain (36650d618ca34c9d357dfd3d89b2c56f) C:\Windows\system32\sysmain.dll
22:03:33.0076 3724 SysMain - ok
22:03:33.0123 3724 TabletInputService (763fecdc3d30c815fe72dd57936c6cd1) C:\Windows\System32\TabSvc.dll
22:03:33.0170 3724 TabletInputService - ok
22:03:33.0248 3724 tap0901 (5c7c939bbd03784fe58c80578d065cc9) C:\Windows\system32\DRIVERS\tap0901.sys
22:03:33.0279 3724 tap0901 - ok
22:03:33.0341 3724 TapiSrv (613bf4820361543956909043a265c6ac) C:\Windows\System32\tapisrv.dll
22:03:33.0419 3724 TapiSrv - ok
22:03:33.0482 3724 TBS (b799d9fdb26111737f58288d8dc172d9) C:\Windows\System32\tbssvc.dll
22:03:33.0560 3724 TBS - ok
22:03:33.0778 3724 Tcpip (7fa2e0f8b072bd04b77b421480b6cc22) C:\Windows\system32\drivers\tcpip.sys
22:03:33.0872 3724 Tcpip - ok
22:03:34.0308 3724 TCPIP6 (7fa2e0f8b072bd04b77b421480b6cc22) C:\Windows\system32\DRIVERS\tcpip.sys
22:03:34.0386 3724 TCPIP6 - ok
22:03:34.0527 3724 tcpipreg (cca24162e055c3714ce5a88b100c64ed) C:\Windows\system32\drivers\tcpipreg.sys
22:03:34.0589 3724 tcpipreg - ok
22:03:34.0636 3724 TDPIPE (1cb91b2bd8f6dd367dfc2ef26fd751b2) C:\Windows\system32\drivers\tdpipe.sys
22:03:34.0683 3724 TDPIPE - ok
22:03:34.0730 3724 TDTCP (2c2c5afe7ee4f620d69c23c0617651a8) C:\Windows\system32\drivers\tdtcp.sys
22:03:34.0761 3724 TDTCP - ok
22:03:34.0823 3724 tdx (b459575348c20e8121d6039da063c704) C:\Windows\system32\DRIVERS\tdx.sys
22:03:34.0886 3724 tdx - ok
22:03:35.0026 3724 TeamViewer5 (d91cb8a2d5a0f60e53eb7a0b0bc2e0f0) C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe
22:03:35.0057 3724 TeamViewer5 - ok
22:03:35.0588 3724 TeamViewer7 (3e85bdd019e3db66d9471dad7fd6a887) C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe
22:03:35.0775 3724 TeamViewer7 - ok
22:03:36.0040 3724 TermDD (04dbf4b01ea4bf25a9a3e84affac9b20) C:\Windows\system32\drivers\termdd.sys
22:03:36.0071 3724 TermDD - ok
22:03:36.0134 3724 TermService (382c804c92811be57829d8e550a900e2) C:\Windows\System32\termsrv.dll
22:03:36.0227 3724 TermService - ok
22:03:36.0258 3724 Themes (42fb6afd6b79d9fe07381609172e7ca4) C:\Windows\system32\themeservice.dll
22:03:36.0305 3724 Themes - ok
22:03:36.0555 3724 ThinkVantage Registry Monitor Service (8eb3b845a55afe8367c99c1b499340df) C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe
22:03:36.0602 3724 ThinkVantage Registry Monitor Service ( UnsignedFile.Multi.Generic ) - warning
22:03:36.0602 3724 ThinkVantage Registry Monitor Service - detected UnsignedFile.Multi.Generic (1)
22:03:36.0648 3724 THREADORDER (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll
22:03:36.0726 3724 THREADORDER - ok
22:03:36.0789 3724 TPDIGIMN (521866a3ce5a1a69b4b4a87bdb52be26) C:\Windows\system32\DRIVERS\ApsHM86.sys
22:03:36.0820 3724 TPDIGIMN - ok
22:03:36.0851 3724 TPHDEXLGSVC (199d786169749b1a5473b7799c1e6a89) C:\Windows\system32\TPHDEXLG.exe
22:03:36.0898 3724 TPHDEXLGSVC - ok
22:03:37.0038 3724 TPHKSVC (3c6a42a8494d74f44f048bb7f9f2db44) C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe
22:03:37.0070 3724 TPHKSVC - ok
22:03:37.0132 3724 TPPWRIF (6412da2b8d079d821b99b3a99943284e) C:\Windows\system32\drivers\Tppwr32v.sys
22:03:37.0148 3724 TPPWRIF - ok
22:03:37.0226 3724 TrkWks (4792c0378db99a9bc2ae2de6cfff0c3a) C:\Windows\System32\trkwks.dll
22:03:37.0304 3724 TrkWks - ok
22:03:37.0382 3724 TrustedInstaller (2c49b175aee1d4364b91b531417fe583) C:\Windows\servicing\TrustedInstaller.exe
22:03:37.0460 3724 TrustedInstaller - ok
22:03:37.0475 3724 tssecsrv (254bb140eee3c59d6114c1a86b636877) C:\Windows\system32\DRIVERS\tssecsrv.sys
22:03:37.0538 3724 tssecsrv - ok
22:03:37.0584 3724 TsUsbFlt (fd1d6c73e6333be727cbcc6054247654) C:\Windows\system32\drivers\tsusbflt.sys
22:03:37.0631 3724 TsUsbFlt - ok
22:03:37.0694 3724 tunnel (b2fa25d9b17a68bb93d58b0556e8c90d) C:\Windows\system32\DRIVERS\tunnel.sys
22:03:37.0756 3724 tunnel - ok
22:03:37.0959 3724 TVT Backup Service (4e7f50b0735a9cc58997cc2c92e41290) C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe
22:03:38.0052 3724 TVT Backup Service - ok
22:03:38.0302 3724 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys
22:03:38.0349 3724 uagp35 - ok
22:03:38.0396 3724 udfs (ee43346c7e4b5e63e54f927babbb32ff) C:\Windows\system32\DRIVERS\udfs.sys
22:03:38.0474 3724 udfs - ok
22:03:38.0536 3724 UI0Detect (8344fd4fce927880aa1aa7681d4927e5) C:\Windows\system32\UI0Detect.exe
22:03:38.0583 3724 UI0Detect - ok
22:03:38.0630 3724 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\drivers\uliagpkx.sys
22:03:38.0661 3724 uliagpkx - ok
22:03:38.0723 3724 umbus (d295bed4b898f0fd999fcfa9b32b071b) C:\Windows\system32\DRIVERS\umbus.sys
22:03:38.0770 3724 umbus - ok
22:03:38.0801 3724 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys
22:03:38.0832 3724 UmPass - ok
22:03:38.0895 3724 UmRdpService (409994a8eaceee4e328749c0353527a0) C:\Windows\System32\umrdp.dll
22:03:38.0942 3724 UmRdpService - ok
22:03:38.0988 3724 upnphost (833fbb672460efce8011d262175fad33) C:\Windows\System32\upnphost.dll
22:03:39.0066 3724 upnphost - ok
22:03:39.0113 3724 USBAAPL (83cafcb53201bbac04d822f32438e244) C:\Windows\system32\Drivers\usbaapl.sys
22:03:39.0144 3724 USBAAPL ( UnsignedFile.Multi.Generic ) - warning
22:03:39.0144 3724 USBAAPL - detected UnsignedFile.Multi.Generic (1)
22:03:39.0207 3724 usbccgp (bd9c55d7023c5de374507acc7a14e2ac) C:\Windows\system32\DRIVERS\usbccgp.sys
22:03:39.0238 3724 usbccgp - ok
22:03:39.0300 3724 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\drivers\usbcir.sys
22:03:39.0332 3724 usbcir - ok
22:03:39.0378 3724 usbehci (f92de757e4b7ce9c07c5e65423f3ae3b) C:\Windows\system32\DRIVERS\usbehci.sys
22:03:39.0410 3724 usbehci - ok
22:03:39.0456 3724 usbhub (8dc94aec6a7e644a06135ae7506dc2e9) C:\Windows\system32\DRIVERS\usbhub.sys
22:03:39.0503 3724 usbhub - ok
22:03:39.0534 3724 usbohci (e185d44fac515a18d9deddc23c2cdf44) C:\Windows\system32\drivers\usbohci.sys
22:03:39.0566 3724 usbohci - ok
22:03:39.0612 3724 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys
22:03:39.0659 3724 usbprint - ok
22:03:39.0690 3724 usbscan (576096ccbc07e7c4ea4f5e6686d6888f) C:\Windows\system32\DRIVERS\usbscan.sys
22:03:39.0737 3724 usbscan - ok
22:03:39.0800 3724 usbser (31181de6190b39fc8007dffd1a48ffd6) C:\Windows\system32\drivers\usbser.sys
22:03:39.0862 3724 usbser - ok
22:03:39.0893 3724 USBSTOR (f991ab9cc6b908db552166768176896a) C:\Windows\system32\DRIVERS\USBSTOR.SYS
22:03:39.0940 3724 USBSTOR - ok
22:03:39.0971 3724 usbuhci (68df884cf41cdada664beb01daf67e3d) C:\Windows\system32\DRIVERS\usbuhci.sys
22:03:40.0002 3724 usbuhci - ok
22:03:40.0080 3724 usbvideo (45f4e7bf43db40a6c6b4d92c76cbc3f2) C:\Windows\System32\Drivers\usbvideo.sys
22:03:40.0112 3724 usbvideo - ok
22:03:40.0174 3724 UxSms (081e6e1c91aec36758902a9f727cd23c) C:\Windows\System32\uxsms.dll
22:03:40.0236 3724 UxSms - ok
22:03:40.0283 3724 VaultSvc (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
22:03:40.0314 3724 VaultSvc - ok
22:03:40.0330 3724 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\drivers\vdrvroot.sys
22:03:40.0361 3724 vdrvroot - ok
22:03:40.0439 3724 vds (c3cd30495687c2a2f66a65ca6fd89be9) C:\Windows\System32\vds.exe
22:03:40.0533 3724 vds - ok
22:03:40.0580 3724 vga (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys
22:03:40.0626 3724 vga - ok
22:03:40.0658 3724 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys
22:03:40.0736 3724 VgaSave - ok
22:03:40.0767 3724 vhdmp (5461686cca2fda57b024547733ab42e3) C:\Windows\system32\drivers\vhdmp.sys
22:03:40.0829 3724 vhdmp - ok
22:03:40.0876 3724 viaagp (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\drivers\viaagp.sys
22:03:40.0923 3724 viaagp - ok
22:03:40.0954 3724 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys
22:03:40.0985 3724 ViaC7 - ok
22:03:41.0001 3724 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\drivers\viaide.sys
22:03:41.0032 3724 viaide - ok
22:03:41.0110 3724 vmbus (c2f2911156fdc7817c52829c86da494e) C:\Windows\system32\drivers\vmbus.sys
22:03:41.0141 3724 vmbus - ok
22:03:41.0188 3724 VMBusHID (d4d77455211e204f370d08f4963063ce) C:\Windows\system32\drivers\VMBusHID.sys
22:03:41.0219 3724 VMBusHID - ok
22:03:41.0250 3724 volmgr (4c63e00f2f4b5f86ab48a58cd990f212) C:\Windows\system32\drivers\volmgr.sys
22:03:41.0282 3724 volmgr - ok
22:03:41.0328 3724 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys
22:03:41.0375 3724 volmgrx - ok
22:03:41.0406 3724 volsnap (f497f67932c6fa693d7de2780631cfe7) C:\Windows\system32\drivers\volsnap.sys
22:03:41.0453 3724 volsnap - ok
22:03:41.0500 3724 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys
22:03:41.0547 3724 vsmraid - ok
22:03:41.0672 3724 VSS (209a3b1901b83aeb8527ed211cce9e4c) C:\Windows\system32\vssvc.exe
22:03:41.0781 3724 VSS - ok
22:03:41.0796 3724 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\System32\drivers\vwifibus.sys
22:03:41.0843 3724 vwifibus - ok
22:03:41.0874 3724 VWiFiFlt (7090d3436eeb4e7da3373090a23448f7) C:\Windows\system32\DRIVERS\vwififlt.sys
22:03:41.0906 3724 VWiFiFlt - ok
22:03:41.0937 3724 vwifimp (a3f04cbea6c2a10e6cb01f8b47611882) C:\Windows\system32\DRIVERS\vwifimp.sys
22:03:41.0984 3724 vwifimp - ok
22:03:42.0046 3724 W32Time (55187fd710e27d5095d10a472c8baf1c) C:\Windows\system32\w32time.dll
22:03:42.0124 3724 W32Time - ok
22:03:42.0155 3724 WacomPen (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys
22:03:42.0186 3724 WacomPen - ok
22:03:42.0327 3724 wampapache (07d0af06a5d2445c9dc5824c567e36b8) C:\Program Files\wamp\bin\apache\apache2.2.6\bin\httpd.exe
22:03:42.0327 3724 wampapache ( UnsignedFile.Multi.Generic ) - warning
22:03:42.0327 3724 wampapache - detected UnsignedFile.Multi.Generic (1)
22:03:42.0920 3724 wampmysqld (c1b9406af5192ec704ab2e49cd25765c) C:\Program Files\wamp\bin\mysql\mysql4.1.21\bin\mysqld-nt.exe
22:03:43.0091 3724 wampmysqld ( UnsignedFile.Multi.Generic ) - warning
22:03:43.0091 3724 wampmysqld - detected UnsignedFile.Multi.Generic (1)
22:03:43.0341 3724 WANARP (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
22:03:43.0419 3724 WANARP - ok
22:03:43.0419 3724 Wanarpv6 (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
22:03:43.0481 3724 Wanarpv6 - ok
22:03:43.0731 3724 WatAdminSvc (353a04c273ec58475d8633e75ccd5604) C:\Windows\system32\Wat\WatAdminSvc.exe
22:03:43.0840 3724 WatAdminSvc - ok
22:03:44.0214 3724 wbengine (691e3285e53dca558e1a84667f13e15a) C:\Windows\system32\wbengine.exe
22:03:44.0308 3724 wbengine - ok
22:03:44.0370 3724 WbioSrvc (9614b5d29dc76ac3c29f6d2d3aa70e67) C:\Windows\System32\wbiosrvc.dll
22:03:44.0417 3724 WbioSrvc - ok
22:03:44.0495 3724 WcesComm (59e19bd13c3bdb857646b9e436ba27f7) C:\Windows\WindowsMobile\wcescomm.dll
22:03:44.0542 3724 WcesComm - ok
22:03:44.0620 3724 wcncsvc (34eee0dfaadb4f691d6d5308a51315dc) C:\Windows\System32\wcncsvc.dll
22:03:44.0667 3724 wcncsvc - ok
22:03:44.0698 3724 WcsPlugInService (5d930b6357a6d2af4d7653bdabbf352f) C:\Windows\System32\WcsPlugInService.dll
22:03:44.0729 3724 WcsPlugInService - ok
22:03:44.0807 3724 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys
22:03:44.0838 3724 Wd - ok
22:03:44.0885 3724 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
22:03:44.0948 3724 Wdf01000 - ok
22:03:44.0979 3724 WdiServiceHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll
22:03:45.0026 3724 WdiServiceHost - ok
22:03:45.0026 3724 WdiSystemHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll
22:03:45.0072 3724 WdiSystemHost - ok
22:03:45.0119 3724 WebClient (a9d880f97530d5b8fee278923349929d) C:\Windows\System32\webclnt.dll
22:03:45.0182 3724 WebClient - ok
22:03:45.0213 3724 Wecsvc (760f0afe937a77cff27153206534f275) C:\Windows\system32\wecsvc.dll
22:03:45.0291 3724 Wecsvc - ok
22:03:45.0322 3724 wercplsupport (ac804569bb2364fb6017370258a4091b) C:\Windows\System32\wercplsupport.dll
22:03:45.0384 3724 wercplsupport - ok
22:03:45.0431 3724 WerSvc (08e420d873e4fd85241ee2421b02c4a4) C:\Windows\System32\WerSvc.dll
22:03:45.0509 3724 WerSvc - ok
22:03:45.0540 3724 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys
22:03:45.0603 3724 WfpLwf - ok
22:03:45.0634 3724 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys
22:03:45.0665 3724 WIMMount - ok
22:03:45.0852 3724 WinDefend (3fae8f94296001c32eab62cd7d82e0fd) C:\Program Files\Windows Defender\mpsvc.dll
22:03:45.0930 3724 WinDefend - ok
22:03:45.0962 3724 WinHttpAutoProxySvc - ok
22:03:46.0040 3724 Winmgmt (f62e510b6ad4c21eb9fe8668ed251826) C:\Windows\system32\wbem\WMIsvc.dll
22:03:46.0118 3724 Winmgmt - ok
22:03:46.0336 3724 WinRM (1b91cd34ea3a90ab6a4ef0550174f4cc) C:\Windows\system32\WsmSvc.dll
22:03:46.0430 3724 WinRM - ok
22:03:46.0554 3724 WINUSB (a67e5f9a400f3bd1be3d80613b45f708) C:\Windows\system32\drivers\WinUSB.SYS
22:03:46.0586 3724 WINUSB - ok
22:03:46.0742 3724 Wlansvc (16935c98ff639d185086a3529b1f2067) C:\Windows\System32\wlansvc.dll
22:03:46.0851 3724 Wlansvc - ok
22:03:46.0882 3724 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\drivers\wmiacpi.sys
22:03:46.0929 3724 WmiAcpi - ok
22:03:47.0022 3724 wmiApSrv (6eb6b66517b048d87dc1856ddf1f4c3f) C:\Windows\system32\wbem\WmiApSrv.exe
22:03:47.0069 3724 wmiApSrv - ok
22:03:47.0350 3724 WMPNetworkSvc (3b40d3a61aa8c21b88ae57c58ab3122e) C:\Program Files\Windows Media Player\wmpnetwk.exe
22:03:47.0428 3724 WMPNetworkSvc - ok
22:03:47.0662 3724 WPCSvc (a2f0ec770a92f2b3f9de6d518e11409c) C:\Windows\System32\wpcsvc.dll
22:03:47.0709 3724 WPCSvc - ok
22:03:47.0756 3724 WPDBusEnum (aa53356d60af47eacc85bc617a4f3f66) C:\Windows\system32\wpdbusenum.dll
22:03:47.0802 3724 WPDBusEnum - ok
22:03:47.0880 3724 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys
22:03:47.0958 3724 ws2ifsl - ok
22:03:47.0974 3724 wscsvc (6f5d49efe0e7164e03ae773a3fe25340) C:\Windows\system32\wscsvc.dll
22:03:48.0036 3724 wscsvc - ok
22:03:48.0068 3724 WSDPrintDevice (553f6ccd7c58eb98d4a8fbdaf283d7a9) C:\Windows\system32\DRIVERS\WSDPrint.sys
22:03:48.0114 3724 WSDPrintDevice - ok
22:03:48.0114 3724 WSearch - ok
22:03:48.0395 3724 wuauserv (fc3ec24fce372c89423e015a2ac1a31e) C:\Windows\system32\wuaueng.dll
22:03:48.0520 3724 wuauserv - ok
22:03:48.0785 3724 WudfPf (e714a1c0354636837e20ccbf00888ee7) C:\Windows\system32\drivers\WudfPf.sys
22:03:48.0848 3724 WudfPf - ok
22:03:48.0910 3724 WUDFRd (1023ee888c9b47178c5293ed5336ab69) C:\Windows\system32\DRIVERS\WUDFRd.sys
22:03:48.0988 3724 WUDFRd - ok
22:03:49.0050 3724 wudfsvc (8d1e1e529a2c9e9b6a85b55a345f7629) C:\Windows\System32\WUDFSvc.dll
22:03:49.0113 3724 wudfsvc - ok
22:03:49.0191 3724 WwanSvc (ff2d745b560f7c71b31f30f4d49f73d2) C:\Windows\System32\wwansvc.dll
22:03:49.0253 3724 WwanSvc - ok
22:03:49.0347 3724 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
22:03:49.0955 3724 \Device\Harddisk0\DR0 - ok
22:03:49.0955 3724 Boot (0x1200) (3724ecc985357e45ab76e0d161b5572b) \Device\Harddisk0\DR0\Partition0
22:03:49.0971 3724 \Device\Harddisk0\DR0\Partition0 - ok
22:03:50.0002 3724 Boot (0x1200) (5640f9e5ecfa8ad11008d394c86b5896) \Device\Harddisk0\DR0\Partition1
22:03:50.0002 3724 \Device\Harddisk0\DR0\Partition1 - ok
22:03:50.0033 3724 Boot (0x1200) (73dee7a97ceb97d0be3d2d51a9ceac47) \Device\Harddisk0\DR0\Partition2
22:03:50.0033 3724 \Device\Harddisk0\DR0\Partition2 - ok
22:03:50.0049 3724 ============================================================
22:03:50.0049 3724 Scan finished
22:03:50.0049 3724 ============================================================
22:03:50.0064 3872 Detected object count: 12
22:03:50.0064 3872 Actual detected object count: 12
22:04:37.0738 3872 ASLDRService ( UnsignedFile.Multi.Generic ) - skipped by user
22:04:37.0738 3872 ASLDRService ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:04:37.0754 3872 ATKGFNEXSrv ( UnsignedFile.Multi.Generic ) - skipped by user
22:04:37.0754 3872 ATKGFNEXSrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:04:37.0754 3872 CVPNDRVA ( UnsignedFile.Multi.Generic ) - skipped by user
22:04:37.0754 3872 CVPNDRVA ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:04:37.0754 3872 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - skipped by user
22:04:37.0754 3872 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:04:37.0754 3872 LFKAS ( UnsignedFile.Multi.Generic ) - skipped by user
22:04:37.0769 3872 LFKAS ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:04:37.0769 3872 NalServ ( UnsignedFile.Multi.Generic ) - skipped by user
22:04:37.0769 3872 NalServ ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:04:37.0769 3872 Secdrv ( UnsignedFile.Multi.Generic ) - skipped by user
22:04:37.0769 3872 Secdrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:04:37.0769 3872 SSPORT ( UnsignedFile.Multi.Generic ) - skipped by user
22:04:37.0769 3872 SSPORT ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:04:37.0785 3872 ThinkVantage Registry Monitor Service ( UnsignedFile.Multi.Generic ) - skipped by user
22:04:37.0785 3872 ThinkVantage Registry Monitor Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:04:37.0785 3872 USBAAPL ( UnsignedFile.Multi.Generic ) - skipped by user
22:04:37.0785 3872 USBAAPL ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:04:37.0785 3872 wampapache ( UnsignedFile.Multi.Generic ) - skipped by user
22:04:37.0785 3872 wampapache ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:04:37.0785 3872 wampmysqld ( UnsignedFile.Multi.Generic ) - skipped by user
22:04:37.0800 3872 wampmysqld ( UnsignedFile.Multi.Generic ) - User select action: Skip
|
|
12.07.2012, 21:45
| #23 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Security Shield trojan.lameshield Dann bitte jetzt CF ausführen: ComboFix Ein Leitfaden und Tutorium zur Nutzung von ComboFix
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat! Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie Zitat:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
12.07.2012, 22:41
| #24 |
| | Security Shield trojan.lameshield Combofix Logfile: Code:
ATTFilter ComboFix 12-07-12.02 - MD 12.07.2012 23:24:41.2.2 - x86
Microsoft Windows 7 Professional 6.1.7601.1.1252.49.1031.18.3037.1878 [GMT 2:00]
ausgeführt von:: c:\users\MD\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\PCDr\5849\AddOnDownloaded\7e36c7b4-f4c8-4324-9887-9cab89169ef6.dll
c:\programdata\PCDr\5849\AddOnDownloaded\96963609-8feb-4f10-b100-425cef18a0db.dll
c:\programdata\PCDr\5849\AddOnDownloaded\97d3cc32-549b-4646-bc59-82ebb82b5d11.dll
c:\programdata\PCDr\5849\AddOnDownloaded\b96355f5-a46b-48d0-a3f2-b41eed57de73.dll
c:\programdata\SPL14AF.tmp
c:\programdata\SPL2946.tmp
c:\programdata\SPL3BAD.tmp
c:\programdata\SPL3F07.tmp
c:\programdata\SPL4687.tmp
c:\programdata\SPL48BF.tmp
c:\programdata\SPL5F15.tmp
c:\programdata\SPL6156.tmp
c:\programdata\SPL66D.tmp
c:\programdata\SPL6F7A.tmp
c:\programdata\SPL7065.tmp
c:\programdata\SPL7FAC.tmp
c:\programdata\SPL83AA.tmp
c:\programdata\SPL858C.tmp
c:\programdata\SPL87C1.tmp
c:\programdata\SPL957D.tmp
c:\programdata\SPL9CDF.tmp
c:\programdata\SPLA1FE.tmp
c:\programdata\SPLB628.tmp
c:\programdata\SPLE1C2.tmp
c:\programdata\SPLEC81.tmp
c:\programdata\SPLF367.tmp
c:\programdata\SPLF74D.tmp
c:\programdata\SPLF981.tmp
c:\users\MD\AppData\Local\assembly\tmp
c:\users\MD\AppData\Local\lame_enc.dll
c:\users\MD\AppData\Local\no23xwrapper.dll
c:\users\MD\AppData\Local\ogg.dll
c:\users\MD\AppData\Local\vorbis.dll
c:\users\MD\AppData\Local\vorbisenc.dll
c:\users\MD\AppData\Local\vorbisfile.dll
c:\users\MD\g2mdlhlpx.exe
.
.
((((((((((((((((((((((( Dateien erstellt von 2012-06-12 bis 2012-07-12 ))))))))))))))))))))))))))))))
.
.
2012-07-12 21:32 . 2012-07-12 21:32 -------- d-----w- c:\users\MD\AppData\Local\temp
2012-07-12 21:32 . 2012-07-12 21:32 -------- d-----w- c:\users\Public\AppData\Local\temp
2012-07-12 21:32 . 2012-07-12 21:32 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-07-12 21:32 . 2012-07-12 21:32 -------- d-----w- c:\users\Administrator\AppData\Local\temp
2012-07-12 21:31 . 2012-07-12 21:31 56200 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{7C44DFB8-D270-485B-A13E-D79EBC2B9FAC}\offreg.dll
2012-07-12 14:10 . 2012-06-18 01:14 6762896 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{7C44DFB8-D270-485B-A13E-D79EBC2B9FAC}\mpengine.dll
2012-07-12 00:27 . 2012-06-12 02:40 2345984 ----a-w- c:\windows\system32\win32k.sys
2012-06-29 11:59 . 2012-06-29 11:59 476936 ----a-w- c:\windows\system32\npdeployJava1.dll
2012-06-27 15:36 . 2009-08-01 08:10 5120 ------w- c:\windows\system32\drivers\SSPORT.sys
2012-06-27 15:36 . 2009-08-01 08:10 49152 ------w- c:\windows\system32\ssusbpn.dll
2012-06-27 15:36 . 2009-08-01 08:10 57344 ------w- c:\windows\system32\ssdevm.dll
2012-06-27 15:34 . 2012-06-27 15:34 -------- d-----w- c:\windows\Dell
2012-06-27 15:34 . 2009-08-03 04:21 484592 ----a-w- c:\windows\SSndii.exe
2012-06-27 15:34 . 2009-08-03 04:20 44544 ----a-w- c:\windows\system32\msxml4a.dll
2012-06-27 15:34 . 2009-08-03 04:20 38160 ----a-w- c:\windows\system32\msxml2r.dll
2012-06-27 15:34 . 2009-08-03 04:20 21776 ----a-w- c:\windows\system32\msxml2a.dll
2012-06-27 15:34 . 2009-08-03 04:20 701440 ----a-w- c:\windows\system32\msxml2.dll
2012-06-27 15:33 . 2009-08-02 08:32 19968 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\sdc1mpc.dll
2012-06-27 15:32 . 2009-08-02 08:32 26624 ----a-w- c:\windows\system32\sdc1ml3.dll
2012-06-27 15:32 . 2009-08-02 08:31 151552 ----a-w- c:\windows\system32\sdc1mci.exe
2012-06-27 15:30 . 2012-06-27 15:30 -------- d-----w- c:\program files\Dell
2012-06-25 14:04 . 2012-06-25 14:04 1394248 ----a-w- c:\windows\system32\msxml4.dll
2012-06-23 14:29 . 2012-06-23 14:29 -------- d-----w- c:\users\MD\AppData\Local\Macromedia
2012-06-21 19:54 . 2012-06-21 19:54 770384 ----a-w- c:\program files\Mozilla Firefox\msvcr100.dll
2012-06-21 19:54 . 2012-06-21 19:54 421200 ----a-w- c:\program files\Mozilla Firefox\msvcp100.dll
2012-06-21 18:53 . 2012-06-21 18:53 -------- d-----w- c:\program files\MSXML 4.0
2012-06-21 18:49 . 2012-06-21 18:49 -------- d-----w- c:\users\MD\AppData\Local\Nokia
2012-06-21 18:31 . 2012-06-21 18:31 -------- d-----w- c:\programdata\NokiaInstallerCache
2012-06-21 18:24 . 2012-06-21 18:28 -------- d-----w- c:\users\MD\AppData\Roaming\PC Suite
2012-06-21 18:24 . 2012-06-21 18:28 -------- d-----w- c:\users\MD\AppData\Roaming\Nokia
2012-06-21 18:24 . 2012-06-21 18:28 -------- d-----w- c:\programdata\PC Suite
2012-06-21 18:23 . 2012-06-21 18:24 -------- d-----w- c:\program files\DIFX
2012-06-21 18:23 . 2008-08-26 07:26 18816 ----a-w- c:\windows\system32\drivers\pccsmcfd.sys
2012-06-21 18:23 . 2012-06-21 18:23 -------- d-----w- c:\program files\PC Connectivity Solution
2012-06-21 18:23 . 2012-01-09 15:28 75264 ----a-w- c:\windows\system32\nmwcdcls.dll
2012-06-21 18:22 . 2012-06-21 18:33 -------- d-----w- c:\programdata\Installations
2012-06-21 08:00 . 2012-06-02 22:19 53784 ----a-w- c:\windows\system32\wuauclt.exe
2012-06-21 08:00 . 2012-06-02 22:19 45080 ----a-w- c:\windows\system32\wups2.dll
2012-06-21 08:00 . 2012-06-02 22:19 1933848 ----a-w- c:\windows\system32\wuaueng.dll
2012-06-21 08:00 . 2012-06-02 22:12 2422272 ----a-w- c:\windows\system32\wucltux.dll
2012-06-21 07:59 . 2012-06-02 22:19 35864 ----a-w- c:\windows\system32\wups.dll
2012-06-21 07:59 . 2012-06-02 22:19 577048 ----a-w- c:\windows\system32\wuapi.dll
2012-06-21 07:59 . 2012-06-02 22:12 88576 ----a-w- c:\windows\system32\wudriver.dll
2012-06-21 07:59 . 2012-06-02 13:19 171904 ----a-w- c:\windows\system32\wuwebv.dll
2012-06-21 07:59 . 2012-06-02 13:12 33792 ----a-w- c:\windows\system32\wuapp.exe
2012-06-14 09:30 . 2012-04-28 03:17 183808 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-06-14 09:29 . 2012-04-07 11:26 2342400 ----a-w- c:\windows\system32\msi.dll
2012-06-14 09:29 . 2012-04-26 04:45 58880 ----a-w- c:\windows\system32\rdpwsx.dll
2012-06-14 09:29 . 2012-04-26 04:45 129536 ----a-w- c:\windows\system32\rdpcorekmts.dll
2012-06-14 09:29 . 2012-04-26 04:41 8192 ----a-w- c:\windows\system32\rdrmemptylst.exe
2012-06-14 09:29 . 2012-05-01 04:44 164352 ----a-w- c:\windows\system32\profsvc.dll
2012-06-14 09:29 . 2012-04-24 04:36 140288 ----a-w- c:\windows\system32\cryptsvc.dll
2012-06-14 09:29 . 2012-04-24 04:36 1158656 ----a-w- c:\windows\system32\crypt32.dll
2012-06-14 09:29 . 2012-04-24 04:36 103936 ----a-w- c:\windows\system32\cryptnet.dll
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-07-12 11:31 . 2012-04-27 06:40 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-07-12 11:31 . 2011-06-27 07:14 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-06-29 11:59 . 2010-08-14 11:32 472840 ----a-w- c:\windows\system32\deployJava1.dll
2012-05-31 10:25 . 2009-11-04 21:21 237072 ------w- c:\windows\system32\MpSigStub.exe
2012-05-08 14:57 . 2012-03-29 09:28 137928 ----a-w- c:\windows\system32\drivers\avipbb.sys
2012-05-08 14:57 . 2009-11-05 13:48 83392 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2011-06-02 17:27 . 2010-08-28 20:32 22792192 ------w- c:\program files\TOP-RECHNUNG 10.exe
2012-06-21 19:54 . 2011-05-27 11:58 85472 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\MD\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\MD\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\MD\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AVMUSBFernanschluss"="c:\users\MD\AppData\Local\Apps\2.0\V9NOXPVR.A8C\YA85CVZ8.MTM\frit..tion_8488884cfbcefd60_0002.0002_8541bf1f4a1c673d\AVMAutoStart.exe" [2011-03-02 147456]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TPHOTKEY"="c:\program files\Lenovo\HOTKEY\LVOSDSVC.exe" [2008-03-24 64368]
"AcWin7Hlpr"="c:\programme\Lenovo\Access Connections\AcWin7Hlpr.exe" [2010-11-02 279912]
"TpShocks"="TpShocks.exe" [2009-07-08 337184]
"Adobe Acrobat Speed Launcher"="c:\programme\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe" [2012-03-27 40376]
"Acrobat Assistant 8.0"="c:\programme\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe" [2012-03-26 640440]
"PWMTRV"="c:\progra~3\ThinkPad\UTILIT~1\PWMTR32V.DLL" [2009-09-09 714016]
"Windows Mobile Device Center"="c:\windows\WindowsMobile\wmdc.exe" [2007-05-31 648072]
"WrtMon.exe"="c:\windows\system32\spool\drivers\w32x86\3\WrtMon.exe" [2007-04-11 26704]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2010-04-22 1725736]
"LexwareInfoService"="c:\program files\Common Files\Lexware\Update Manager\LxUpdateManager.exe" [2008-11-03 339240]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-08-25 136216]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-08-25 171032]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-08-25 170520]
"AdobeAAMUpdater-1.0"="c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2011-03-15 499608]
"AdobeCS5.5ServiceManager"="c:\program files\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" [2011-01-12 1523360]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-04-04 462408]
"lxdomon.exe"="c:\program files\Lexmark 9500 Series\lxdomon.exe" [2010-02-10 455336]
"lxdoamon"="c:\program files\Lexmark 9500 Series\lxdoamon.exe" [2010-02-10 25256]
"Lexmark 9500 Series Fax Server"="c:\program files\Lexmark 9500 Series\fm3032.exe" [2010-02-10 311976]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2012-05-08 348624]
"Dell PanelMgr"="c:\windows\Dell\PanelMgr\SSMMgr.exe" [2009-12-15 632048]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
.
c:\users\MD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\MD\AppData\Roaming\Dropbox\bin\Dropbox.exe [2012-5-24 27112840]
OpenVPN GUI.lnk - c:\windows\System32\schtasks.exe [2011-5-25 179712]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^VPN Client.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\VPN Client.lnk
backup=c:\windows\pss\VPN Client.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^Users^MD^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^EvernoteClipper.lnk]
path=c:\users\MD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk
backup=c:\windows\pss\EvernoteClipper.lnk.Startup
backupExtension=.Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2011-10-09 16:06 421736 ------w- c:\program files\iTunes\iTunesHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
2010-04-16 20:12 3872080 ------w- c:\program files\Windows Live\Messenger\msnmsgr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SandboxieControl]
2011-03-24 11:24 409320 ------w- c:\program files\Sandboxie\SbieCtrl.exe
.
R2 lxdoCATSCustConnectService;lxdoCATSCustConnectService;c:\windows\system32\spool\DRIVERS\W32X86\3\\lxdoserv.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [x]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [x]
R3 AVMUNET;AVM FRITZ!Box;c:\windows\system32\DRIVERS\avmunet.sys [x]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [x]
R3 netw5v32;Intel(R) Wireless WiFi Link 5000-Serie - Adaptertreiber für Windows Vista 32 Bit;c:\windows\system32\DRIVERS\netw5v32.sys [x]
R3 Power Manager DBC Service;Power Manager DBC Service;c:\programme\ThinkPad\Utilities\PWMDBSVC.EXE [x]
R3 SCREAMINGBDRIVER;Screaming Bee Audio;c:\windows\system32\drivers\ScreamingBAudio.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R3 WSDPrintDevice;WSD-Druckunterstützung durch UMB;c:\windows\system32\DRIVERS\WSDPrint.sys [x]
S0 TPDIGIMN;TPDIGIMN;c:\windows\System32\DRIVERS\ApsHM86.sys [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [x]
S1 VWiFiFlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AntiVirSchedulerService;Avira Planer;c:\program files\Avira\AntiVir Desktop\sched.exe [x]
S2 LFKAS;Service of LFKA;c:\program files\Lenovo\ATK Hotkey\LFKAS.exe [x]
S2 lxdo_device;lxdo_device;c:\windows\system32\lxdocoms.exe [x]
S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [x]
S2 NalServ;Nalpeiron Control Service;c:\windows\system32\nalserv.exe [x]
S2 nlsX86cc;Nalpeiron Licensing Service;c:\windows\system32\nlssrv32.exe [x]
S2 SSPORT;SSPORT;c:\windows\system32\Drivers\SSPORT.sys [x]
S2 TeamViewer5;TeamViewer 5;c:\program files\TeamViewer\Version5\TeamViewer_Service.exe [x]
S2 TeamViewer7;TeamViewer 7;c:\program files\TeamViewer\Version7\TeamViewer_Service.exe [x]
S2 TPHKSVC;Anzeige am Bildschirm;c:\program files\LENOVO\HOTKEY\TPHKSVC.exe [x]
S3 avmaudio;AVM Audio;c:\windows\system32\DRIVERS\avmaudio.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
S3 MTsensor32;PU ACPI UTILITY;c:\windows\system32\DRIVERS\PuAcpi32.sys [x]
S3 NETw5s32;Intel(R) Wireless WiFi Link Adaptertreiber für Windows 7 32-Bit;c:\windows\system32\DRIVERS\NETw5s32.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [x]
S3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL3.SYS [x]
S3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV3.SYS [x]
S3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT3.SYS [x]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - 68709915
*Deregistered* - 68709915
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
WindowsMobile REG_MULTI_SZ wcescomm rapimgr
LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr
.
Inhalt des "geplante Tasks" Ordners
.
2012-07-12 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-27 11:31]
.
2012-07-12 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-291211984-3754166486-409696321-1001Core.job
- c:\users\MD\AppData\Local\Google\Update\GoogleUpdate.exe [2011-05-29 19:44]
.
2012-07-12 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-291211984-3754166486-409696321-1001UA.job
- c:\users\MD\AppData\Local\Google\Update\GoogleUpdate.exe [2011-05-29 19:44]
.
2012-06-29 c:\windows\Tasks\PCDoctorBackgroundMonitorTask.job
- c:\program files\PC-Doctor\uaclauncher.exe [2011-03-31 15:54]
.
2012-07-12 c:\windows\Tasks\SystemToolsDailyTest.job
- c:\program files\PC-Doctor\uaclauncher.exe [2011-03-31 15:54]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = about:blank
uInternet Settings,ProxyOverride = fritz.box;192.168.178.1
IE: Add to Evernote 4.0 - c:\program files\Evernote\Evernote\EvernoteIE.dll/204
IE: An vorhandene PDF-Datei anfügen - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: In Adobe PDF konvertieren - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: Linkziel an vorhandene PDF-Datei anhängen - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Linkziel in Adobe PDF konvertieren - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Nach Microsoft &Excel exportieren - c:\programme\Microsoft Office\OFFICE11\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.178.1
DPF: {85C86CCC-2158-4123-9C7D-785190CED875} - hxxps://lernboerse.arbeitsagentur.de/exklusiv/ilias/data/balihob/lm_data/httppath/dpLaunchPlugin.cab
FF - ProfilePath - c:\users\MD\AppData\Roaming\Mozilla\Firefox\Profiles\yqpafj8u.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.de/
FF - prefs.js: keyword.URL - hxxp://www.google.com/search?sourceid=navclient&hl=de&q=
FF - user.js: yahoo.homepage.dontask - true
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
MSConfigStartUp-CloneCDTray - c:\program files\SlySoft\CloneCD\CloneCDTray.exe
MSConfigStartUp-TomTomHOME - c:\program files\TomTom HOME 2\TomTomHOMERunner.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\MySQL]
"ImagePath"="\"c:\program files\MySQL\MySQL Server 5.5\bin\mysqld\" --defaults-file=\"c:\program files\MySQL\MySQL Server 5.5\my.ini\" MySQL"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2012-07-12 23:34:49
ComboFix-quarantined-files.txt 2012-07-12 21:34
ComboFix2.txt 2010-08-02 14:08
.
Vor Suchlauf: 23 Verzeichnis(se), 157.231.550.464 Bytes frei
Nach Suchlauf: 23 Verzeichnis(se), 157.155.639.296 Bytes frei
.
- - End Of File - - 457FCECB9B065959E1FC0CCAB0C3F963
|
|
13.07.2012, 14:03
| #25 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Security Shield trojan.lameshield Bitte nun Logs mit GMER und OSAM erstellen und posten. GMER stürzt häufiger ab, wenn das Tool auch beim 2. Mal nicht will, lass es einfach weg und führ nur OSAM aus - die Online-Abfrage durch OSAM bitte überspringen. Bei OSAM bitte darauf auch achten, dass Du das Log auch als *.log und nicht *.html oder so abspeicherst. Hinweis: Zum Entpacken von OSAM bitte WinRAR oder 7zip verwenden! Stell auch unbedingt den Virenscanner ab, besonders der Scanner von McAfee meldet oft einen Fehalarm in OSAM! Downloade dir bitte  aswMBR.exe und speichere die Datei auf deinem Desktop.
Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none). Noch ein Hinweis: Sollte aswMBR abstürzen und es kommt eine Meldung wie "aswMBR.exe funktioniert nicht mehr, dann mach Folgendes: Starte aswMBR neu, wähle unten links im Drop-Down-Menü (unten links im Fenster von aswMBR) bei "AV scan" (none) aus und klick nochmal auf den Scan-Button.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
16.07.2012, 11:09
| #26 |
| | Security Shield trojan.lameshield Hallo Arne, Code:
ATTFilter GMER Logfile: Code:
ATTFilter OSAM Logfile: Code:
ATTFilter aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-07-16 11:31:05
-----------------------------
11:31:05.107 OS Version: Windows 6.1.7601 Service Pack 1
11:31:05.107 Number of processors: 2 586 0xF0D
11:31:05.107 ComputerName: MD-LAPTOP UserName: MD
11:31:06.776 Initialize success
11:32:18.614 AVAST engine defs: 12071600
11:33:47.721 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
11:33:47.721 Disk 0 Vendor: WDC_WD2500BEVS-08VAT2 14.01A14 Size: 238475MB BusType: 11
11:33:48.065 Disk 0 MBR read successfully
11:33:48.065 Disk 0 MBR scan
11:33:48.065 Disk 0 Windows 7 default MBR code
11:33:48.143 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 1500 MB offset 2048
11:33:48.189 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 226972 MB offset 3074048
11:33:48.267 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 10001 MB offset 467912704
11:33:48.501 Disk 0 scanning sectors +488395120
11:33:49.047 Disk 0 scanning C:\Windows\system32\drivers
11:35:17.515 Service scanning
11:35:43.973 Modules scanning
11:38:08.975 Disk 0 trace - called modules:
11:38:09.037 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys halmacpi.dll ataport.SYS PCIIDEX.SYS msahci.sys
11:38:09.037 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x865ac030]
11:38:09.053 3 CLASSPNP.SYS[8360459e] -> nt!IofCallDriver -> [0x860efc10]
11:38:09.053 5 ACPI.sys[8b2973d4] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0x860e1908]
11:38:10.192 AVAST engine scan C:\Windows
11:39:20.813 AVAST engine scan C:\Windows\system32
11:51:50.706 AVAST engine scan C:\Windows\system32\drivers
11:52:16.587 AVAST engine scan C:\Users\MD
11:59:22.826 AVAST engine scan C:\ProgramData
12:03:58.073 Scan finished successfully
12:04:46.574 Disk 0 MBR has been saved successfully to "C:\Users\MD\Desktop\MBR.dat"
12:04:46.574 The log file has been saved successfully to "C:\Users\MD\Desktop\aswMBR.txt"
|
|
16.07.2012, 16:22
| #27 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Security Shield trojan.lameshield Sieht ok aus. Wir sollten fast durch sein. Mach bitte zur Kontrolle Vollscans mit Malwarebytes und SUPERAntiSpyware und poste die Logs. Denk dran beide Tools zu updaten vor dem Scan!!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
17.07.2012, 08:43
| #28 |
| | Security Shield trojan.lameshield Prima, dann hier noch die zwei Logs: Code:
ATTFilter Malwarebytes Anti-Malware 1.62.0.1300 www.malwarebytes.org Datenbank Version: v2012.07.16.10 Windows 7 Service Pack 1 x86 NTFS Internet Explorer 9.0.8112.16421 MD :: MD-LAPTOP [Administrator] 16.07.2012 21:28:02 mbam-log-2012-07-16 (21-28-02).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|Q:\|S:\|) Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 424029 Laufzeit: 1 Stunde(n), 29 Minute(n), 23 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) Code:
ATTFilter SUPERAntiSpyware Scan Log
hxxp://www.superantispyware.com
Generated 07/17/2012 at 01:28 AM
Application Version : 5.5.1006
Core Rules Database Version : 8908
Trace Rules Database Version: 6720
Scan type : Complete Scan
Total Scan Time : 01:57:00
Operating System Information
Windows 7 Professional 32-bit, Service Pack 1 (Build 6.01.7601)
UAC On - Administrator
Memory items scanned : 863
Memory threats detected : 0
Registry items scanned : 36295
Registry threats detected : 0
File items scanned : 180301
File threats detected : 280
Adware.Tracking Cookie
C:\Users\MD\AppData\Roaming\Microsoft\Windows\Cookies\694BXAZH.txt [ /mediaplex.com ]
C:\Users\MD\AppData\Roaming\Microsoft\Windows\Cookies\NH96PK5R.txt [ /apmebf.com ]
C:\USERS\MD\Cookies\694BXAZH.txt [ Cookie:md@mediaplex.com/ ]
C:\USERS\MD\Cookies\NH96PK5R.txt [ Cookie:md@apmebf.com/ ]
www.googleadservices.com [ C:\SANDBOX\MD\DEFAULTBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
ad.zanox.com [ C:\SANDBOX\MD\DEFAULTBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
butlers.traffective-tracking.com [ C:\SANDBOX\MD\DEFAULTBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
butlers.traffective-tracking.com [ C:\SANDBOX\MD\DEFAULTBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
butlers.traffective-tracking.com [ C:\SANDBOX\MD\DEFAULTBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
butlers.traffective-tracking.com [ C:\SANDBOX\MD\DEFAULTBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
butlers.traffective-tracking.com [ C:\SANDBOX\MD\DEFAULTBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
media1.comnos.com [ C:\SANDBOX\MD\DEFAULTBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
media1.comnos.com [ C:\SANDBOX\MD\DEFAULTBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
media1.comnos.com [ C:\SANDBOX\MD\DEFAULTBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
.atdmt.com [ C:\SANDBOX\MD\DEFAULTBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
.atdmt.com [ C:\SANDBOX\MD\DEFAULTBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\SANDBOX\MD\DEFAULTBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
.doubleclick.net [ C:\SANDBOX\MD\DEFAULTBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
.amazon-adsystem.com [ C:\SANDBOX\MD\DEFAULTBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
.amazon-adsystem.com [ C:\SANDBOX\MD\DEFAULTBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\SANDBOX\MD\DEFAULTBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
tomtailor.dyntracker.com [ C:\SANDBOX\MD\DEFAULTBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
track.adform.net [ C:\SANDBOX\MD\DEFAULTBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\SANDBOX\MD\DEFAULTBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
server.adformdsp.net [ C:\SANDBOX\MD\DEFAULTBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
.adformdsp.net [ C:\SANDBOX\MD\DEFAULTBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
.adform.net [ C:\SANDBOX\MD\DEFAULTBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\SANDBOX\MD\DEFAULTBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
.adform.net [ C:\SANDBOX\MD\DEFAULTBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
.apmebf.com [ C:\SANDBOX\MD\DEFAULTBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
.mediaplex.com [ C:\SANDBOX\MD\DEFAULTBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\SANDBOX\MD\DEFAULTBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\SANDBOX\MD\DEFAULTBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\SANDBOX\MD\DEFAULTBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
tracking.mobile.de [ C:\SANDBOX\MD\DEFAULTBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\SANDBOX\MD\DEFAULTBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
.fastclick.net [ C:\SANDBOX\MD\DEFAULTBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\SANDBOX\MD\DEFAULTBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\SANDBOX\MD\DEFAULTBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\SANDBOX\MD\DEFAULTBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\SANDBOX\MD\DEFAULTBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\SANDBOX\MD\DEFAULTBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\SANDBOX\MD\DEFAULTBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\SANDBOX\MD\DEFAULTBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\SANDBOX\MD\DEFAULTBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\SANDBOX\MD\DEFAULTBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\SANDBOX\MD\DEFAULTBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\SANDBOX\MD\DEFAULTBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\SANDBOX\MD\DEFAULTBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\SANDBOX\MD\DEFAULTBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\SANDBOX\MD\DEFAULTBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\SANDBOX\MD\DEFAULTBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
.im.banner.t-online.de [ C:\SANDBOX\MD\DEFAULTBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
.doubleclick.net [ C:\SANDBOX\MD\DEFAULTBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\SANDBOX\MD\DEFAULTBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\SANDBOX\MD\DEFAULTBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\SANDBOX\MD\DEFAULTBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\SANDBOX\MD\DEFAULTBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\SANDBOX\MD\DEFAULTBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\SANDBOX\MD\DEFAULTBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\SANDBOX\MD\DEFAULTBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\SANDBOX\MD\DEFAULTBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\SANDBOX\MD\DEFAULTBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\SANDBOX\MD\DEFAULTBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
.advertising.com [ C:\SANDBOX\MD\DEFAULTBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
.de.at.atwola.com [ C:\SANDBOX\MD\DEFAULTBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
eas4.emediate.eu [ C:\SANDBOX\MD\DEFAULTBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\SANDBOX\MD\DEFAULTBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\SANDBOX\MD\DEFAULTBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\SANDBOX\MD\DEFAULTBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\SANDBOX\MD\DEFAULTBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\SANDBOX\MD\DEFAULTBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\SANDBOX\MD\DEFAULTBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
.bs.serving-sys.com [ C:\SANDBOX\MD\DEFAULTBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\SANDBOX\MD\DEFAULTBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\SANDBOX\MD\DEFAULTBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\SANDBOX\MD\DEFAULTBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\SANDBOX\MD\DEFAULTBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\SANDBOX\MD\DEFAULTBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\SANDBOX\MD\DEFAULTBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\SANDBOX\MD\DEFAULTBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\SANDBOX\MD\DEFAULTBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\SANDBOX\MD\DEFAULTBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\SANDBOX\MD\DEFAULTBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\SANDBOX\MD\DEFAULTBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\SANDBOX\MD\DEFAULTBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\SANDBOX\MD\DEFAULTBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
.imrworldwide.com [ C:\SANDBOX\MD\DEFAULTBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
.imrworldwide.com [ C:\SANDBOX\MD\DEFAULTBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
.tracking.quisma.com [ C:\SANDBOX\MD\DEFAULTBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
tracking.quisma.com [ C:\SANDBOX\MD\DEFAULTBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
tracking.quisma.com [ C:\SANDBOX\MD\DEFAULTBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
statse.webtrendslive.com [ C:\SANDBOX\MD\DEFAULTBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
.deutschepostag.112.2o7.net [ C:\SANDBOX\MD\DEFAULTBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\SANDBOX\MD\DEFAULTBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
.clickfuse.com [ C:\SANDBOX\MD\DEFAULTBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
.zedo.com [ C:\SANDBOX\MD\DEFAULTBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
.zedo.com [ C:\SANDBOX\MD\DEFAULTBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
.zedo.com [ C:\SANDBOX\MD\DEFAULTBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
.zedo.com [ C:\SANDBOX\MD\DEFAULTBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
.zedo.com [ C:\SANDBOX\MD\DEFAULTBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
.zedo.com [ C:\SANDBOX\MD\DEFAULTBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
.zedo.com [ C:\SANDBOX\MD\DEFAULTBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\SANDBOX\MD\DEFAULTBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\SANDBOX\MD\DEFAULTBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
.xiti.com [ C:\SANDBOX\MD\DEFAULTBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\SANDBOX\MD\DEFAULTBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\SANDBOX\MD\DEFAULTBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\SANDBOX\MD\DEFAULTBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\SANDBOX\MD\DEFAULTBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\SANDBOX\MD\DEFAULTBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\SANDBOX\MD\DEFAULTBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
.yieldmanager.net [ C:\SANDBOX\MD\DEFAULTBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
.lucidmedia.com [ C:\SANDBOX\MD\DEFAULTBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\SANDBOX\MD\DEFAULTBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
server.adform.net [ C:\SANDBOX\MD\DEFAULTBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
accounts.google.com [ C:\SANDBOX\MD\DEFAULTBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
track.adform.net [ C:\SANDBOX\MD\DEFAULTBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
.adform.net [ C:\SANDBOX\MD\DEFAULTBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
eas4.emediate.eu [ C:\SANDBOX\MD\DEFAULTBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\SANDBOX\MD\DEFAULTBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\SANDBOX\MD\DEFAULTBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
ad4.adfarm1.adition.com [ C:\SANDBOX\MD\DEFAULTBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\SANDBOX\MD\DEFAULTBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
ad2.adfarm1.adition.com [ C:\SANDBOX\MD\DEFAULTBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\SANDBOX\MD\DEFAULTBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
ad3.adfarm1.adition.com [ C:\SANDBOX\MD\DEFAULTBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
.advertising.com [ C:\SANDBOX\MD\DEFAULTBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\SANDBOX\MD\DEFAULTBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\SANDBOX\MD\DEFAULTBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\SANDBOX\MD\DEFAULTBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\SANDBOX\MD\DEFAULTBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\SANDBOX\MD\DEFAULTBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\SANDBOX\MD\DEFAULTBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
.zanox-affiliate.de [ C:\SANDBOX\MD\DEFAULTBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\SANDBOX\MD\DEFAULTBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\SANDBOX\MD\DEFAULTBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\SANDBOX\MD\DEFAULTBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\SANDBOX\MD\DEFAULTBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
.im.banner.t-online.de [ C:\SANDBOX\MD\DEFAULTBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
.im.banner.t-online.de [ C:\SANDBOX\MD\DEFAULTBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
.im.banner.t-online.de [ C:\SANDBOX\MD\DEFAULTBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\SANDBOX\MD\DEFAULTBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\SANDBOX\MD\DEFAULTBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\SANDBOX\MD\DEFAULTBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\SANDBOX\MD\DEFAULTBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
ww251.smartadserver.com [ C:\SANDBOX\MD\DEFAULTBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
.clickfuse.com [ C:\SANDBOX\MD\DEFAULTBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\SANDBOX\MD\DEFAULTBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
.fastclick.net [ C:\SANDBOX\MD\DEFAULTBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
adx.chip.de [ C:\SANDBOX\MD\DEFAULTBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\SANDBOX\MD\DEFAULTBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
ad1.adfarm1.adition.com [ C:\SANDBOX\MD\DEFAULTBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\SANDBOX\MD\DEFAULTBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
.tracker.vinsight.de [ C:\SANDBOX\MD\DEFAULTBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\SANDBOX\MD\DEFAULTBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\SANDBOX\MD\DEFAULTBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\SANDBOX\MD\DEFAULTBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\SANDBOX\MD\DEFAULTBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
adx.chip.de [ C:\SANDBOX\MD\DEFAULTBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
adx.chip.de [ C:\SANDBOX\MD\DEFAULTBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\SANDBOX\MD\DEFAULTBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\SANDBOX\MD\DEFAULTBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\SANDBOX\MD\DEFAULTBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
adfarm1.adition.com [ C:\SANDBOX\MD\DEFAULTBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\SANDBOX\MD\DEFAULTBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\SANDBOX\MD\DEFAULTBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\SANDBOX\MD\DEFAULTBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
.doubleclick.net [ C:\SANDBOX\MD\DEFAULTBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
.advertising.com [ C:\SANDBOX\MD\DEFAULTBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\SANDBOX\MD\DEFAULTBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\SANDBOX\MD\DEFAULTBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
.tracking.quisma.com [ C:\SANDBOX\MD\DEFAULTBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
.mediaplex.com [ C:\SANDBOX\MD\DEFAULTBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\SANDBOX\MD\DEFAULTBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\SANDBOX\MD\DEFAULTBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\SANDBOX\MD\DEFAULTBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\SANDBOX\MD\DEFAULTBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
.traffictrack.de [ C:\SANDBOX\MD\DEFAULTBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\SANDBOX\MD\DEFAULTBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
.ru4.com [ C:\SANDBOX\MD\DEFAULTBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\SANDBOX\MD\DEFAULTBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\SANDBOX\MD\DEFAULTBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\SANDBOX\MD\DEFAULTBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\SANDBOX\MD\DEFAULTBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\SANDBOX\MD\DEFAULTBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\SANDBOX\MD\DEFAULTBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\SANDBOX\MD\DEFAULTBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
.zanox.com [ C:\SANDBOX\MD\DEFAULTBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\SANDBOX\MD\DEFAULTBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
ad.zanox.com [ C:\SANDBOX\MD\DEFAULTBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
html5media.googlecode.com [ C:\USERS\MD\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\ERMUDRRH ]
.doubleclick.net [ C:\USERS\MD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\MD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
tracking.mlsat02.de [ C:\USERS\MD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\MD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\MD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\MD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\MD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
.tracking.quisma.com [ C:\USERS\MD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\MD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\MD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\MD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\MD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\MD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\MD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
.deutschepostag.112.2o7.net [ C:\USERS\MD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\MD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
.apmebf.com [ C:\USERS\MD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
.mediaplex.com [ C:\USERS\MD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
ad.adserver01.de [ C:\USERS\MD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\MD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\MD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\MD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\MD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
.advertising.com [ C:\USERS\MD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
.atdmt.com [ C:\USERS\MD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
.atdmt.com [ C:\USERS\MD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
.e-2dj6wdl4cpdpego.stats.esomniture.com [ C:\USERS\MD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\MD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
.imrworldwide.com [ C:\USERS\MD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
.imrworldwide.com [ C:\USERS\MD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
track.adform.net [ C:\USERS\MD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\MD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\MD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\MD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\MD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\MD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\MD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\MD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\MD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\MD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\MD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\MD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
.mediaplex.com [ C:\USERS\MD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\MD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
.fastclick.net [ C:\USERS\MD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\MD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\MD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\MD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\MD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
ad.zanox.com [ C:\USERS\MD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
.zanox.com [ C:\USERS\MD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
tomtailor.dyntracker.com [ C:\USERS\MD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\MD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
.im.banner.t-online.de [ C:\USERS\MD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\MD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
.clickfuse.com [ C:\USERS\MD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\MD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\MD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\MD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
eas.apm.emediate.eu [ C:\USERS\MD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
eas.apm.emediate.eu [ C:\USERS\MD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\MD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\MD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
server.adformdsp.net [ C:\USERS\MD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
.adformdsp.net [ C:\USERS\MD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
.adform.net [ C:\USERS\MD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\MD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
track.adform.net [ C:\USERS\MD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
.adform.net [ C:\USERS\MD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
ad3.adfarm1.adition.com [ C:\USERS\MD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\MD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\MD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\MD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\MD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
ad2.adfarm1.adition.com [ C:\USERS\MD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\MD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
ad4.adfarm1.adition.com [ C:\USERS\MD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\MD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\MD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\MD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\MD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
.fastclick.net [ C:\USERS\MD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\MD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
ww251.smartadserver.com [ C:\USERS\MD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\MD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\MD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\MD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
.doubleclick.net [ C:\USERS\MD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YQPAFJ8U.DEFAULT\COOKIES.SQLITE ]
|
|
17.07.2012, 14:45
| #29 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Security Shield trojan.lameshield Sieht ok aus, da wurden nur Cookies gefunden. Cookies sind keine Schädlinge direkt, aber es besteht die Gefahr der missbräuchlichen Verwendung (eindeutige Wiedererkennung zB für gezielte Werbung o.ä. => HTTP-Cookie ) Wegen Cookies und anderer Dinge im Web: Um die Pest von vornherein zu blocken (also TrackingCookies, Werbebanner etc.) müsstest du dir mal sowas wie MVPS Hosts File anschauen => Blocking Unwanted Parasites with a Hosts File - sinnvollerweise solltest du alle 4 Wochen mal bei MVPS nachsehen, ob er eine neue Hosts Datei herausgebracht hat. Ansonsten gibt es noch gute Cookiemanager, Erweiterungen für den Firefox zB wäre da CookieCuller http://filepony.de/download-cookie_culler/ Wenn du aber damit leben kannst, dich bei jeder Browsersession überall neu einzuloggen (zB Facebook, Ebay, GMX, oder auch Trojaner-Board) dann stell den Browser einfach so ein, dass einfach alles beim Beenden des Browser inkl. Cookies gelöscht wird. Ich halte es so, dass ich zum "wilden Surfen" den Opera-Browser oder Chromium unter meinem Linux verwende. Mein Hauptbrowser (Firefox) speichert nur die Cookies von den Sites die ich auch will, alles andere lehne ich manuell ab (der FF fragt mich immer) - die anderen Browser nehmen alles an Cookies zwar an, aber spätestens beim nächsten Start von Opera oder Chromium sind keine Cookies mehr da. Ist dein System nun wieder in Ordnung oder gibt's noch andere Funde oder Probleme?
__________________ Logfiles bitte immer in CODE-Tags posten |
|
19.07.2012, 20:16
| #30 |
| | Security Shield trojan.lameshield Hallo Arne, vielen Dank für deine Tipps! Mein System läuft soweit unauffällig - Probleme kann ich nicht feststellen. Ein ganz aktueller Scan mit Malwarebytes hat folgendes ergeben: Code:
ATTFilter Malwarebytes Anti-Malware 1.62.0.1300 www.malwarebytes.org Datenbank Version: v2012.07.19.11 Windows 7 Service Pack 1 x86 NTFS Internet Explorer 9.0.8112.16421 MD :: MD-LAPTOP [Administrator] 19.07.2012 19:10:58 mbam-log-2012-07-19 (19-10-58).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|Q:\|S:\|) Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 412741 Laufzeit: 1 Stunde(n), 57 Minute(n), 31 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) |
|
| Themen zu Security Shield trojan.lameshield |
| alternate, antivir, autorun, avira, bho, dateisystem, excel, firefox, firefox 13.0.1, flash player, format, gfnexsrv.exe, google, heuristiks/extra, heuristiks/shuriken, hängen, intranet, langs, lenovo, lexware, logfile, microsoft office 2003, mozilla, nicht sicher, nodrives, object, openvpn, plug-in, programm, prozesse, registry, rundll, searchscopes, security, server, software, svchost.exe, taskhost.exe, version=1.0, warnung, windows, wuauclt.exe |
Linear-Darstellung
