Trojaner-Board - Facebook-Trojaner: vinamost.net/images/facebook/get.php?image=IMG39348819.JPG

Trojaner-Board (https://www.trojaner-board.de/)

- Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)

- - Facebook-Trojaner: vinamost.net/images/facebook/get.php?image=IMG39348819.JPG (https://www.trojaner-board.de/105156-facebook-trojaner-vinamost-net-images-facebook-get-php-image-img39348819-jpg.html)

Facebook-Trojaner: vinamost.net/images/facebook/get.php?image=IMG39348819.JPG

Hallo alle zusammen,

ich war so dumm und habe auf den Facebook-link (vinamost.net/images/facebook/get.php?image=IMG39348819.JPG) geklickt. Der dann promt an alle meine Kontakte weiter geschickt wurde. Von einem meiner Freunde erhielt ich gleich die Warnung, dass das ein Trojaner ist, aber da war's schon zu spät.

Zuerst hat McAfee mir angezeigt, dass nur Dateien auf dem USB-Stick betroffen sind, woraufhin ich diesen Formatiert habe.
Dann hat mcafee auch Dateien auf meinem Rechner isoliert die ich dann auch entfernt habe.

Eine Woche lang ging alles gut. Seit gestern kann ich nicht mehr in's Internet. Es wird die Fehlermeldung angezeigt: Proxy.Server verweigert die Verbindung. Firefox wurde konfiguriert, einen Proxy-Server zu nutzen, der die Verbindung zurückweist.

Hier im Forum habe ich jetzt schon mehrere Postings von Leidensgenossen gesehen, und hoffe, dass ihr auch mir helfen könnt.

Ich kann mit dem betroffenen Rechner ja nicht mehr in's Internet, da der Trojaner die Proxy-Einstellungen verändert hat.
Also versuche ich von meinem Bürorechner aus via USB-stick meinen Rechner zu retten.

In den ersten Schritten die in diesem Forum beschrieben werden treten aber nun erneut Probleme auf. Ich habe den Defogger auf meinem USB-Stick gespeichert und am betroffenen Rechner auf den Desktop kopiert und alle Anweisungen befolgt.
Als ich das selbe mit dem OTL machen wollte, wird die Datei anscheinend automatisch von meinem USB-stick entfernt, sobalt ich sie auf den Desktop kopieren will und McAfee warnt mich erneut das ein Trojaner isoliert wurde. Ich kann McAfee auch so schnell nicht ausschalten, da ich dazu in's Internet müsste. Und ich zweifle, dass das über einen anderen Rechner funktioniert.

Mache ich was falsch?
Vielen Dank schon mal, ich hoffe ihr bekommt meinen Rechner wieder hin :abklatsch:

LG Die Anne

Bitte nun routinemäßig einen Vollscan mit malwarebytes machen und Log posten.
Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss!

Falls Logs aus älteren Scans mit Malwarebytes vorhanden sind, bitte auch davon alle posten!

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Hallo cosinus.

Ich benutze Mcafee als Virus programm. Ich suche seit einer halben Stunde nach einer Möglichkeit es auszuschalten und finde keine.

Die einzige Option die ich gefunden habe, ist McAfee von meinem Internet-konto aus zu deaktivieren und das hat anscheinend eine Verzögerungszeit von sieben Tagen.

Kennst du eine schnellere Möglichkeit?

LG Anne

Echtzeitscanner deaktivieren. Notfalls McAfee bis wir durch sind deinstallieren.

Hallo Arne,

Hier ist die Log datei von Malwarebytes:

Malwarebytes' Anti-Malware 1.51.2.1300
Malwarebytes : Free anti-malware, anti-virus and spyware removal download

Datenbank Version: 8180

Windows 6.1.7601 Service Pack 1
Internet Explorer 8.0.7601.17514

17.11.2011 13:13:59
mbam-log-2011-11-17 (13-13-32).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|)
Durchsuchte Objekte: 294479
Laufzeit: 31 Minute(n), 34 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 1
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 1
Infizierte Dateien: 0

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Microsoft® Windows Update (Trojan.Agent) -> Value: Microsoft® Windows Update -> No action taken.

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
c:\Users\anne-sophie\m-1-52-5782-8752-5245 (Trojan.Agent.Gen) -> No action taken.

Infizierte Dateien:
(Keine bösartigen Objekte gefunden)

ESSET wurde eben nach einer stunde abgeprochen und war seit 20 min bei 59% stehen geblieben. Ich bekam die meldung, dass nicht ordnungsgemäß installiert wurde.

Mal sehen ob der zweite versuch klappt. Ist es sehr wichtig, dass die .exe datei auf dem Desktop ist oder kann ich sie auch aus meinem download-ordner heraus starten?

LG Anne

Aha,

ich glaube das problem war, dass Malwarebytes noch offen war.
Mal sehen ob ESET jetzt klappt.

Zitat:

-> No action taken.

Die Funde müssen mit Malwarebytes entfernt waren! Bitte nachholen falls noch nicht getan!
MBAM und ESET NIEMALS gleichzeitig sondern immer nacheinander ausführen!

So jetzt ist auch ESET fertig.

Hier die Log.txt:

ESETSmartInstaller@High as downloader log:
all ok
ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=3327a2e8b704614db4dc6ad376bf0150
# end=stopped
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2011-11-17 01:23:31
# local_time=2011-11-17 02:23:31 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1033
# osver=5.1.2600 NT Service Pack 2
# compatibility_mode=5893 16776573 100 94 11739 73166047 0 0
# compatibility_mode=8192 67108863 100 0 7508 7508 0 0
# scanned=24
# found=0
# cleaned=0
# scan_time=15
ESETSmartInstaller@High as downloader log:
all ok
esets_scanner_update returned -1 esets_gle=53251
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=3327a2e8b704614db4dc6ad376bf0150
# end=stopped
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2011-11-17 02:13:44
# local_time=2011-11-17 03:13:44 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1033
# osver=5.1.2600 NT Service Pack 2
# compatibility_mode=5893 16776573 100 94 11865 73166173 0 0
# compatibility_mode=8192 67108863 100 0 7634 7634 0 0
# scanned=122278
# found=0
# cleaned=0
# scan_time=2901
ESETSmartInstaller@High as downloader log:
all ok
esets_scanner_update returned -1 esets_gle=53251
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=3327a2e8b704614db4dc6ad376bf0150
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2011-11-17 03:06:35
# local_time=2011-11-17 04:06:35 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=5893 16776573 100 94 14868 73169176 0 0
# compatibility_mode=8192 67108863 100 0 10637 10637 0 0
# scanned=137151
# found=1
# cleaned=0
# scan_time=3069
D:\Downloads\SoftonicDownloader_fuer_vlc-media-player.exe a variant of Win32/SoftonicDownloader.A application (unable to clean) 00000000000000000000000000000000 I

schönen Abend

Anne

Also zweiter Versuch mit Malwarebytes:

Malwarebytes' Anti-Malware 1.51.2.1300
Malwarebytes : Free anti-malware, anti-virus and spyware removal download

Datenbank Version: 8183

Windows 6.1.7601 Service Pack 1
Internet Explorer 8.0.7601.17514

17.11.2011 18:48:21
mbam-log-2011-11-17 (18-48-21).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|H:\|)
Durchsuchte Objekte: 302537
Laufzeit: 29 Minute(n), 55 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 1
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 1
Infizierte Dateien: 0

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Microsoft® Windows Update (Trojan.Agent) -> Value: Microsoft® Windows Update -> Quarantined and deleted successfully.

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
c:\Users\anne-sophie\m-1-52-5782-8752-5245 (Trojan.Agent.Gen) -> Quarantined and deleted successfully.

Infizierte Dateien:
(Keine bösartigen Objekte gefunden)

Hier der zweite scan von ESET:

ESETSmartInstaller@High as downloader log:
all ok
ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=3327a2e8b704614db4dc6ad376bf0150
# end=stopped
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2011-11-17 01:23:31
# local_time=2011-11-17 02:23:31 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1033
# osver=5.1.2600 NT Service Pack 2
# compatibility_mode=5893 16776573 100 94 11739 73166047 0 0
# compatibility_mode=8192 67108863 100 0 7508 7508 0 0
# scanned=24
# found=0
# cleaned=0
# scan_time=15
ESETSmartInstaller@High as downloader log:
all ok
esets_scanner_update returned -1 esets_gle=53251
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=3327a2e8b704614db4dc6ad376bf0150
# end=stopped
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2011-11-17 02:13:44
# local_time=2011-11-17 03:13:44 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1033
# osver=5.1.2600 NT Service Pack 2
# compatibility_mode=5893 16776573 100 94 11865 73166173 0 0
# compatibility_mode=8192 67108863 100 0 7634 7634 0 0
# scanned=122278
# found=0
# cleaned=0
# scan_time=2901
ESETSmartInstaller@High as downloader log:
all ok
esets_scanner_update returned -1 esets_gle=53251
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=3327a2e8b704614db4dc6ad376bf0150
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2011-11-17 03:06:35
# local_time=2011-11-17 04:06:35 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=5893 16776573 100 94 14868 73169176 0 0
# compatibility_mode=8192 67108863 100 0 10637 10637 0 0
# scanned=137151
# found=1
# cleaned=0
# scan_time=3069
D:\Downloads\SoftonicDownloader_fuer_vlc-media-player.exe a variant of Win32/SoftonicDownloader.A application (unable to clean) 00000000000000000000000000000000 I
ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=3327a2e8b704614db4dc6ad376bf0150
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2011-11-17 06:54:46
# local_time=2011-11-17 07:54:46 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=5893 16776573 100 94 6741 73182140 0 0
# compatibility_mode=8192 67108863 100 0 23601 23601 0 0
# scanned=144968
# found=1
# cleaned=0
# scan_time=3796
D:\Downloads\SoftonicDownloader_fuer_vlc-media-player.exe a variant of Win32/SoftonicDownloader.A application (unable to clean) 00000000000000000000000000000000 I

Zitat:

D:\Downloads\SoftonicDownloader_fuer_vlc-media-player.exe

Lass die Finger von Softonic!!!

CustomScan mit OTL

Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop

Starte bitte die OTL.exe.
Vista und Win7 User mit Rechtsklick "als Administrator starten"
Kopiere nun den kompletten Inhalt aus der untenstehenden Codebox in die http://billy-oneal.com/Canned%20Spee.../customFix.png Textbox von OTL - wenn OTL auf deutsch ist wird sie mit http://larusso.trojaner-board.de/Images/otlfix.jpg beschriftet

Code:

netsvcs

msconfig

safebootminimal

safebootnetwork

activex

drivers32

%ALLUSERSPROFILE%\Application Data\*.

%ALLUSERSPROFILE%\Application Data\*.exe /s

%APPDATA%\*.

%APPDATA%\*.exe /s

%SYSTEMDRIVE%\*.exe

/md5start

wininit.exe

userinit.exe

eventlog.dll

scecli.dll

netlogon.dll

cngaudit.dll

ws2ifsl.sys

sceclt.dll

ntelogon.dll

winlogon.exe

logevent.dll

user32.DLL

iaStor.sys

nvstor.sys

atapi.sys

IdeChnDr.sys

viasraid.sys

AGP440.sys

vaxscsi.sys

nvatabus.sys

viamraid.sys

nvata.sys

nvgts.sys

iastorv.sys

ViPrt.sys

eNetHook.dll

ahcix86.sys

KR10N.sys

nvstor32.sys

ahcix86s.sys

/md5stop

%systemroot%\system32\drivers\*.sys /lockedfiles

%systemroot%\System32\config\*.sav

%systemroot%\*. /mp /s

%systemroot%\system32\*.dll /lockedfiles

CREATERESTOREPOINT

Schliesse bitte nun alle Programme. (Wichtig)
Klicke nun bitte auf den Quick Scan Button.
Klick auf http://billy-oneal.com/Canned%20Spee.../OTL/btnOK.png.
Kopiere nun den Inhalt aus OTL.txt hier in Deinen Thread

Hallo Arne,

Hab heut morgen erst gesehen, dass es auf der zweiten Seite weitergeht.

Hier der Text von OTL:OTL Logfile:

Code:

OTL logfile created on: 11/18/2011 12:47:42 PM - Run 1

OTL by OldTimer - Version 3.2.31.0     Folder = C:\Users\Anne-Sophie\Desktop

64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation

Internet Explorer (Version = 8.0.7601.17514)

Locale: 00000409 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

 

3.85 Gb Total Physical Memory | 2.80 Gb Available Physical Memory | 72.71% Memory free

7.71 Gb Paging File | 6.62 Gb Available in Paging File | 85.88% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 166.00 Gb Total Space | 134.17 Gb Free Space | 80.82% Space Free | Partition Type: NTFS

Drive D: | 279.66 Gb Total Space | 161.29 Gb Free Space | 57.67% Space Free | Partition Type: NTFS

Drive H: | 111.79 Gb Total Space | 69.31 Gb Free Space | 62.01% Space Free | Partition Type: NTFS

 

Computer Name: ACHIM | User Name: Anne-Sophie | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans

Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

 
 ========== Processes (SafeList) ==========

 

PRC - [2011/11/18 12:44:11 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Anne-Sophie\Desktop\OTL.exe

PRC - [2010/05/06 07:44:44 | 001,749,504 | ---- | M] (SAMSUNG Electronics) -- C:\Program Files (x86)\Samsung\Samsung Support Center\SSCKbdHk.exe

PRC - [2010/02/10 15:29:52 | 000,719,360 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files (x86)\Samsung\EasySpeedUpManager\EasySpeedUpManager.exe

PRC - [2010/01/19 03:34:48 | 002,201,192 | ---- | M] (SEC) -- C:\Program Files (x86)\Samsung\Samsung Recovery Solution 4\WCScheduler.exe

PRC - [2009/09/20 11:36:12 | 000,270,336 | ---- | M] (Hewlett-Packard Co.) -- D:\Programme\Digital Imaging\bin\hpqtra08.exe

PRC - [2009/09/20 11:07:24 | 000,559,104 | ---- | M] (Hewlett-Packard Co.) -- D:\Programme\Digital Imaging\bin\hpqbam08.exe

PRC - [2009/09/20 11:07:24 | 000,168,960 | ---- | M] (Hewlett-Packard Co.) -- D:\Programme\Digital Imaging\bin\hpqste08.exe

 

 
 ========== Modules (No Company Name) ==========

 

 
 ========== Win32 Services (SafeList) ==========

 

SRV:64bit: - [2010/09/22 10:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)

SRV:64bit: - [2010/07/07 19:50:56 | 000,203,264 | ---- | M] (AMD) [Disabled | Stopped] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)

SRV:64bit: - [2009/07/14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)

SRV - [2010/06/01 07:31:28 | 002,804,568 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe -- (NOBU)

SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)

SRV - [2009/09/20 11:36:12 | 000,249,344 | ---- | M] (Hewlett-Packard Co.) [On_Demand | Running] -- D:\Programme\Digital Imaging\bin\hpqcxs08.dll -- (hpqcxs08)

SRV - [2009/09/20 11:24:02 | 000,133,120 | ---- | M] (Hewlett-Packard Co.) [Auto | Running] -- D:\Programme\Digital Imaging\bin\hpqddsvc.dll -- (hpqddsvc)

SRV - [2009/09/20 10:55:20 | 001,037,824 | ---- | M] (Hewlett-Packard Co.) [Auto | Running] -- D:\Programme\Digital Imaging\bin\HPSLPSVC64.DLL -- (HPSLPSVC)

SRV - [2009/06/10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)

SRV - [2009/03/05 10:54:50 | 000,311,296 | ---- | M] () [Disabled | Stopped] -- C:\Windows\SysWOW64\Rezip.exe -- (Rezip)

 

 
 ========== Driver Services (SafeList) ==========

 

DRV:64bit: - [2011/01/15 17:21:04 | 000,036,352 | ---- | M] (Elaborate Bytes AG) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VClone.sys -- (VClone)

DRV:64bit: - [2010/12/16 23:58:14 | 000,040,816 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ElbyCDIO.sys -- (ElbyCDIO)

DRV:64bit: - [2010/11/20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)

DRV:64bit: - [2010/11/20 14:32:47 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)

DRV:64bit: - [2010/11/20 14:32:46 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)

DRV:64bit: - [2010/11/20 12:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)

DRV:64bit: - [2010/07/07 20:30:10 | 007,195,648 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)

DRV:64bit: - [2010/07/07 19:15:44 | 000,265,728 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)

DRV:64bit: - [2010/06/10 20:45:38 | 001,605,632 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)

DRV:64bit: - [2010/04/27 08:57:04 | 000,540,696 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)

DRV:64bit: - [2010/04/01 01:25:14 | 000,136,192 | ---- | M] (ELAN Microelectronics Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ETD.sys -- (ETD)

DRV:64bit: - [2010/03/31 01:35:26 | 000,013,824 | ---- | M] (SAMSUNG ELECTRONICS) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\SABI.sys -- (SABI)

DRV:64bit: - [2010/02/27 01:32:12 | 000,158,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)

DRV:64bit: - [2010/02/08 08:32:00 | 000,014,992 | ---- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CVirtA64.sys -- (CVirtA)

DRV:64bit: - [2010/01/29 08:33:38 | 000,116,736 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)

DRV:64bit: - [2009/09/28 10:22:00 | 000,395,264 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7)

DRV:64bit: - [2009/07/14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)

DRV:64bit: - [2009/07/14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)

DRV:64bit: - [2009/07/14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)

DRV:64bit: - [2009/06/10 21:37:05 | 006,108,416 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)

DRV:64bit: - [2009/06/10 21:35:42 | 000,187,392 | ---- | M] (Realtek Corporation                                            ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)

DRV:64bit: - [2009/06/10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)

DRV:64bit: - [2009/06/10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)

DRV:64bit: - [2009/06/10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)

DRV:64bit: - [2009/06/10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)

DRV:64bit: - [2008/11/16 18:39:44 | 000,157,968 | ---- | M] (Deterministic Networks, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\dne64x.sys -- (DNE)

DRV - [2011/04/11 10:33:28 | 000,015,144 | ---- | M] (Windows (R) 2003 DDK 3790 provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\rtport.sys -- (rtport)

DRV - [2009/07/14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)

 

 
 ========== Standard Registry (SafeList) ==========

 

 
 ========== Internet Explorer ==========

 

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Samsung | MSN

 

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = Samsung | MSN

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Samsung | MSN

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1

 
 ========== FireFox ==========

 

FF - prefs.js..browser.search.defaultenginename: "Search Results"

FF - prefs.js..browser.search.order.1: "Search Results"

FF - prefs.js..browser.search.selectedEngine: "Google"

FF - prefs.js..browser.search.useDBForOrder: true

FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/webhp?cplp=1308837846503"

FF - prefs.js..extensions.enabledItems: {B7082FAA-CB62-4872-9106-E42DD88EDE45}:3.3.1

FF - prefs.js..extensions.enabledItems: {d04b0b40-3dab-4f0b-97a6-04ec3eddbfb0}:2.0.6

FF - prefs.js..extensions.enabledItems: smartwebprinting@hp.com:4.51

FF - prefs.js..keyword.URL: "hxxp://dts.search-results.com/sr?src=ffb&appid=102&systemid=406&q="

FF - prefs.js..network.proxy.http: "127.0.0.1 445"

FF - prefs.js..network.proxy.http_port: 60040

 

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()

FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

 

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: D:\Programme\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011/06/06 21:57:21 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/11/11 07:43:18 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011/06/22 17:39:53 | 000,000,000 | ---D | M]

FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: D:\Programme\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011/06/06 21:57:21 | 000,000,000 | ---D | M]

 

[2011/07/27 20:11:34 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Anne-Sophie\AppData\Roaming\mozilla\Extensions

[2011/11/18 12:42:20 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Anne-Sophie\AppData\Roaming\mozilla\Firefox\Profiles\d51rcdsi.default\extensions

[2011/06/22 18:01:40 | 000,000,000 | ---D | M] (Fire.fm) -- C:\Users\Anne-Sophie\AppData\Roaming\mozilla\Firefox\Profiles\d51rcdsi.default\extensions\{6F0976E6-26F3-4AFE-BBEC-9E99E27E4DF3}

[2011/07/10 08:02:19 | 000,000,000 | ---D | M] (WOT) -- C:\Users\Anne-Sophie\AppData\Roaming\mozilla\Firefox\Profiles\d51rcdsi.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}

[2011/06/06 08:16:39 | 000,000,000 | ---D | M] (Ecosia - The Green Search) -- C:\Users\Anne-Sophie\AppData\Roaming\mozilla\Firefox\Profiles\d51rcdsi.default\extensions\{d04b0b40-3dab-4f0b-97a6-04ec3eddbfb0}

[2011/11/09 10:49:21 | 000,000,000 | ---D | M] (Cooliris) -- C:\Users\Anne-Sophie\AppData\Roaming\mozilla\Firefox\Profiles\d51rcdsi.default\extensions\piclens@cooliris.com

[2011/11/18 12:42:20 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Anne-Sophie\AppData\Roaming\mozilla\Firefox\Profiles\d51rcdsi.default\extensions\staged

[2011/06/06 08:16:41 | 000,005,212 | ---- | M] () -- C:\Users\Anne-Sophie\AppData\Roaming\Mozilla\Firefox\Profiles\d51rcdsi.default\searchplugins\ecosia.xml

[2011/07/27 20:03:20 | 000,002,501 | ---- | M] () -- C:\Users\Anne-Sophie\AppData\Roaming\Mozilla\Firefox\Profiles\d51rcdsi.default\searchplugins\SearchResults.xml

[2011/07/27 20:11:34 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions

() (No name found) -- C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\EXTENSIONS\{28197867-B1EF-4140-8E3B-55C45B9C8460}.XPI

() (No name found) -- C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\EXTENSIONS\{D4DD63FA-01E4-46A7-B6B1-EDAB7D6AD389}.XPI

() (No name found) -- C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\EXTENSIONS\ISREADITLATER@IDEASHOWER.COM.XPI

() (No name found) -- C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\EXTENSIONS\PLAYDRUMS@PLAYDRUMS.FR.XPI

[2011/11/11 07:43:18 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll

[2011/10/04 16:49:08 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml

[2011/10/04 16:49:08 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml

[2011/10/04 16:49:08 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml

[2011/10/04 16:49:08 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml

[2011/06/06 23:12:46 | 000,001,952 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\McSiteAdvisor.xml

[2011/07/27 20:03:20 | 000,002,501 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\SearchResults.xml

[2011/10/04 16:49:08 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml

[2011/10/04 16:49:08 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml

 
 ========== Chrome  ==========

 

CHR - Extension: No name found = C:\Users\Anne-Sophie\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.31.137.7_0\

CHR - Extension: No name found = C:\Users\Anne-Sophie\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.31.137.7_1\

 

O1 HOSTS File: ([2009/06/10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts

O2 - BHO: (HP Print Enhancer) - {0347C33E-8762-4905-BF09-768834316C61} - D:\Programme\Digital Imaging\smart web printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)

O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O2 - BHO: (HP Smart BHO Class) - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - D:\Programme\Digital Imaging\smart web printing\hpswp_BHO.dll (Hewlett-Packard Co.)

O3:64bit: - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.

O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.

O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.

O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideSCAHealth = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0

O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O9 - Extra Button: HP Smart Web Printing ein- oder ausblenden - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - D:\Programme\Digital Imaging\smart web printing\hpswp_BHO.dll (Hewlett-Packard Co.)

O1364bit: - gopher Prefix: missing

O13 - gopher Prefix: missing

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 83.169.184.33 192.168.0.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2E83D437-7FBE-4366-A384-649368F8DCC1}: DhcpNameServer = 141.53.9.12

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E1C6E7FF-A4DC-45A3-B910-378AC87A208D}: DhcpNameServer = 83.169.184.33 192.168.0.1

O18:64bit: - Protocol\Handler\livecall - No CLSID value found

O18:64bit: - Protocol\Handler\ms-help - No CLSID value found

O18:64bit: - Protocol\Handler\msnim - No CLSID value found

O18:64bit: - Protocol\Handler\skype4com - No CLSID value found

O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found

O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found

O18:64bit: - Protocol\Handler\wlpg - No CLSID value found

O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)

O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found

O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (userinit.exe) -C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found

O20 - HKCU Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)

O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

O32 - HKLM CDRom: AutoRun - 1

O33 - MountPoints2\{688b3118-9076-11e0-88d0-0024542d7a3f}\Shell - "" = AutoRun

O33 - MountPoints2\{688b3118-9076-11e0-88d0-0024542d7a3f}\Shell\AutoRun\command - "" = G:\SETUP.EXE

O33 - MountPoints2\{688b3118-9076-11e0-88d0-0024542d7a3f}\Shell\configure\command - "" = G:\SETUP.EXE

O33 - MountPoints2\{688b3118-9076-11e0-88d0-0024542d7a3f}\Shell\install\command - "" = G:\SETUP.EXE

O34 - HKLM BootExecute: (autocheck autochk *)

O35:64bit: - HKLM\..comfile [open] -- "%1" %*

O35:64bit: - HKLM\..exefile [open] -- "%1" %*

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*

O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

 

 

MsConfig:64bit - StartUpFolder: C:^Users^Anne-Sophie^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk - C:\Users\ANNE-S~1\AppData\Roaming\Dropbox\bin\Dropbox.exe - (Dropbox, Inc.)

MsConfig:64bit - StartUpReg: Adobe ARM - hkey= - key= - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)

MsConfig:64bit - StartUpReg: Adobe Reader Speed Launcher - hkey= - key= - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)

MsConfig:64bit - StartUpReg: ETDWare - hkey= - key= - C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronics Corp.)

MsConfig:64bit - StartUpReg: mcui_exe - hkey= - key= -  File not found

MsConfig:64bit - StartUpReg: Norton Online Backup - hkey= - key= - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe (Symantec Corporation)

MsConfig:64bit - StartUpReg: RtHDVCpl - hkey= - key= - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)

MsConfig:64bit - StartUpReg: Sidebar - hkey= - key= - C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation)

MsConfig:64bit - StartUpReg: StartCCC - hkey= - key= - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)

MsConfig:64bit - StartUpReg: UCam_Menu - hkey= - key= - C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)

MsConfig:64bit - State: "services" - Reg Error: Key error.

MsConfig:64bit - State: "startup" - Reg Error: Key error.

 

SafeBootMin:64bit: AppMgmt - Service

SafeBootMin:64bit: Base - Driver Group

SafeBootMin:64bit: Boot Bus Extender - Driver Group

SafeBootMin:64bit: Boot file system - Driver Group

SafeBootMin:64bit: File system - Driver Group

SafeBootMin:64bit: Filter - Driver Group

SafeBootMin:64bit: HelpSvc - Service

SafeBootMin:64bit: MCODS - Reg Error: Value error.

SafeBootMin:64bit: PCI Configuration - Driver Group

SafeBootMin:64bit: PNP Filter - Driver Group

SafeBootMin:64bit: Primary disk - Driver Group

SafeBootMin:64bit: sacsvr - Service

SafeBootMin:64bit: SCSI Class - Driver Group

SafeBootMin:64bit: System Bus Extender - Driver Group

SafeBootMin:64bit: vmms - Service

SafeBootMin:64bit: WinDefend - C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)

SafeBootMin:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers

SafeBootMin:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive

SafeBootMin:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive

SafeBootMin:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller

SafeBootMin:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc

SafeBootMin:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard

SafeBootMin:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse

SafeBootMin:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters

SafeBootMin:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter

SafeBootMin:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System

SafeBootMin:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive

SafeBootMin:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy

SafeBootMin:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers

SafeBootMin:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume

SafeBootMin:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootMin:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices

SafeBootMin:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootMin: AppMgmt - Service

SafeBootMin: Base - Driver Group

SafeBootMin: Boot Bus Extender - Driver Group

SafeBootMin: Boot file system - Driver Group

SafeBootMin: File system - Driver Group

SafeBootMin: Filter - Driver Group

SafeBootMin: HelpSvc - Service

SafeBootMin: MCODS - Reg Error: Value error.

SafeBootMin: PCI Configuration - Driver Group

SafeBootMin: PNP Filter - Driver Group

SafeBootMin: Primary disk - Driver Group

SafeBootMin: sacsvr - Service

SafeBootMin: SCSI Class - Driver Group

SafeBootMin: System Bus Extender - Driver Group

SafeBootMin: vmms - Service

SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers

SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive

SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive

SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller

SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc

SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard

SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse

SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters

SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter

SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System

SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive

SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy

SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers

SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume

SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices

SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

 

SafeBootNet:64bit: AppMgmt - Service

SafeBootNet:64bit: Base - Driver Group

SafeBootNet:64bit: Boot Bus Extender - Driver Group

SafeBootNet:64bit: Boot file system - Driver Group

SafeBootNet:64bit: File system - Driver Group

SafeBootNet:64bit: Filter - Driver Group

SafeBootNet:64bit: HelpSvc - Service

SafeBootNet:64bit: MCODS - Reg Error: Value error.

SafeBootNet:64bit: Messenger - Service

SafeBootNet:64bit: NDIS Wrapper - Driver Group

SafeBootNet:64bit: NetBIOSGroup - Driver Group

SafeBootNet:64bit: NetDDEGroup - Driver Group

SafeBootNet:64bit: Network - Driver Group

SafeBootNet:64bit: NetworkProvider - Driver Group

SafeBootNet:64bit: PCI Configuration - Driver Group

SafeBootNet:64bit: PNP Filter - Driver Group

SafeBootNet:64bit: PNP_TDI - Driver Group

SafeBootNet:64bit: Primary disk - Driver Group

SafeBootNet:64bit: rdsessmgr - Service

SafeBootNet:64bit: sacsvr - Service

SafeBootNet:64bit: SCSI Class - Driver Group

SafeBootNet:64bit: Streams Drivers - Driver Group

SafeBootNet:64bit: System Bus Extender - Driver Group

SafeBootNet:64bit: TDI - Driver Group

SafeBootNet:64bit: vmms - Service

SafeBootNet:64bit: WinDefend - C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)

SafeBootNet:64bit: WudfUsbccidDriver - Driver

SafeBootNet:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers

SafeBootNet:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive

SafeBootNet:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive

SafeBootNet:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller

SafeBootNet:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc

SafeBootNet:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard

SafeBootNet:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse

SafeBootNet:64bit: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net

SafeBootNet:64bit: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient

SafeBootNet:64bit: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService

SafeBootNet:64bit: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans

SafeBootNet:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters

SafeBootNet:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter

SafeBootNet:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System

SafeBootNet:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive

SafeBootNet:64bit: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers

SafeBootNet:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy

SafeBootNet:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers

SafeBootNet:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume

SafeBootNet:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices

SafeBootNet:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootNet: AppMgmt - Service

SafeBootNet: Base - Driver Group

SafeBootNet: Boot Bus Extender - Driver Group

SafeBootNet: Boot file system - Driver Group

SafeBootNet: File system - Driver Group

SafeBootNet: Filter - Driver Group

SafeBootNet: HelpSvc - Service

SafeBootNet: MCODS - Reg Error: Value error.

SafeBootNet: Messenger - Service

SafeBootNet: NDIS Wrapper - Driver Group

SafeBootNet: NetBIOSGroup - Driver Group

SafeBootNet: NetDDEGroup - Driver Group

SafeBootNet: Network - Driver Group

SafeBootNet: NetworkProvider - Driver Group

SafeBootNet: PCI Configuration - Driver Group

SafeBootNet: PNP Filter - Driver Group

SafeBootNet: PNP_TDI - Driver Group

SafeBootNet: Primary disk - Driver Group

SafeBootNet: rdsessmgr - Service

SafeBootNet: sacsvr - Service

SafeBootNet: SCSI Class - Driver Group

SafeBootNet: Streams Drivers - Driver Group

SafeBootNet: System Bus Extender - Driver Group

SafeBootNet: TDI - Driver Group

SafeBootNet: vmms - Service

SafeBootNet: WudfUsbccidDriver - Driver

SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers

SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive

SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive

SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller

SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc

SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard

SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse

SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net

SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient

SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService

SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans

SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters

SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter

SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System

SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive

SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers

SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy

SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers

SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume

SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices

SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

 

ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0

ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll

ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack

ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE

ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx

ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help

ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6

ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools

ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements

ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player

ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access

ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7

ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll

ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings

ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install

ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding

ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts

ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help

ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface

ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework

ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework

ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP

ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig

ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP

ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0

ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework

ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll

ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack

ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE

ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx

ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help

ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6

ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools

ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements

ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player

ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access

ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7

ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework

ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll

ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings

ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install

ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding

ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts

ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player

ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help

ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface

ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework

ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP

ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig

ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP

 

Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)

Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)

Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)

 

CREATERESTOREPOINT

Restore point Set: OTL Restore Point

 
 ========== Files/Folders - Created Within 30 Days ==========

 

[2011/11/18 12:44:49 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\Anne-Sophie\Desktop\OTL.exe

[2011/11/17 13:18:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET

[2011/11/17 13:16:00 | 002,322,184 | ---- | C] (ESET) -- C:\Users\Anne-Sophie\Desktop\esetsmartinstaller_enu.exe

[2011/11/17 11:39:08 | 000,000,000 | ---D | C] -- C:\Users\Anne-Sophie\AppData\Roaming\Malwarebytes

[2011/11/17 11:39:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware

[2011/11/17 11:38:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes

[2011/11/17 11:38:56 | 000,025,416 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys

[2011/11/17 11:38:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware

[2011/11/10 18:10:08 | 000,000,000 | ---D | C] -- C:\Users\Anne-Sophie\AppData\Local\Apple Computer

[2011/11/10 18:10:01 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE

[2011/11/10 18:09:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer

[2011/11/10 18:09:03 | 000,000,000 | ---D | C] -- C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}

[2011/11/10 18:07:35 | 000,000,000 | ---D | C] -- C:\Users\Anne-Sophie\AppData\Local\Apple

[2011/11/10 18:06:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple

[2011/11/10 18:06:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Apple

[2011/11/10 14:53:41 | 000,000,000 | ---D | C] -- C:\Users\Anne-Sophie\AppData\Local\Audible

[2011/11/10 14:45:37 | 000,000,000 | ---D | C] -- D:\Eigene Dateien\Documents\Audible

[2011/11/10 14:45:36 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Audible

[2011/11/09 10:07:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Cisco Systems

[2011/11/08 07:27:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LP

 
 ========== Files - Modified Within 30 Days ==========

 

[2011/11/18 12:46:42 | 000,013,936 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

[2011/11/18 12:46:42 | 000,013,936 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

[2011/11/18 12:44:11 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Anne-Sophie\Desktop\OTL.exe

[2011/11/18 12:39:32 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2011/11/18 12:39:25 | 4137,852,928 | -HS- | M] () -- C:\hiberfil.sys

[2011/11/17 18:20:05 | 001,498,506 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI

[2011/11/17 18:20:05 | 000,654,166 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat

[2011/11/17 18:20:05 | 000,616,008 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat

[2011/11/17 18:20:05 | 000,130,006 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat

[2011/11/17 18:20:05 | 000,106,388 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat

[2011/11/17 13:16:19 | 002,322,184 | ---- | M] (ESET) -- C:\Users\Anne-Sophie\Desktop\esetsmartinstaller_enu.exe

[2011/11/17 11:39:00 | 000,001,069 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk

[2011/11/17 09:02:48 | 000,000,000 | ---- | M] () -- C:\Users\Anne-Sophie\defogger_reenable

[2011/11/17 09:00:56 | 000,050,477 | ---- | M] () -- C:\Users\Anne-Sophie\Desktop\Defogger.exe

[2011/11/10 08:42:37 | 000,413,656 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT

[2011/11/09 10:16:36 | 000,001,594 | ---- | M] () -- C:\Windows\VPNUnInstall.MIF

[2011/11/09 10:09:15 | 000,001,594 | ---- | M] () -- C:\Windows\VPNInstall.MIF

[2011/10/25 19:33:14 | 000,000,019 | ---- | M] () -- C:\Windows\popcinfo.dat

 
 ========== Files Created - No Company Name ==========

 

[2011/11/17 11:39:00 | 000,001,069 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk

[2011/11/17 09:02:48 | 000,000,000 | ---- | C] () -- C:\Users\Anne-Sophie\defogger_reenable

[2011/11/17 09:02:25 | 000,050,477 | ---- | C] () -- C:\Users\Anne-Sophie\Desktop\Defogger.exe

[2011/11/09 10:15:34 | 000,001,594 | ---- | C] () -- C:\Windows\VPNUnInstall.MIF

[2011/11/09 10:07:51 | 000,001,594 | ---- | C] () -- C:\Windows\VPNInstall.MIF

[2011/09/15 15:32:13 | 000,000,295 | ---- | C] () -- C:\Windows\MindMan.INI

[2011/07/24 11:43:53 | 000,000,019 | ---- | C] () -- C:\Windows\popcinfo.dat

[2011/06/07 18:21:13 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat

[2011/06/06 21:52:06 | 000,245,261 | ---- | C] () -- C:\Windows\hpoins19.dat

[2011/06/06 21:52:06 | 000,013,898 | ---- | C] () -- C:\Windows\hpomdl19.dat

[2011/06/06 19:39:19 | 000,013,898 | ---- | C] () -- C:\Windows\hpomdl19.dat.temp

[2011/06/05 22:38:16 | 003,131,248 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI

[2011/06/04 14:03:23 | 000,131,368 | ---- | C] () -- C:\ProgramData\FullRemove.exe

[2010/11/24 20:19:19 | 000,002,857 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat

[2010/11/24 04:33:24 | 000,307,200 | ---- | C] () -- C:\Windows\SetDisplayResolution.exe

[2010/11/24 04:05:33 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin

[2010/11/24 03:17:52 | 000,002,614 | ---- | C] () -- C:\Windows\HotFixList.ini

[2010/11/24 03:09:43 | 000,311,296 | ---- | C] () -- C:\Windows\SysWow64\Rezip.exe

[2009/07/14 06:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat

[2009/07/14 03:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT

[2009/07/14 03:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat

[2009/07/14 01:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin

[2009/07/14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll

[2009/07/13 22:59:36 | 000,982,196 | ---- | C] () -- C:\Windows\SysWow64\igkrng500.bin

[2009/07/13 22:59:36 | 000,139,824 | ---- | C] () -- C:\Windows\SysWow64\igfcg500.bin

[2009/07/13 22:59:36 | 000,097,448 | ---- | C] () -- C:\Windows\SysWow64\igfcg500m.bin

[2009/07/13 22:59:35 | 000,417,344 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng500.bin

[2009/07/13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll

[2009/06/10 22:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat

 
 ========== LOP Check ==========

 

[2011/06/06 20:02:34 | 000,000,000 | ---D | M] -- C:\Users\Anne-Sophie\AppData\Roaming\Dropbox

[2011/06/07 15:28:06 | 000,000,000 | ---D | M] -- C:\Users\Anne-Sophie\AppData\Roaming\funkitron

[2011/06/06 20:50:19 | 000,000,000 | ---D | M] -- C:\Users\Anne-Sophie\AppData\Roaming\SoftGrid Client

[2011/06/05 22:39:06 | 000,000,000 | ---D | M] -- C:\Users\Anne-Sophie\AppData\Roaming\TP

[2011/10/11 15:04:35 | 000,032,640 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

 
 ========== Purity Check ==========

 

 

 
 ========== Custom Scans ==========

 

 
 < %ALLUSERSPROFILE%\Application Data\*. >

 
 < %ALLUSERSPROFILE%\Application Data\*.exe /s >

 
 < %APPDATA%\*. >

[2011/09/22 14:06:45 | 000,000,000 | ---D | M] -- C:\Users\Anne-Sophie\AppData\Roaming\Adobe

[2011/06/04 14:19:11 | 000,000,000 | ---D | M] -- C:\Users\Anne-Sophie\AppData\Roaming\ATI

[2011/06/06 20:02:34 | 000,000,000 | ---D | M] -- C:\Users\Anne-Sophie\AppData\Roaming\Dropbox

[2011/06/07 15:28:06 | 000,000,000 | ---D | M] -- C:\Users\Anne-Sophie\AppData\Roaming\funkitron

[2011/06/14 11:45:59 | 000,000,000 | ---D | M] -- C:\Users\Anne-Sophie\AppData\Roaming\HP

[2011/06/04 14:18:31 | 000,000,000 | ---D | M] -- C:\Users\Anne-Sophie\AppData\Roaming\Identities

[2011/06/05 23:11:10 | 000,000,000 | ---D | M] -- C:\Users\Anne-Sophie\AppData\Roaming\Macromedia

[2011/11/17 11:39:08 | 000,000,000 | ---D | M] -- C:\Users\Anne-Sophie\AppData\Roaming\Malwarebytes

[2010/11/24 20:32:43 | 000,000,000 | ---D | M] -- C:\Users\Anne-Sophie\AppData\Roaming\Media Center Programs

[2011/11/15 09:23:47 | 000,000,000 | --SD | M] -- C:\Users\Anne-Sophie\AppData\Roaming\Microsoft

[2011/06/05 22:26:53 | 000,000,000 | ---D | M] -- C:\Users\Anne-Sophie\AppData\Roaming\Mozilla

[2011/10/19 20:58:19 | 000,000,000 | ---D | M] -- C:\Users\Anne-Sophie\AppData\Roaming\Skype

[2011/10/19 20:45:34 | 000,000,000 | ---D | M] -- C:\Users\Anne-Sophie\AppData\Roaming\skypePM

[2011/06/06 20:50:19 | 000,000,000 | ---D | M] -- C:\Users\Anne-Sophie\AppData\Roaming\SoftGrid Client

[2011/06/05 22:39:06 | 000,000,000 | ---D | M] -- C:\Users\Anne-Sophie\AppData\Roaming\TP

[2011/07/27 20:12:19 | 000,000,000 | ---D | M] -- C:\Users\Anne-Sophie\AppData\Roaming\vlc

 
 < %APPDATA%\*.exe /s >

[2011/05/25 21:07:14 | 024,176,560 | ---- | M] (Dropbox, Inc.) -- C:\Users\Anne-Sophie\AppData\Roaming\Dropbox\bin\Dropbox.exe

[2011/05/25 21:07:42 | 000,174,784 | ---- | M] (Dropbox, Inc.) -- C:\Users\Anne-Sophie\AppData\Roaming\Dropbox\bin\Uninstall.exe

[2011/11/06 14:17:12 | 000,425,984 | ---- | M] () -- C:\Users\Anne-Sophie\AppData\Roaming\Mozilla\Firefox\Profiles\d51rcdsi.default\extensions\piclens@cooliris.com\libs\LaunchCooliris.exe

[2011/11/06 14:17:12 | 000,545,792 | ---- | M] () -- C:\Users\Anne-Sophie\AppData\Roaming\Mozilla\Firefox\Profiles\d51rcdsi.default\extensions\piclens@cooliris.com\libs\PicLensHelper.exe

 
 < %SYSTEMDRIVE%\*.exe >

 

 
 < MD5 for: AGP440.SYS  >

[2009/07/14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys

[2009/07/14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys

[2009/07/14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys

[2009/07/14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys

 
 < MD5 for: ATAPI.SYS  >

[2009/07/14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys

[2009/07/14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys

[2009/07/14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys

[2009/07/14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys

 
 < MD5 for: CNGAUDIT.DLL  >

[2009/07/14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll

[2009/07/14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll

[2009/07/14 02:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\SysNative\cngaudit.dll

[2009/07/14 02:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll

 
 < MD5 for: IASTOR.SYS  >

[2010/04/27 08:57:04 | 000,540,696 | ---- | M] (Intel Corporation) MD5=A5F72BB0D024E7E463344105BE613AE4 -- C:\Windows\SysNative\drivers\iaStor.sys

[2010/04/27 08:57:04 | 000,540,696 | ---- | M] (Intel Corporation) MD5=A5F72BB0D024E7E463344105BE613AE4 -- C:\Windows\SysNative\DriverStore\FileRepository\iaahci.inf_amd64_neutral_c62e28b241ae90ea\iaStor.sys

 
 < MD5 for: IASTORV.SYS  >

[2010/11/20 14:33:38 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\SysNative\drivers\iaStorV.sys

[2010/11/20 14:33:38 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_668286aa35d55928\iaStorV.sys

[2010/11/20 14:33:38 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_0d3757e79e6784d0\iaStorV.sys

[2009/07/14 02:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_0b06441fa1790136\iaStorV.sys

 
 < MD5 for: NETLOGON.DLL  >

[2009/07/14 02:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_59aca8ea51aaeefe\netlogon.dll

[2010/11/20 14:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\SysNative\netlogon.dll

[2010/11/20 14:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll

[2010/11/20 13:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SysWOW64\netlogon.dll

[2010/11/20 13:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll

[2009/07/14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_6401533c860bb0f9\netlogon.dll

 
 < MD5 for: NVSTOR.SYS  >

[2009/07/14 02:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvstor.sys

[2010/11/20 14:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\SysNative\drivers\nvstor.sys

[2010/11/20 14:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvstor.sys

[2010/11/20 14:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvstor.sys

 
 < MD5 for: SCECLI.DLL  >

[2009/07/14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll

[2009/07/14 02:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll

[2010/11/20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll

[2010/11/20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll

[2010/11/20 14:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll

[2010/11/20 14:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll

 
 < MD5 for: USER32.DLL  >

[2010/11/20 13:08:57 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\SysWOW64\user32.dll

[2010/11/20 13:08:57 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_35b31c02b85ccb6e\user32.dll

[2009/07/14 02:41:56 | 001,008,640 | ---- | M] (Microsoft Corporation) MD5=72D7B3EA16946E8F0CF7458150031CC6 -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_292d5de8870d85d9\user32.dll

[2009/07/14 02:11:24 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=E8B0FFC209E504CB7E79FC24E6C085F0 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_3382083abb6e47d4\user32.dll

[2010/11/20 14:27:27 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\SysNative\user32.dll

[2010/11/20 14:27:27 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_2b5e71b083fc0973\user32.dll

 
 < MD5 for: USERINIT.EXE  >

[2010/11/20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe

[2010/11/20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe

[2009/07/14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe

[2009/07/14 02:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe

[2010/11/20 14:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe

[2010/11/20 14:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

 
 < MD5 for: WININIT.EXE  >

[2009/07/14 02:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\SysNative\wininit.exe

[2009/07/14 02:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\winsxs\amd64_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_8ce7aa761e01ad49\wininit.exe

[2009/07/14 02:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\SysWOW64\wininit.exe

[2009/07/14 02:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe

 
 < MD5 for: WINLOGON.EXE  >

[2010/11/20 14:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe

[2010/11/20 14:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe

[2009/07/14 02:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe

[2009/10/28 08:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe

[2009/10/28 07:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe

 
 < MD5 for: WS2IFSL.SYS  >

[2009/07/14 01:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\SysNative\drivers\ws2ifsl.sys

[2009/07/14 01:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\winsxs\amd64_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_ab7b927be17eace8\ws2ifsl.sys

 
 < %systemroot%\system32\drivers\*.sys /lockedfiles >

 
 < %systemroot%\System32\config\*.sav >

 
 < %systemroot%\*. /mp /s >

 
 < %systemroot%\system32\*.dll /lockedfiles >

 
 <           >

 
 ========== Files - Unicode (All) ==========

[2011/10/11 21:56:42 | 000,000,040 | ---- | M] ()(C:\Windows\SysNative\?Ì) -- C:\Windows\SysNative\댰Ì

[2011/10/11 21:56:42 | 000,000,040 | ---- | C] ()(C:\Windows\SysNative\?Ì) -- C:\Windows\SysNative\댰Ì

 
 ========== Alternate Data Streams ==========

 

@Alternate Data Stream - 197 bytes -> C:\ProgramData\Temp:FACB65E7

@Alternate Data Stream - 141 bytes -> C:\ProgramData\Temp:268F887D

@Alternate Data Stream - 135 bytes -> C:\ProgramData\Temp:5C270C64

@Alternate Data Stream - 122 bytes -> C:\ProgramData\Temp:8530A643
 

< End of report >

--- --- ---

Mach einen OTL-Fix, beende alle evtl. geöffneten Programme, auch Virenscanner deaktivieren (!), starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!)

Code:

:OTL

FF - prefs.js..browser.search.defaultenginename: "Search Results"

FF - prefs.js..browser.search.order.1: "Search Results"

FF - prefs.js..keyword.URL: "http://dts.search-results.com/sr?src=ffb&appid=102&systemid=406&q="

FF - prefs.js..network.proxy.http: "127.0.0.1 445"

FF - prefs.js..network.proxy.http_port: 60040

[2011/07/27 20:03:20 | 000,002,501 | ---- | M] () -- C:\Users\Anne-Sophie\AppData\Roaming\Mozilla\Firefox\Profiles\d51rcdsi.default\searchplugins\SearchResults.xml

[2011/07/27 20:03:20 | 000,002,501 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\SearchResults.xml

O3:64bit: - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.

O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.

O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.

O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.

O32 - HKLM CDRom: AutoRun - 1

O33 - MountPoints2\{688b3118-9076-11e0-88d0-0024542d7a3f}\Shell - "" = AutoRun

O33 - MountPoints2\{688b3118-9076-11e0-88d0-0024542d7a3f}\Shell\AutoRun\command - "" = G:\SETUP.EXE

O33 - MountPoints2\{688b3118-9076-11e0-88d0-0024542d7a3f}\Shell\configure\command - "" = G:\SETUP.EXE

O33 - MountPoints2\{688b3118-9076-11e0-88d0-0024542d7a3f}\Shell\install\command - "" = G:\SETUP.EXE

[2011/11/08 07:27:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LP

[2011/10/11 21:56:42 | 000,000,040 | ---- | M] ()(C:\Windows\SysNative\?Ì) -- C:\Windows\SysNative\?Ì

[2011/10/11 21:56:42 | 000,000,040 | ---- | C] ()(C:\Windows\SysNative\?Ì) -- C:\Windows\SysNative\?Ì

@Alternate Data Stream - 197 bytes -> C:\ProgramData\Temp:FACB65E7

@Alternate Data Stream - 141 bytes -> C:\ProgramData\Temp:268F887D

@Alternate Data Stream - 135 bytes -> C:\ProgramData\Temp:5C270C64

@Alternate Data Stream - 122 bytes -> C:\ProgramData\Temp:8530A643

:Commands

[emptytemp]

[resethosts]

Klick dann oben links auf den Button Fix!
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet.

Die mit diesem Script gefixten Einträge, Dateien und Ordner werden zur Sicherheit nicht vollständig gelöscht, es wird eine Sicherheitskopie auf der Systempartition im Ordner "_OTL" erstellt.

Hinweis: Das obige Script ist nur für diesen einen User in dieser Situtation erstellt worden. Es ist auf keinen anderen Rechner portierbar und darf nicht anderweitig verwandt werden, da es das System nachhaltig schädigen kann!

Hallo Arne,

Hier der OTL text nach dem Fix:

All processes killed
========== OTL ==========
Prefs.js: "Search Results" removed from browser.search.defaultenginename
Prefs.js: "Search Results" removed from browser.search.order.1
Prefs.js: "hxxp://dts.search-results.com/sr?src=ffb&appid=102&systemid=406&q=" removed from keyword.URL
Prefs.js: "127.0.0.1 445" removed from network.proxy.http
Prefs.js: 60040 removed from network.proxy.http_port
C:\Users\Anne-Sophie\AppData\Roaming\Mozilla\Firefox\Profiles\d51rcdsi.default\searchplugins\SearchResults.xml moved successfully.
C:\Program Files (x86)\Mozilla Firefox\searchplugins\SearchResults.xml moved successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\10 deleted successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\10 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{688b3118-9076-11e0-88d0-0024542d7a3f}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{688b3118-9076-11e0-88d0-0024542d7a3f}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{688b3118-9076-11e0-88d0-0024542d7a3f}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{688b3118-9076-11e0-88d0-0024542d7a3f}\ not found.
File G:\SETUP.EXE not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{688b3118-9076-11e0-88d0-0024542d7a3f}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{688b3118-9076-11e0-88d0-0024542d7a3f}\ not found.
File G:\SETUP.EXE not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{688b3118-9076-11e0-88d0-0024542d7a3f}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{688b3118-9076-11e0-88d0-0024542d7a3f}\ not found.
File G:\SETUP.EXE not found.
C:\Program Files (x86)\LP\A3FC folder moved successfully.
C:\Program Files (x86)\LP folder moved successfully.
File C:\Windows\SysNative\?Ì not found.
File C:\Windows\SysNative\?Ì not found.
ADS C:\ProgramData\Temp:FACB65E7 deleted successfully.
ADS C:\ProgramData\Temp:268F887D deleted successfully.
ADS C:\ProgramData\Temp:5C270C64 deleted successfully.
ADS C:\ProgramData\Temp:8530A643 deleted successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Anne-Sophie
->Temp folder emptied: 701123137 bytes
->Temporary Internet Files folder emptied: 4908590 bytes
->FireFox cache emptied: 200813218 bytes
->Google Chrome cache emptied: 1905008 bytes
->Flash cache emptied: 181910686 bytes

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 180007162 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 53591 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 1,212.00 mb

C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

OTL by OldTimer - Version 3.2.31.0 log created on 11182011_190044

Files\Folders moved on Reboot...
C:\Users\Anne-Sophie\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

Registry entries deleted on Reboot...

LG Anne

Bitte nun dieses Tool von Kaspersky ausführen und das Log posten => http://www.trojaner-board.de/82358-t...entfernen.html

Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet,
Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten.
Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition nach, da speichert der TDSS-Killer seine Logs.

Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten!

http://saved.im/mtkwmtcxexhp/setting...8_16-25-18.jpg

Falls du durch die Infektion auf deine Dokumente/Eigenen Dateien nicht zugreifen kannst, Verknüpfungen auf dem Desktop oder im Startmenü unter "alle Programme" fehlen, bitte unhide ausführen:
Downloade dir bitte unhide.exe und speichere diese Datei auf deinem Desktop.
Starte das Tool und es sollten alle Dateien und Ordner wieder sichtbar sein. ( Könnte eine Weile dauern )
http://www.trojaner-board.de/images/icons/icon4.gif Windows-Vista und Windows-7-User müssen das Tool per Rechtsklick als Administrator ausführen! http://www.trojaner-board.de/images/icons/icon4.gif

Das ging schnell :-)

Hier ist die Text-datei:

19:43:54.0031 3788 TDSS rootkit removing tool 2.6.19.0 Nov 16 2011 12:18:50
19:43:54.0187 3788 ============================================================
19:43:54.0187 3788 Current date / time: 2011/11/18 19:43:54.0187
19:43:54.0187 3788 SystemInfo:
19:43:54.0187 3788
19:43:54.0187 3788 OS Version: 6.1.7601 ServicePack: 1.0
19:43:54.0187 3788 Product type: Workstation
19:43:54.0187 3788 ComputerName: ACHIM
19:43:54.0187 3788 UserName: Anne-Sophie
19:43:54.0187 3788 Windows directory: C:\Windows
19:43:54.0187 3788 System windows directory: C:\Windows
19:43:54.0187 3788 Running under WOW64
19:43:54.0187 3788 Processor architecture: Intel x64
19:43:54.0187 3788 Number of processors: 4
19:43:54.0187 3788 Page size: 0x1000
19:43:54.0187 3788 Boot type: Normal boot
19:43:54.0187 3788 ============================================================
19:43:54.0655 3788 Initialize success
19:44:07.0697 3564 ============================================================
19:44:07.0697 3564 Scan started
19:44:07.0697 3564 Mode: Manual; SigCheck; TDLFS;
19:44:07.0697 3564 ============================================================
19:44:08.0134 3564 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
19:44:08.0290 3564 1394ohci - ok
19:44:08.0414 3564 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
19:44:08.0446 3564 ACPI - ok
19:44:08.0555 3564 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
19:44:08.0648 3564 AcpiPmi - ok
19:44:08.0773 3564 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
19:44:08.0804 3564 adp94xx - ok
19:44:08.0914 3564 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
19:44:08.0945 3564 adpahci - ok
19:44:09.0054 3564 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
19:44:09.0085 3564 adpu320 - ok
19:44:09.0132 3564 AFD (d5b031c308a409a0a576bff4cf083d30) C:\Windows\system32\drivers\afd.sys
19:44:09.0194 3564 AFD - ok
19:44:09.0304 3564 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
19:44:09.0319 3564 agp440 - ok
19:44:09.0460 3564 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
19:44:09.0475 3564 aliide - ok
19:44:09.0600 3564 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
19:44:09.0616 3564 amdide - ok
19:44:09.0725 3564 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
19:44:09.0787 3564 AmdK8 - ok
19:44:10.0021 3564 amdkmdag (3d07f9c090c7a1d76d624972a5384471) C:\Windows\system32\DRIVERS\atikmdag.sys
19:44:10.0271 3564 amdkmdag - ok
19:44:10.0364 3564 amdkmdap (99ab7e4b24c80155dc4296f657faf3c7) C:\Windows\system32\DRIVERS\atikmpag.sys
19:44:10.0427 3564 amdkmdap - ok
19:44:10.0520 3564 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
19:44:10.0567 3564 AmdPPM - ok
19:44:10.0692 3564 amdsata (6ec6d772eae38dc17c14aed9b178d24b) C:\Windows\system32\drivers\amdsata.sys
19:44:10.0708 3564 amdsata - ok
19:44:10.0817 3564 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
19:44:10.0832 3564 amdsbs - ok
19:44:10.0957 3564 amdxata (1142a21db581a84ea5597b03a26ebaa0) C:\Windows\system32\drivers\amdxata.sys
19:44:10.0973 3564 amdxata - ok
19:44:11.0098 3564 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
19:44:11.0269 3564 AppID - ok
19:44:11.0378 3564 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
19:44:11.0410 3564 arc - ok
19:44:11.0441 3564 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
19:44:11.0441 3564 arcsas - ok
19:44:11.0534 3564 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
19:44:11.0690 3564 AsyncMac - ok
19:44:11.0800 3564 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
19:44:11.0815 3564 atapi - ok
19:44:11.0940 3564 athr (2c0bb386e86670bb1b1a57caaef3e50d) C:\Windows\system32\DRIVERS\athrx.sys
19:44:12.0034 3564 athr - ok
19:44:12.0174 3564 AtiHdmiService (77c149e6d702737b2e372dee166faef8) C:\Windows\system32\drivers\AtiHdmi.sys
19:44:12.0205 3564 AtiHdmiService - ok
19:44:12.0346 3564 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
19:44:12.0392 3564 b06bdrv - ok
19:44:12.0502 3564 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
19:44:12.0548 3564 b57nd60a - ok
19:44:12.0673 3564 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
19:44:12.0767 3564 Beep - ok
19:44:12.0892 3564 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
19:44:12.0938 3564 blbdrive - ok
19:44:13.0063 3564 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
19:44:13.0110 3564 bowser - ok
19:44:13.0219 3564 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
19:44:13.0297 3564 BrFiltLo - ok
19:44:13.0391 3564 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
19:44:13.0422 3564 BrFiltUp - ok
19:44:13.0547 3564 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
19:44:13.0609 3564 Brserid - ok
19:44:13.0718 3564 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
19:44:13.0781 3564 BrSerWdm - ok
19:44:13.0874 3564 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
19:44:13.0921 3564 BrUsbMdm - ok
19:44:14.0030 3564 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
19:44:14.0062 3564 BrUsbSer - ok
19:44:14.0171 3564 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys
19:44:14.0233 3564 BthEnum - ok
19:44:14.0327 3564 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
19:44:14.0374 3564 BTHMODEM - ok
19:44:14.0467 3564 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
19:44:14.0545 3564 BthPan - ok
19:44:14.0654 3564 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\Windows\System32\Drivers\BTHport.sys
19:44:14.0717 3564 BTHPORT - ok
19:44:14.0826 3564 BTHUSB (f188b7394d81010767b6df3178519a37) C:\Windows\System32\Drivers\BTHUSB.sys
19:44:14.0857 3564 BTHUSB - ok
19:44:14.0951 3564 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
19:44:15.0029 3564 cdfs - ok
19:44:15.0154 3564 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys
19:44:15.0200 3564 cdrom - ok
19:44:15.0325 3564 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
19:44:15.0388 3564 circlass - ok
19:44:15.0481 3564 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
19:44:15.0497 3564 CLFS - ok
19:44:15.0653 3564 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
19:44:15.0684 3564 CmBatt - ok
19:44:15.0715 3564 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
19:44:15.0746 3564 cmdide - ok
19:44:15.0840 3564 CNG (d5fea92400f12412b3922087c09da6a5) C:\Windows\system32\Drivers\cng.sys
19:44:15.0887 3564 CNG - ok
19:44:15.0980 3564 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
19:44:16.0012 3564 Compbatt - ok
19:44:16.0043 3564 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
19:44:16.0090 3564 CompositeBus - ok
19:44:16.0199 3564 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
19:44:16.0214 3564 crcdisk - ok
19:44:16.0355 3564 CVirtA (44bddeb03c84a1c993c992ffb5700357) C:\Windows\system32\DRIVERS\CVirtA64.sys
19:44:16.0402 3564 CVirtA - ok
19:44:16.0526 3564 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
19:44:16.0604 3564 DfsC - ok
19:44:16.0729 3564 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
19:44:16.0807 3564 discache - ok
19:44:16.0916 3564 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
19:44:16.0948 3564 Disk - ok
19:44:17.0057 3564 DNE (05cb5910b3ca6019fc3cca815ee06ffb) C:\Windows\system32\DRIVERS\dne64x.sys
19:44:17.0072 3564 DNE - ok
19:44:17.0213 3564 Dot4 (b42ed0320c6e41102fde0005154849bb) C:\Windows\system32\DRIVERS\Dot4.sys
19:44:17.0244 3564 Dot4 - ok
19:44:17.0353 3564 Dot4Print (e9f5969233c5d89f3c35e3a66a52a361) C:\Windows\system32\drivers\Dot4Prt.sys
19:44:17.0384 3564 Dot4Print - ok
19:44:17.0509 3564 dot4usb (fd05a02b0370bc3000f402e543ca5814) C:\Windows\system32\DRIVERS\dot4usb.sys
19:44:17.0540 3564 dot4usb - ok
19:44:17.0665 3564 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
19:44:17.0696 3564 drmkaud - ok
19:44:17.0821 3564 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
19:44:17.0852 3564 DXGKrnl - ok
19:44:18.0024 3564 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
19:44:18.0164 3564 ebdrv - ok
19:44:18.0305 3564 ElbyCDIO (a05fc7eca0966ebb70e4d17b855a853b) C:\Windows\system32\Drivers\ElbyCDIO.sys
19:44:18.0320 3564 ElbyCDIO - ok
19:44:18.0430 3564 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
19:44:18.0461 3564 elxstor - ok
19:44:18.0570 3564 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
19:44:18.0601 3564 ErrDev - ok
19:44:18.0710 3564 ETD (438021c3f32f30e227d0f5dfd118b7b1) C:\Windows\system32\DRIVERS\ETD.sys
19:44:18.0757 3564 ETD - ok
19:44:18.0851 3564 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
19:44:18.0929 3564 exfat - ok
19:44:19.0022 3564 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
19:44:19.0085 3564 fastfat - ok
19:44:19.0194 3564 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
19:44:19.0225 3564 fdc - ok
19:44:19.0319 3564 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
19:44:19.0350 3564 FileInfo - ok
19:44:19.0366 3564 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
19:44:19.0444 3564 Filetrace - ok
19:44:19.0537 3564 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
19:44:19.0584 3564 flpydisk - ok
19:44:19.0678 3564 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
19:44:19.0709 3564 FltMgr - ok
19:44:19.0802 3564 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
19:44:19.0834 3564 FsDepends - ok
19:44:19.0865 3564 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
19:44:19.0896 3564 Fs_Rec - ok
19:44:19.0974 3564 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
19:44:20.0005 3564 fvevol - ok
19:44:20.0052 3564 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
19:44:20.0068 3564 gagp30kx - ok
19:44:20.0130 3564 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
19:44:20.0177 3564 hcw85cir - ok
19:44:20.0302 3564 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
19:44:20.0348 3564 HdAudAddService - ok
19:44:20.0473 3564 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
19:44:20.0520 3564 HDAudBus - ok
19:44:20.0598 3564 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
19:44:20.0645 3564 HidBatt - ok
19:44:20.0645 3564 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
19:44:20.0676 3564 HidBth - ok
19:44:20.0770 3564 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
19:44:20.0816 3564 HidIr - ok
19:44:20.0941 3564 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
19:44:20.0988 3564 HidUsb - ok
19:44:21.0128 3564 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
19:44:21.0144 3564 HpSAMD - ok
19:44:21.0269 3564 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
19:44:21.0347 3564 HTTP - ok
19:44:21.0456 3564 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
19:44:21.0472 3564 hwpolicy - ok
19:44:21.0534 3564 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
19:44:21.0565 3564 i8042prt - ok
19:44:21.0643 3564 iaStor (a5f72bb0d024e7e463344105be613ae4) C:\Windows\system32\DRIVERS\iaStor.sys
19:44:21.0674 3564 iaStor - ok
19:44:21.0799 3564 iaStorV (3df4395a7cf8b7a72a5f4606366b8c2d) C:\Windows\system32\drivers\iaStorV.sys
19:44:21.0830 3564 iaStorV - ok
19:44:22.0049 3564 igfx (a87261ef1546325b559374f5689cf5bc) C:\Windows\system32\DRIVERS\igdkmd64.sys
19:44:22.0236 3564 igfx - ok
19:44:22.0345 3564 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
19:44:22.0361 3564 iirsp - ok
19:44:22.0423 3564 Impcd (dd587a55390ed2295bce6d36ad567da9) C:\Windows\system32\DRIVERS\Impcd.sys
19:44:22.0454 3564 Impcd - ok
19:44:22.0610 3564 IntcAzAudAddService (0adf714079ae174a39d69036143e4c50) C:\Windows\system32\drivers\RTKVHD64.sys
19:44:22.0657 3564 IntcAzAudAddService - ok
19:44:22.0782 3564 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
19:44:22.0798 3564 intelide - ok
19:44:22.0907 3564 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
19:44:22.0938 3564 intelppm - ok
19:44:23.0063 3564 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:44:23.0125 3564 IpFilterDriver - ok
19:44:23.0172 3564 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
19:44:23.0234 3564 IPMIDRV - ok
19:44:23.0328 3564 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
19:44:23.0390 3564 IPNAT - ok
19:44:23.0500 3564 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
19:44:23.0531 3564 IRENUM - ok
19:44:23.0656 3564 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
19:44:23.0671 3564 isapnp - ok
19:44:23.0765 3564 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
19:44:23.0796 3564 iScsiPrt - ok
19:44:23.0905 3564 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
19:44:23.0936 3564 kbdclass - ok
19:44:24.0046 3564 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
19:44:24.0077 3564 kbdhid - ok
19:44:24.0186 3564 KSecDD (ccd53b5bd33ce0c889e830d839c8b66e) C:\Windows\system32\Drivers\ksecdd.sys
19:44:24.0202 3564 KSecDD - ok
19:44:24.0233 3564 KSecPkg (9ff918a261752c12639e8ad4208d2c2f) C:\Windows\system32\Drivers\ksecpkg.sys
19:44:24.0248 3564 KSecPkg - ok
19:44:24.0342 3564 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
19:44:24.0420 3564 ksthunk - ok
19:44:24.0529 3564 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
19:44:24.0607 3564 lltdio - ok
19:44:24.0732 3564 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
19:44:24.0748 3564 LSI_FC - ok
19:44:24.0872 3564 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
19:44:24.0888 3564 LSI_SAS - ok
19:44:24.0997 3564 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
19:44:25.0028 3564 LSI_SAS2 - ok
19:44:25.0138 3564 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
19:44:25.0169 3564 LSI_SCSI - ok
19:44:25.0184 3564 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
19:44:25.0247 3564 luafv - ok
19:44:25.0372 3564 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
19:44:25.0387 3564 megasas - ok
19:44:25.0496 3564 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
19:44:25.0528 3564 MegaSR - ok
19:44:25.0559 3564 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
19:44:25.0637 3564 Modem - ok
19:44:25.0746 3564 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
19:44:25.0777 3564 monitor - ok
19:44:25.0886 3564 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
19:44:25.0918 3564 mouclass - ok
19:44:26.0011 3564 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
19:44:26.0058 3564 mouhid - ok
19:44:26.0152 3564 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
19:44:26.0167 3564 mountmgr - ok
19:44:26.0214 3564 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
19:44:26.0230 3564 mpio - ok
19:44:26.0323 3564 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
19:44:26.0401 3564 mpsdrv - ok
19:44:26.0495 3564 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
19:44:26.0604 3564 MRxDAV - ok
19:44:26.0698 3564 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
19:44:26.0744 3564 mrxsmb - ok
19:44:26.0838 3564 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:44:26.0885 3564 mrxsmb10 - ok
19:44:26.0978 3564 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:44:27.0025 3564 mrxsmb20 - ok
19:44:27.0134 3564 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
19:44:27.0150 3564 msahci - ok
19:44:27.0259 3564 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
19:44:27.0275 3564 msdsm - ok
19:44:27.0384 3564 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
19:44:27.0446 3564 Msfs - ok
19:44:27.0478 3564 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
19:44:27.0524 3564 mshidkmdf - ok
19:44:27.0602 3564 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
19:44:27.0618 3564 msisadrv - ok
19:44:27.0743 3564 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
19:44:27.0805 3564 MSKSSRV - ok
19:44:27.0899 3564 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
19:44:27.0961 3564 MSPCLOCK - ok
19:44:28.0055 3564 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
19:44:28.0133 3564 MSPQM - ok
19:44:28.0242 3564 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
19:44:28.0273 3564 MsRPC - ok
19:44:28.0382 3564 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
19:44:28.0398 3564 mssmbios - ok
19:44:28.0507 3564 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
19:44:28.0570 3564 MSTEE - ok
19:44:28.0648 3564 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
19:44:28.0694 3564 MTConfig - ok
19:44:28.0804 3564 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
19:44:28.0819 3564 Mup - ok
19:44:28.0944 3564 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
19:44:28.0991 3564 NativeWifiP - ok
19:44:29.0147 3564 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
19:44:29.0178 3564 NDIS - ok
19:44:29.0287 3564 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
19:44:29.0350 3564 NdisCap - ok
19:44:29.0459 3564 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
19:44:29.0537 3564 NdisTapi - ok
19:44:29.0646 3564 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
19:44:29.0724 3564 Ndisuio - ok
19:44:29.0818 3564 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
19:44:29.0896 3564 NdisWan - ok
19:44:30.0005 3564 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
19:44:30.0083 3564 NDProxy - ok
19:44:30.0208 3564 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
19:44:30.0286 3564 NetBIOS - ok
19:44:30.0379 3564 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
19:44:30.0442 3564 NetBT - ok
19:44:30.0566 3564 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
19:44:30.0598 3564 nfrd960 - ok
19:44:30.0707 3564 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
19:44:30.0769 3564 Npfs - ok
19:44:30.0878 3564 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
19:44:30.0941 3564 nsiproxy - ok
19:44:31.0081 3564 Ntfs (05d78aa5cb5f3f5c31160bdb955d0b7c) C:\Windows\system32\drivers\Ntfs.sys
19:44:31.0128 3564 Ntfs - ok
19:44:31.0222 3564 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
19:44:31.0300 3564 Null - ok
19:44:31.0424 3564 nvraid (5d9fd91f3d38dc9da01e3cb5fa89cd48) C:\Windows\system32\drivers\nvraid.sys
19:44:31.0440 3564 nvraid - ok
19:44:31.0565 3564 nvstor (f7cd50fe7139f07e77da8ac8033d1832) C:\Windows\system32\drivers\nvstor.sys
19:44:31.0580 3564 nvstor - ok
19:44:31.0690 3564 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
19:44:31.0721 3564 nv_agp - ok
19:44:31.0830 3564 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
19:44:31.0877 3564 ohci1394 - ok
19:44:32.0017 3564 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
19:44:32.0048 3564 Parport - ok
19:44:32.0095 3564 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
19:44:32.0095 3564 partmgr - ok
19:44:32.0204 3564 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
19:44:32.0220 3564 pci - ok
19:44:32.0251 3564 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
19:44:32.0267 3564 pciide - ok
19:44:32.0360 3564 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
19:44:32.0392 3564 pcmcia - ok
19:44:32.0407 3564 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
19:44:32.0423 3564 pcw - ok
19:44:32.0516 3564 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
19:44:32.0610 3564 PEAUTH - ok
19:44:32.0782 3564 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
19:44:32.0844 3564 PptpMiniport - ok
19:44:32.0938 3564 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
19:44:32.0984 3564 Processor - ok
19:44:33.0109 3564 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
19:44:33.0187 3564 Psched - ok
19:44:33.0328 3564 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
19:44:33.0374 3564 ql2300 - ok
19:44:33.0468 3564 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
19:44:33.0499 3564 ql40xx - ok
19:44:33.0530 3564 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
19:44:33.0577 3564 QWAVEdrv - ok
19:44:33.0671 3564 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
19:44:33.0733 3564 RasAcd - ok
19:44:33.0827 3564 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
19:44:33.0889 3564 RasAgileVpn - ok
19:44:33.0936 3564 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
19:44:34.0014 3564 Rasl2tp - ok
19:44:34.0123 3564 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
19:44:34.0170 3564 RasPppoe - ok
19:44:34.0279 3564 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
19:44:34.0357 3564 RasSstp - ok
19:44:34.0466 3564 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
19:44:34.0544 3564 rdbss - ok
19:44:34.0638 3564 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
19:44:34.0669 3564 rdpbus - ok
19:44:34.0763 3564 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
19:44:34.0856 3564 RDPCDD - ok
19:44:34.0966 3564 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
19:44:35.0028 3564 RDPENCDD - ok
19:44:35.0137 3564 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
19:44:35.0215 3564 RDPREFMP - ok
19:44:35.0309 3564 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys
19:44:35.0387 3564 RDPWD - ok
19:44:35.0496 3564 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
19:44:35.0527 3564 rdyboost - ok
19:44:35.0683 3564 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
19:44:35.0730 3564 RFCOMM - ok
19:44:35.0839 3564 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
19:44:35.0902 3564 rspndr - ok
19:44:36.0011 3564 RTL8167 (baefee35d27a5440d35092ce10267bec) C:\Windows\system32\DRIVERS\Rt64win7.sys
19:44:36.0042 3564 RTL8167 - ok
19:44:36.0136 3564 rtport (4ca0dba9e224473d664c25e411f5a3bd) C:\Windows\SysWOW64\drivers\rtport.sys
19:44:36.0151 3564 rtport - ok
19:44:36.0229 3564 SABI (62db6cc4b0818f1b5f3441241b098f12) C:\Windows\system32\Drivers\SABI.sys
19:44:36.0260 3564 SABI - ok
19:44:36.0370 3564 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
19:44:36.0385 3564 sbp2port - ok
19:44:36.0494 3564 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
19:44:36.0557 3564 scfilter - ok
19:44:36.0682 3564 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
19:44:36.0775 3564 secdrv - ok
19:44:36.0884 3564 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
19:44:36.0931 3564 Serenum - ok
19:44:37.0040 3564 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
19:44:37.0087 3564 Serial - ok
19:44:37.0181 3564 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
19:44:37.0228 3564 sermouse - ok
19:44:37.0337 3564 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
19:44:37.0384 3564 sffdisk - ok
19:44:37.0477 3564 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
19:44:37.0508 3564 sffp_mmc - ok
19:44:37.0618 3564 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
19:44:37.0649 3564 sffp_sd - ok
19:44:37.0742 3564 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
19:44:37.0774 3564 sfloppy - ok
19:44:37.0898 3564 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
19:44:37.0930 3564 SiSRaid2 - ok
19:44:38.0023 3564 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
19:44:38.0039 3564 SiSRaid4 - ok
19:44:38.0148 3564 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
19:44:38.0226 3564 Smb - ok
19:44:38.0335 3564 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
19:44:38.0351 3564 spldr - ok
19:44:38.0460 3564 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
19:44:38.0507 3564 srv - ok
19:44:38.0616 3564 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
19:44:38.0678 3564 srv2 - ok
19:44:38.0803 3564 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
19:44:38.0834 3564 srvnet - ok
19:44:38.0959 3564 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
19:44:38.0975 3564 stexstor - ok
19:44:39.0084 3564 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
19:44:39.0100 3564 swenum - ok
19:44:39.0271 3564 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
19:44:39.0318 3564 Tcpip - ok
19:44:39.0458 3564 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
19:44:39.0505 3564 TCPIP6 - ok
19:44:39.0599 3564 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
19:44:39.0692 3564 tcpipreg - ok
19:44:39.0770 3564 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
19:44:39.0864 3564 TDPIPE - ok
19:44:39.0958 3564 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
19:44:40.0020 3564 TDTCP - ok
19:44:40.0051 3564 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
19:44:40.0114 3564 tdx - ok
19:44:40.0223 3564 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
19:44:40.0238 3564 TermDD - ok
19:44:40.0363 3564 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
19:44:40.0441 3564 tssecsrv - ok
19:44:40.0550 3564 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
19:44:40.0597 3564 TsUsbFlt - ok
19:44:40.0722 3564 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
19:44:40.0800 3564 tunnel - ok
19:44:40.0909 3564 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
19:44:40.0925 3564 uagp35 - ok
19:44:41.0034 3564 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
19:44:41.0128 3564 udfs - ok
19:44:41.0237 3564 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
19:44:41.0252 3564 uliagpkx - ok
19:44:41.0362 3564 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
19:44:41.0393 3564 umbus - ok
19:44:41.0502 3564 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
19:44:41.0518 3564 UmPass - ok
19:44:41.0627 3564 usbccgp (481dff26b4dca8f4cbac1f7dce1d6829) C:\Windows\system32\DRIVERS\usbccgp.sys
19:44:41.0658 3564 usbccgp - ok
19:44:41.0752 3564 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
19:44:41.0798 3564 usbcir - ok
19:44:41.0908 3564 usbehci (74ee782b1d9c241efe425565854c661c) C:\Windows\system32\drivers\usbehci.sys
19:44:41.0939 3564 usbehci - ok
19:44:42.0064 3564 usbhub (dc96bd9ccb8403251bcf25047573558e) C:\Windows\system32\drivers\usbhub.sys
19:44:42.0095 3564 usbhub - ok
19:44:42.0204 3564 usbohci (58e546bbaf87664fc57e0f6081e4f609) C:\Windows\system32\drivers\usbohci.sys
19:44:42.0235 3564 usbohci - ok
19:44:42.0329 3564 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
19:44:42.0360 3564 usbprint - ok
19:44:42.0469 3564 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
19:44:42.0500 3564 usbscan - ok
19:44:42.0625 3564 USBSTOR (d76510cfa0fc09023077f22c2f979d86) C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:44:42.0656 3564 USBSTOR - ok
19:44:42.0766 3564 usbuhci (81fb2216d3a60d1284455d511797db3d) C:\Windows\system32\drivers\usbuhci.sys
19:44:42.0797 3564 usbuhci - ok
19:44:42.0922 3564 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys
19:44:42.0968 3564 usbvideo - ok
19:44:43.0093 3564 VClone (fd911873c0bb6945fa38c16e9a2b58f9) C:\Windows\system32\DRIVERS\VClone.sys
19:44:43.0124 3564 VClone - ok
19:44:43.0249 3564 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
19:44:43.0265 3564 vdrvroot - ok
19:44:43.0358 3564 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
19:44:43.0390 3564 vga - ok
19:44:43.0499 3564 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
19:44:43.0561 3564 VgaSave - ok
19:44:43.0670 3564 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
19:44:43.0702 3564 vhdmp - ok
19:44:43.0795 3564 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
19:44:43.0811 3564 viaide - ok
19:44:43.0936 3564 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
19:44:43.0951 3564 volmgr - ok
19:44:44.0060 3564 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
19:44:44.0092 3564 volmgrx - ok
19:44:44.0138 3564 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
19:44:44.0154 3564 volsnap - ok
19:44:44.0263 3564 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
19:44:44.0279 3564 vsmraid - ok
19:44:44.0310 3564 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
19:44:44.0341 3564 vwifibus - ok
19:44:44.0450 3564 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
19:44:44.0482 3564 vwififlt - ok
19:44:44.0606 3564 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
19:44:44.0638 3564 WacomPen - ok
19:44:44.0747 3564 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
19:44:44.0809 3564 WANARP - ok
19:44:44.0825 3564 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
19:44:44.0856 3564 Wanarpv6 - ok
19:44:44.0965 3564 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
19:44:44.0981 3564 Wd - ok
19:44:45.0106 3564 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
19:44:45.0137 3564 Wdf01000 - ok
19:44:45.0277 3564 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
19:44:45.0324 3564 WfpLwf - ok
19:44:45.0433 3564 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
19:44:45.0449 3564 WIMMount - ok
19:44:45.0589 3564 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
19:44:45.0636 3564 WinUsb - ok
19:44:45.0761 3564 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
19:44:45.0792 3564 WmiAcpi - ok
19:44:45.0917 3564 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
19:44:45.0979 3564 ws2ifsl - ok
19:44:46.0088 3564 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
19:44:46.0151 3564 WudfPf - ok
19:44:46.0260 3564 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
19:44:46.0322 3564 WUDFRd - ok
19:44:46.0447 3564 yukonw7 (64f88af327aa74e03658ae32b48ccb8b) C:\Windows\system32\DRIVERS\yk62x64.sys
19:44:46.0510 3564 yukonw7 - ok
19:44:46.0556 3564 MBR (0x1B8) (2e5debb2116b3417023e0d6562d7ed07) \Device\Harddisk0\DR0
19:44:46.0884 3564 \Device\Harddisk0\DR0 - ok
19:44:46.0884 3564 Boot (0x1200) (98fa392a7f5f4a5eae8d5aa6861452c8) \Device\Harddisk0\DR0\Partition0
19:44:46.0884 3564 \Device\Harddisk0\DR0\Partition0 - ok
19:44:46.0915 3564 Boot (0x1200) (cc75d30f2f0698386f4ed95d4252d4b1) \Device\Harddisk0\DR0\Partition1
19:44:46.0915 3564 \Device\Harddisk0\DR0\Partition1 - ok
19:44:46.0931 3564 Boot (0x1200) (605c74d0e2f457ca77f95b0a7a191e53) \Device\Harddisk0\DR0\Partition2
19:44:46.0931 3564 \Device\Harddisk0\DR0\Partition2 - ok
19:44:46.0931 3564 ============================================================
19:44:46.0931 3564 Scan finished
19:44:46.0931 3564 ============================================================
19:44:46.0946 2940 Detected object count: 0
19:44:46.0946 2940 Actual detected object count: 0
19:45:17.0912 2272 ============================================================
19:45:17.0912 2272 Scan started
19:45:17.0912 2272 Mode: Manual; SigCheck; TDLFS;
19:45:17.0912 2272 ============================================================
19:45:18.0084 2272 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
19:45:18.0131 2272 1394ohci - ok
19:45:18.0240 2272 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
19:45:18.0271 2272 ACPI - ok
19:45:18.0365 2272 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
19:45:18.0396 2272 AcpiPmi - ok
19:45:18.0490 2272 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
19:45:18.0521 2272 adp94xx - ok
19:45:18.0630 2272 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
19:45:18.0661 2272 adpahci - ok
19:45:18.0677 2272 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
19:45:18.0692 2272 adpu320 - ok
19:45:18.0786 2272 AFD (d5b031c308a409a0a576bff4cf083d30) C:\Windows\system32\drivers\afd.sys
19:45:18.0817 2272 AFD - ok
19:45:18.0926 2272 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
19:45:18.0942 2272 agp440 - ok
19:45:18.0973 2272 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
19:45:18.0989 2272 aliide - ok
19:45:19.0082 2272 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
19:45:19.0098 2272 amdide - ok
19:45:19.0192 2272 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
19:45:19.0207 2272 AmdK8 - ok
19:45:19.0379 2272 amdkmdag (3d07f9c090c7a1d76d624972a5384471) C:\Windows\system32\DRIVERS\atikmdag.sys
19:45:19.0457 2272 amdkmdag - ok
19:45:19.0628 2272 amdkmdap (99ab7e4b24c80155dc4296f657faf3c7) C:\Windows\system32\DRIVERS\atikmpag.sys
19:45:19.0660 2272 amdkmdap - ok
19:45:19.0691 2272 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
19:45:19.0706 2272 AmdPPM - ok
19:45:19.0800 2272 amdsata (6ec6d772eae38dc17c14aed9b178d24b) C:\Windows\system32\drivers\amdsata.sys
19:45:19.0816 2272 amdsata - ok
19:45:19.0909 2272 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
19:45:19.0925 2272 amdsbs - ok
19:45:19.0972 2272 amdxata (1142a21db581a84ea5597b03a26ebaa0) C:\Windows\system32\drivers\amdxata.sys
19:45:19.0972 2272 amdxata - ok
19:45:20.0081 2272 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
19:45:20.0128 2272 AppID - ok
19:45:20.0174 2272 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
19:45:20.0190 2272 arc - ok
19:45:20.0268 2272 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
19:45:20.0284 2272 arcsas - ok
19:45:20.0315 2272 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
19:45:20.0362 2272 AsyncMac - ok
19:45:20.0455 2272 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
19:45:20.0471 2272 atapi - ok
19:45:20.0533 2272 athr (2c0bb386e86670bb1b1a57caaef3e50d) C:\Windows\system32\DRIVERS\athrx.sys
19:45:20.0564 2272 athr - ok
19:45:20.0658 2272 AtiHdmiService (77c149e6d702737b2e372dee166faef8) C:\Windows\system32\drivers\AtiHdmi.sys
19:45:20.0674 2272 AtiHdmiService - ok
19:45:20.0783 2272 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
19:45:20.0814 2272 b06bdrv - ok
19:45:20.0908 2272 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
19:45:20.0939 2272 b57nd60a - ok
19:45:20.0970 2272 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
19:45:21.0001 2272 Beep - ok
19:45:21.0032 2272 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
19:45:21.0048 2272 blbdrive - ok
19:45:21.0142 2272 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
19:45:21.0157 2272 bowser - ok
19:45:21.0251 2272 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
19:45:21.0282 2272 BrFiltLo - ok
19:45:21.0282 2272 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
19:45:21.0298 2272 BrFiltUp - ok
19:45:21.0329 2272 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
19:45:21.0344 2272 Brserid - ok
19:45:21.0438 2272 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
19:45:21.0469 2272 BrSerWdm - ok
19:45:21.0485 2272 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
19:45:21.0500 2272 BrUsbMdm - ok
19:45:21.0516 2272 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
19:45:21.0532 2272 BrUsbSer - ok
19:45:21.0610 2272 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys
19:45:21.0625 2272 BthEnum - ok
19:45:21.0656 2272 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
19:45:21.0672 2272 BTHMODEM - ok
19:45:21.0766 2272 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
19:45:21.0797 2272 BthPan - ok
19:45:21.0828 2272 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\Windows\System32\Drivers\BTHport.sys
19:45:21.0859 2272 BTHPORT - ok
19:45:21.0937 2272 BTHUSB (f188b7394d81010767b6df3178519a37) C:\Windows\System32\Drivers\BTHUSB.sys
19:45:21.0953 2272 BTHUSB - ok
19:45:21.0984 2272 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
19:45:22.0031 2272 cdfs - ok
19:45:22.0124 2272 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys
19:45:22.0156 2272 cdrom - ok
19:45:22.0249 2272 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
19:45:22.0280 2272 circlass - ok
19:45:22.0296 2272 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
19:45:22.0312 2272 CLFS - ok
19:45:22.0405 2272 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
19:45:22.0436 2272 CmBatt - ok
19:45:22.0468 2272 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
19:45:22.0483 2272 cmdide - ok
19:45:22.0577 2272 CNG (d5fea92400f12412b3922087c09da6a5) C:\Windows\system32\Drivers\cng.sys
19:45:22.0608 2272 CNG - ok
19:45:22.0702 2272 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
19:45:22.0717 2272 Compbatt - ok
19:45:22.0748 2272 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
19:45:22.0764 2272 CompositeBus - ok
19:45:22.0842 2272 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
19:45:22.0873 2272 crcdisk - ok
19:45:22.0904 2272 CVirtA (44bddeb03c84a1c993c992ffb5700357) C:\Windows\system32\DRIVERS\CVirtA64.sys
19:45:22.0904 2272 CVirtA - ok
19:45:23.0014 2272 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
19:45:23.0060 2272 DfsC - ok
19:45:23.0092 2272 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
19:45:23.0138 2272 discache - ok
19:45:23.0216 2272 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
19:45:23.0248 2272 Disk - ok
19:45:23.0279 2272 DNE (05cb5910b3ca6019fc3cca815ee06ffb) C:\Windows\system32\DRIVERS\dne64x.sys
19:45:23.0294 2272 DNE - ok
19:45:23.0404 2272 Dot4 (b42ed0320c6e41102fde0005154849bb) C:\Windows\system32\DRIVERS\Dot4.sys
19:45:23.0435 2272 Dot4 - ok
19:45:23.0544 2272 Dot4Print (e9f5969233c5d89f3c35e3a66a52a361) C:\Windows\system32\drivers\Dot4Prt.sys
19:45:23.0575 2272 Dot4Print - ok
19:45:23.0669 2272 dot4usb (fd05a02b0370bc3000f402e543ca5814) C:\Windows\system32\DRIVERS\dot4usb.sys
19:45:23.0700 2272 dot4usb - ok
19:45:23.0794 2272 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
19:45:23.0825 2272 drmkaud - ok
19:45:23.0887 2272 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
19:45:23.0918 2272 DXGKrnl - ok
19:45:24.0090 2272 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
19:45:24.0121 2272 ebdrv - ok
19:45:24.0230 2272 ElbyCDIO (a05fc7eca0966ebb70e4d17b855a853b) C:\Windows\system32\Drivers\ElbyCDIO.sys
19:45:24.0246 2272 ElbyCDIO - ok
19:45:24.0277 2272 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
19:45:24.0308 2272 elxstor - ok
19:45:24.0402 2272 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
19:45:24.0418 2272 ErrDev - ok
19:45:24.0511 2272 ETD (438021c3f32f30e227d0f5dfd118b7b1) C:\Windows\system32\DRIVERS\ETD.sys
19:45:24.0527 2272 ETD - ok
19:45:24.0558 2272 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
19:45:24.0605 2272 exfat - ok
19:45:24.0683 2272 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
19:45:24.0745 2272 fastfat - ok
19:45:24.0761 2272 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
19:45:24.0776 2272 fdc - ok
19:45:24.0870 2272 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
19:45:24.0886 2272 FileInfo - ok
19:45:24.0901 2272 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
19:45:24.0948 2272 Filetrace - ok
19:45:25.0026 2272 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
19:45:25.0057 2272 flpydisk - ok
19:45:25.0088 2272 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
19:45:25.0104 2272 FltMgr - ok
19:45:25.0198 2272 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
19:45:25.0213 2272 FsDepends - ok
19:45:25.0244 2272 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
19:45:25.0244 2272 Fs_Rec - ok
19:45:25.0338 2272 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
19:45:25.0369 2272 fvevol - ok
19:45:25.0385 2272 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
19:45:25.0400 2272 gagp30kx - ok
19:45:25.0494 2272 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
19:45:25.0510 2272 hcw85cir - ok
19:45:25.0556 2272 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
19:45:25.0588 2272 HdAudAddService - ok
19:45:25.0697 2272 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
19:45:25.0728 2272 HDAudBus - ok
19:45:25.0806 2272 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
19:45:25.0837 2272 HidBatt - ok
19:45:25.0853 2272 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
19:45:25.0868 2272 HidBth - ok
19:45:25.0868 2272 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
19:45:25.0884 2272 HidIr - ok
19:45:25.0931 2272 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
19:45:25.0931 2272 HidUsb - ok
19:45:26.0040 2272 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
19:45:26.0056 2272 HpSAMD - ok
19:45:26.0165 2272 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
19:45:26.0227 2272 HTTP - ok
19:45:26.0321 2272 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
19:45:26.0336 2272 hwpolicy - ok
19:45:26.0368 2272 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
19:45:26.0383 2272 i8042prt - ok
19:45:26.0492 2272 iaStor (a5f72bb0d024e7e463344105be613ae4) C:\Windows\system32\DRIVERS\iaStor.sys
19:45:26.0524 2272 iaStor - ok
19:45:26.0633 2272 iaStorV (3df4395a7cf8b7a72a5f4606366b8c2d) C:\Windows\system32\drivers\iaStorV.sys
19:45:26.0664 2272 iaStorV - ok
19:45:26.0867 2272 igfx (a87261ef1546325b559374f5689cf5bc) C:\Windows\system32\DRIVERS\igdkmd64.sys
19:45:26.0945 2272 igfx - ok
19:45:27.0116 2272 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
19:45:27.0132 2272 iirsp - ok
19:45:27.0179 2272 Impcd (dd587a55390ed2295bce6d36ad567da9) C:\Windows\system32\DRIVERS\Impcd.sys
19:45:27.0194 2272 Impcd - ok
19:45:27.0350 2272 IntcAzAudAddService (0adf714079ae174a39d69036143e4c50) C:\Windows\system32\drivers\RTKVHD64.sys
19:45:27.0397 2272 IntcAzAudAddService - ok
19:45:27.0506 2272 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
19:45:27.0522 2272 intelide - ok
19:45:27.0616 2272 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
19:45:27.0631 2272 intelppm - ok
19:45:27.0678 2272 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:45:27.0709 2272 IpFilterDriver - ok
19:45:27.0818 2272 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
19:45:27.0834 2272 IPMIDRV - ok
19:45:27.0928 2272 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
19:45:27.0990 2272 IPNAT - ok
19:45:27.0990 2272 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
19:45:28.0006 2272 IRENUM - ok
19:45:28.0037 2272 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
19:45:28.0052 2272 isapnp - ok
19:45:28.0162 2272 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
19:45:28.0193 2272 iScsiPrt - ok
19:45:28.0286 2272 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
19:45:28.0302 2272 kbdclass - ok
19:45:28.0411 2272 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
19:45:28.0427 2272 kbdhid - ok
19:45:28.0474 2272 KSecDD (ccd53b5bd33ce0c889e830d839c8b66e) C:\Windows\system32\Drivers\ksecdd.sys
19:45:28.0489 2272 KSecDD - ok
19:45:28.0583 2272 KSecPkg (9ff918a261752c12639e8ad4208d2c2f) C:\Windows\system32\Drivers\ksecpkg.sys
19:45:28.0598 2272 KSecPkg - ok
19:45:28.0630 2272 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
19:45:28.0661 2272 ksthunk - ok
19:45:28.0754 2272 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
19:45:28.0817 2272 lltdio - ok
19:45:28.0832 2272 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
19:45:28.0848 2272 LSI_FC - ok
19:45:28.0942 2272 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
19:45:28.0957 2272 LSI_SAS - ok
19:45:28.0988 2272 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
19:45:28.0988 2272 LSI_SAS2 - ok
19:45:29.0082 2272 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
19:45:29.0113 2272 LSI_SCSI - ok
19:45:29.0129 2272 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
19:45:29.0176 2272 luafv - ok
19:45:29.0269 2272 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
19:45:29.0285 2272 megasas - ok
19:45:29.0316 2272 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
19:45:29.0332 2272 MegaSR - ok
19:45:29.0425 2272 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
19:45:29.0488 2272 Modem - ok
19:45:29.0503 2272 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
19:45:29.0519 2272 monitor - ok
19:45:29.0628 2272 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
19:45:29.0644 2272 mouclass - ok
19:45:29.0737 2272 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
19:45:29.0753 2272 mouhid - ok
19:45:29.0800 2272 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
19:45:29.0815 2272 mountmgr - ok
19:45:29.0909 2272 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
19:45:29.0940 2272 mpio - ok
19:45:29.0956 2272 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
19:45:30.0002 2272 mpsdrv - ok
19:45:30.0096 2272 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
19:45:30.0127 2272 MRxDAV - ok
19:45:30.0158 2272 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
19:45:30.0174 2272 mrxsmb - ok
19:45:30.0268 2272 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:45:30.0299 2272 mrxsmb10 - ok
19:45:30.0330 2272 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:45:30.0330 2272 mrxsmb20 - ok
19:45:30.0439 2272 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
19:45:30.0455 2272 msahci - ok
19:45:30.0548 2272 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
19:45:30.0580 2272 msdsm - ok
19:45:30.0611 2272 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
19:45:30.0658 2272 Msfs - ok
19:45:30.0751 2272 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
19:45:30.0798 2272 mshidkmdf - ok
19:45:30.0814 2272 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
19:45:30.0829 2272 msisadrv - ok
19:45:30.0923 2272 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
19:45:30.0985 2272 MSKSSRV - ok
19:45:31.0001 2272 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
19:45:31.0032 2272 MSPCLOCK - ok
19:45:31.0126 2272 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
19:45:31.0172 2272 MSPQM - ok
19:45:31.0219 2272 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
19:45:31.0250 2272 MsRPC - ok
19:45:31.0344 2272 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
19:45:31.0375 2272 mssmbios - ok
19:45:31.0453 2272 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
19:45:31.0516 2272 MSTEE - ok
19:45:31.0531 2272 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
19:45:31.0531 2272 MTConfig - ok
19:45:31.0547 2272 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
19:45:31.0562 2272 Mup - ok
19:45:31.0672 2272 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
19:45:31.0703 2272 NativeWifiP - ok
19:45:31.0750 2272 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
19:45:31.0781 2272 NDIS - ok
19:45:31.0890 2272 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
19:45:31.0937 2272 NdisCap - ok
19:45:31.0952 2272 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
19:45:31.0999 2272 NdisTapi - ok
19:45:32.0077 2272 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
19:45:32.0140 2272 Ndisuio - ok
19:45:32.0218 2272 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
19:45:32.0280 2272 NdisWan - ok
19:45:32.0311 2272 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
19:45:32.0358 2272 NDProxy - ok
19:45:32.0452 2272 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
19:45:32.0514 2272 NetBIOS - ok
19:45:32.0545 2272 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
19:45:32.0576 2272 NetBT - ok
19:45:32.0686 2272 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
19:45:32.0701 2272 nfrd960 - ok
19:45:32.0732 2272 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
19:45:32.0764 2272 Npfs - ok
19:45:32.0857 2272 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
19:45:32.0920 2272 nsiproxy - ok
19:45:32.0982 2272 Ntfs (05d78aa5cb5f3f5c31160bdb955d0b7c) C:\Windows\system32\drivers\Ntfs.sys
19:45:33.0029 2272 Ntfs - ok
19:45:33.0122 2272 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
19:45:33.0169 2272 Null - ok
19:45:33.0200 2272 nvraid (5d9fd91f3d38dc9da01e3cb5fa89cd48) C:\Windows\system32\drivers\nvraid.sys
19:45:33.0216 2272 nvraid - ok
19:45:33.0310 2272 nvstor (f7cd50fe7139f07e77da8ac8033d1832) C:\Windows\system32\drivers\nvstor.sys
19:45:33.0341 2272 nvstor - ok
19:45:33.0434 2272 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
19:45:33.0466 2272 nv_agp - ok
19:45:33.0575 2272 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
19:45:33.0590 2272 ohci1394 - ok
19:45:33.0700 2272 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
19:45:33.0715 2272 Parport - ok
19:45:33.0746 2272 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
19:45:33.0762 2272 partmgr - ok
19:45:33.0871 2272 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
19:45:33.0887 2272 pci - ok
19:45:33.0902 2272 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
19:45:33.0918 2272 pciide - ok
19:45:34.0012 2272 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
19:45:34.0027 2272 pcmcia - ok
19:45:34.0058 2272 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
19:45:34.0058 2272 pcw - ok
19:45:34.0168 2272 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
19:45:34.0214 2272 PEAUTH - ok
19:45:34.0355 2272 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
19:45:34.0402 2272 PptpMiniport - ok
19:45:34.0495 2272 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
19:45:34.0511 2272 Processor - ok
19:45:34.0558 2272 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
19:45:34.0604 2272 Psched - ok
19:45:34.0729 2272 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
19:45:34.0760 2272 ql2300 - ok
19:45:34.0870 2272 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
19:45:34.0885 2272 ql40xx - ok
19:45:34.0916 2272 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
19:45:34.0932 2272 QWAVEdrv - ok
19:45:35.0010 2272 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
19:45:35.0057 2272 RasAcd - ok
19:45:35.0088 2272 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
19:45:35.0119 2272 RasAgileVpn - ok
19:45:35.0213 2272 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
19:45:35.0260 2272 Rasl2tp - ok
19:45:35.0306 2272 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
19:45:35.0369 2272 RasPppoe - ok
19:45:35.0431 2272 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
19:45:35.0494 2272 RasSstp - ok
19:45:35.0540 2272 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
19:45:35.0603 2272 rdbss - ok
19:45:35.0665 2272 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
19:45:35.0696 2272 rdpbus - ok
19:45:35.0712 2272 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
19:45:35.0759 2272 RDPCDD - ok
19:45:35.0837 2272 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
19:45:35.0884 2272 RDPENCDD - ok
19:45:35.0915 2272 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
19:45:35.0962 2272 RDPREFMP - ok
19:45:36.0040 2272 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys
19:45:36.0102 2272 RDPWD - ok
19:45:36.0196 2272 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
19:45:36.0227 2272 rdyboost - ok
19:45:36.0258 2272 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
19:45:36.0274 2272 RFCOMM - ok
19:45:36.0367 2272 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
19:45:36.0430 2272 rspndr - ok
19:45:36.0508 2272 RTL8167 (baefee35d27a5440d35092ce10267bec) C:\Windows\system32\DRIVERS\Rt64win7.sys
19:45:36.0539 2272 RTL8167 - ok
19:45:36.0586 2272 rtport (4ca0dba9e224473d664c25e411f5a3bd) C:\Windows\SysWOW64\drivers\rtport.sys
19:45:36.0601 2272 rtport - ok
19:45:36.0695 2272 SABI (62db6cc4b0818f1b5f3441241b098f12) C:\Windows\system32\Drivers\SABI.sys
19:45:36.0710 2272 SABI - ok
19:45:36.0742 2272 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
19:45:36.0757 2272 sbp2port - ok
19:45:36.0866 2272 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
19:45:36.0929 2272 scfilter - ok
19:45:36.0976 2272 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
19:45:37.0007 2272 secdrv - ok
19:45:37.0085 2272 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
19:45:37.0116 2272 Serenum - ok
19:45:37.0147 2272 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
19:45:37.0163 2272 Serial - ok
19:45:37.0256 2272 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
19:45:37.0272 2272 sermouse - ok
19:45:37.0334 2272 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
19:45:37.0350 2272 sffdisk - ok
19:45:37.0428 2272 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
19:45:37.0459 2272 sffp_mmc - ok
19:45:37.0553 2272 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
19:45:37.0584 2272 sffp_sd - ok
19:45:37.0678 2272 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
19:45:37.0693 2272 sfloppy - ok
19:45:37.0724 2272 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
19:45:37.0724 2272 SiSRaid2 - ok
19:45:37.0818 2272 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
19:45:37.0834 2272 SiSRaid4 - ok
19:45:37.0943 2272 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
19:45:37.0990 2272 Smb - ok
19:45:38.0099 2272 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
19:45:38.0114 2272 spldr - ok
19:45:38.0224 2272 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
19:45:38.0255 2272 srv - ok
19:45:38.0364 2272 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
19:45:38.0395 2272 srv2 - ok
19:45:38.0489 2272 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
19:45:38.0520 2272 srvnet - ok
19:45:38.0551 2272 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
19:45:38.0567 2272 stexstor - ok
19:45:38.0660 2272 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
19:45:38.0676 2272 swenum - ok
19:45:38.0816 2272 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
19:45:38.0863 2272 Tcpip - ok
19:45:39.0004 2272 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
19:45:39.0050 2272 TCPIP6 - ok
19:45:39.0144 2272 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
19:45:39.0191 2272 tcpipreg - ok
19:45:39.0206 2272 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
19:45:39.0253 2272 TDPIPE - ok
19:45:39.0331 2272 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
19:45:39.0378 2272 TDTCP - ok
19:45:39.0409 2272 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
19:45:39.0456 2272 tdx - ok
19:45:39.0550 2272 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
19:45:39.0565 2272 TermDD - ok
19:45:39.0612 2272 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
19:45:39.0674 2272 tssecsrv - ok
19:45:39.0768 2272 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
19:45:39.0784 2272 TsUsbFlt - ok
19:45:39.0830 2272 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
19:45:39.0862 2272 tunnel - ok
19:45:39.0971 2272 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
19:45:39.0986 2272 uagp35 - ok
19:45:40.0080 2272 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
19:45:40.0142 2272 udfs - ok
19:45:40.0174 2272 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
19:45:40.0189 2272 uliagpkx - ok
19:45:40.0283 2272 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
19:45:40.0314 2272 umbus - ok
19:45:40.0345 2272 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
19:45:40.0361 2272 UmPass - ok
19:45:40.0454 2272 usbccgp (481dff26b4dca8f4cbac1f7dce1d6829) C:\Windows\system32\DRIVERS\usbccgp.sys
19:45:40.0470 2272 usbccgp - ok
19:45:40.0501 2272 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
19:45:40.0517 2272 usbcir - ok
19:45:40.0626 2272 usbehci (74ee782b1d9c241efe425565854c661c) C:\Windows\system32\drivers\usbehci.sys
19:45:40.0642 2272 usbehci - ok
19:45:40.0751 2272 usbhub (dc96bd9ccb8403251bcf25047573558e) C:\Windows\system32\drivers\usbhub.sys
19:45:40.0782 2272 usbhub - ok
19:45:40.0876 2272 usbohci (58e546bbaf87664fc57e0f6081e4f609) C:\Windows\system32\drivers\usbohci.sys
19:45:40.0891 2272 usbohci - ok
19:45:40.0985 2272 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
19:45:41.0016 2272 usbprint - ok
19:45:41.0047 2272 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
19:45:41.0063 2272 usbscan - ok
19:45:41.0172 2272 USBSTOR (d76510cfa0fc09023077f22c2f979d86) C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:45:41.0203 2272 USBSTOR - ok
19:45:41.0297 2272 usbuhci (81fb2216d3a60d1284455d511797db3d) C:\Windows\system32\drivers\usbuhci.sys
19:45:41.0328 2272 usbuhci - ok
19:45:41.0422 2272 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys
19:45:41.0453 2272 usbvideo - ok
19:45:41.0562 2272 VClone (fd911873c0bb6945fa38c16e9a2b58f9) C:\Windows\system32\DRIVERS\VClone.sys
19:45:41.0578 2272 VClone - ok
19:45:41.0609 2272 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
19:45:41.0624 2272 vdrvroot - ok
19:45:41.0702 2272 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
19:45:41.0734 2272 vga - ok
19:45:41.0827 2272 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
19:45:41.0890 2272 VgaSave - ok
19:45:41.0983 2272 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
19:45:41.0999 2272 vhdmp - ok
19:45:42.0108 2272 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
19:45:42.0124 2272 viaide - ok
19:45:42.0233 2272 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
19:45:42.0264 2272 volmgr - ok
19:45:42.0358 2272 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
19:45:42.0389 2272 volmgrx - ok
19:45:42.0436 2272 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
19:45:42.0451 2272 volsnap - ok
19:45:42.0545 2272 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
19:45:42.0560 2272 vsmraid - ok
19:45:42.0576 2272 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
19:45:42.0592 2272 vwifibus - ok
19:45:42.0701 2272 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
19:45:42.0732 2272 vwififlt - ok
19:45:42.0826 2272 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
19:45:42.0857 2272 WacomPen - ok
19:45:42.0950 2272 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
19:45:43.0013 2272 WANARP - ok
19:45:43.0013 2272 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
19:45:43.0044 2272 Wanarpv6 - ok
19:45:43.0091 2272 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
19:45:43.0091 2272 Wd - ok
19:45:43.0200 2272 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
19:45:43.0231 2272 Wdf01000 - ok
19:45:43.0340 2272 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
19:45:43.0403 2272 WfpLwf - ok
19:45:43.0418 2272 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
19:45:43.0434 2272 WIMMount - ok
19:45:43.0528 2272 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
19:45:43.0559 2272 WinUsb - ok
19:45:43.0606 2272 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
19:45:43.0606 2272 WmiAcpi - ok
19:45:43.0699 2272 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
19:45:43.0746 2272 ws2ifsl - ok
19:45:43.0809 2272 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
19:45:43.0840 2272 WudfPf - ok
19:45:43.0933 2272 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
19:45:43.0980 2272 WUDFRd - ok
19:45:44.0089 2272 yukonw7 (64f88af327aa74e03658ae32b48ccb8b) C:\Windows\system32\DRIVERS\yk62x64.sys
19:45:44.0121 2272 yukonw7 - ok
19:45:44.0152 2272 MBR (0x1B8) (2e5debb2116b3417023e0d6562d7ed07) \Device\Harddisk0\DR0
19:45:44.0448 2272 \Device\Harddisk0\DR0 - ok
19:45:44.0464 2272 Boot (0x1200) (98fa392a7f5f4a5eae8d5aa6861452c8) \Device\Harddisk0\DR0\Partition0
19:45:44.0464 2272 \Device\Harddisk0\DR0\Partition0 - ok
19:45:44.0495 2272 Boot (0x1200) (cc75d30f2f0698386f4ed95d4252d4b1) \Device\Harddisk0\DR0\Partition1
19:45:44.0495 2272 \Device\Harddisk0\DR0\Partition1 - ok
19:45:44.0511 2272 Boot (0x1200) (605c74d0e2f457ca77f95b0a7a191e53) \Device\Harddisk0\DR0\Partition2
19:45:44.0511 2272 \Device\Harddisk0\DR0\Partition2 - ok
19:45:44.0511 2272 ============================================================
19:45:44.0511 2272 Scan finished
19:45:44.0511 2272 ============================================================
19:45:44.0526 2076 Detected object count: 0
19:45:44.0526 2076 Actual detected object count: 0
19:45:55.0290 3176 Deinitialize success

Dann bitte jetzt CF ausführen:

ComboFix

Ein Leitfaden und Tutorium zur Nutzung von ComboFix

Lade dir ComboFix hier herunter auf deinen Desktop.

Schliesse alle Programme, vor allem dein Antivirenprogramm und andere Hintergrundwächter sowie deinen Internetbrowser.

Starte cofi.exe von deinem Desktop aus, bestätige die Warnmeldungen, führe die Updates durch (falls vorgeschlagen), installiere die Wiederherstellungskonsole (falls vorgeschlagen) und lass dein System durchsuchen.
Vermeide es auch während Combofix läuft die Maus und Tastatur zu benutzen.

Im Anschluss öffnet sich automatisch eine combofix.txt, diesen Inhalt bitte kopieren ([Strg]a, [Strg]c) und in deinen Beitrag einfügen ([Strg]v). Die Datei findest du außerdem unter: C:\ComboFix.txt.

Wichtiger Hinweis:

Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat!

Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich ziehen und eine Bereinigung der Infektion noch erschweren.

Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie

Zitat:

Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.

startest du Windows dann manuell neu und die Fehlermeldungen sollten nicht mehr auftauchen.

Hier ist die Combfix-log:
Combofix Logfile:

Code:

ComboFix 11-11-18.02 - Anne-Sophie 18.11.2011  22:46:42.1.4 - x64

Microsoft Windows 7 Home Premium   6.1.7601.1.1252.49.1031.18.3946.2819 [GMT 1:00]

ausgeführt von:: c:\users\Anne-Sophie\Desktop\ComboFix.exe

AV: McAfee  Anti-Virus und Anti-Spyware *Enabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}

FW: McAfee  Firewall *Enabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}

SP: McAfee  Anti-Virus und Anti-Spyware *Enabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}

SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

.

((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\programdata\FullRemove.exe

.

.

(((((((((((((((((((((((   Dateien erstellt von 2011-10-18 bis 2011-11-18  ))))))))))))))))))))))))))))))

.

.

2011-11-18 21:49 . 2011-11-18 21:49        --------        d-----w-        c:\users\Default\AppData\Local\temp

2011-11-18 18:04 . 2011-11-18 18:04        69000        ----a-w-        c:\programdata\Microsoft\Windows Defender\Definition Updates\{E45DDA36-A328-4172-89A4-93F888AEEF98}\offreg.dll

2011-11-18 18:00 . 2011-11-18 18:00        --------        d-----w-        C:\_OTL

2011-11-18 07:28 . 2011-10-18 00:27        8570192        ----a-w-        c:\programdata\Microsoft\Windows Defender\Definition Updates\{E45DDA36-A328-4172-89A4-93F888AEEF98}\mpengine.dll

2011-11-17 12:18 . 2011-11-17 12:18        --------        d-----w-        c:\program files (x86)\ESET

2011-11-17 11:07 . 2011-05-24 17:14        270720        ------w-        c:\windows\system32\MpSigStub.exe

2011-11-17 10:39 . 2011-11-17 10:39        --------        d-----w-        c:\users\Anne-Sophie\AppData\Roaming\Malwarebytes

2011-11-17 10:38 . 2011-11-17 10:38        --------        d-----w-        c:\programdata\Malwarebytes

2011-11-17 10:38 . 2011-08-31 16:00        25416        ----a-w-        c:\windows\system32\drivers\mbam.sys

2011-11-17 10:38 . 2011-11-17 17:48        --------        d-----w-        c:\program files (x86)\Malwarebytes' Anti-Malware

2011-11-10 17:10 . 2011-11-10 17:10        --------        d-----w-        c:\users\Anne-Sophie\AppData\Local\Apple Computer

2011-11-10 17:10 . 2011-11-14 21:17        --------        dc----w-        c:\windows\system32\DRVSTORE

2011-11-10 17:09 . 2011-11-14 21:19        --------        d-----w-        c:\programdata\Apple Computer

2011-11-10 17:09 . 2011-11-10 17:10        --------        d-----w-        c:\programdata\{93E26451-CD9A-43A5-A2FA-C42392EA4001}

2011-11-10 17:07 . 2011-11-10 17:07        --------        d-----w-        c:\users\Anne-Sophie\AppData\Local\Apple

2011-11-10 17:06 . 2011-11-14 21:19        --------        d-----w-        c:\program files (x86)\Common Files\Apple

2011-11-10 17:06 . 2011-11-10 17:07        --------        d-----w-        c:\programdata\Apple

2011-11-10 13:53 . 2011-11-10 18:13        --------        d-----w-        c:\users\Anne-Sophie\AppData\Local\Audible

2011-11-10 13:51 . 2003-03-18 20:20        1060864        ------w-        c:\windows\SysWow64\mfc71.dll

2011-11-10 13:51 . 2003-03-18 19:14        499712        ------w-        c:\windows\SysWow64\msvcp71.dll

2011-11-10 13:51 . 2003-02-21 03:42        348160        ------w-        c:\windows\SysWow64\msvcr71.dll

2011-11-10 13:51 . 2001-08-17 21:43        24576        ------w-        c:\windows\SysWow64\msxml3a.dll

2011-11-09 14:12 . 2011-10-01 05:45        886784        ----a-w-        c:\program files\Common Files\System\wab32.dll

2011-11-09 14:12 . 2011-10-01 04:37        708608        ----a-w-        c:\program files (x86)\Common Files\System\wab32.dll

2011-11-09 14:12 . 2011-09-29 16:29        1923952        ----a-w-        c:\windows\system32\drivers\tcpip.sys

2011-11-09 14:12 . 2011-09-29 04:03        3144704        ----a-w-        c:\windows\system32\win32k.sys

2011-11-09 09:07 . 2011-11-09 09:07        --------        d-----w-        c:\program files (x86)\Cisco Systems

.

.

.

((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2011-10-18 05:15 . 2011-06-05 22:09        414368        ----a-w-        c:\windows\SysWow64\FlashPlayerCPLApp.cpl

2011-08-27 05:37 . 2011-10-12 13:29        861696        ----a-w-        c:\windows\system32\oleaut32.dll

2011-08-27 05:37 . 2011-10-12 13:29        331776        ----a-w-        c:\windows\system32\oleacc.dll

2011-08-27 04:26 . 2011-10-12 13:29        571904        ----a-w-        c:\windows\SysWow64\oleaut32.dll

2011-08-27 04:26 . 2011-10-12 13:29        233472        ----a-w-        c:\windows\SysWow64\oleacc.dll

.

.

((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))

.

.

*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 

REGEDIT4

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]

@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]

2010-10-06 23:36        94208        ----a-w-        c:\users\Anne-Sophie\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]

@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]

2010-10-06 23:36        94208        ----a-w-        c:\users\Anne-Sophie\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]

@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]

2010-10-06 23:36        94208        ----a-w-        c:\users\Anne-Sophie\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"VirtualCloneDrive"="c:\program files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" [2011-03-07 89456]

"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-09-07 37296]

"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 937920]

.

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\

Adobe Gamma Loader.lnk - c:\program files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2011-9-22 113664]

HP Digital Imaging Monitor.lnk - d:\programme\Digital Imaging\bin\hpqtra08.exe [2009-9-20 270336]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 0 (0x0)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableLUA"= 0 (0x0)

"EnableUIADesktopToggle"= 0 (0x0)

"PromptOnSecureDesktop"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]

"HideSCAHealth"= 1 (0x1)

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]

"aux1"=wdmaud.drv

.

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]

Security Packages        REG_MULTI_SZ           kerberos msv1_0 schannel wdigest tspkg pku2u livessp

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

@=""

.

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]

R3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [x]

R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]

R4 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]

R4 Rezip;Rezip;c:\windows\SysWOW64\Rezip.exe [2009-03-05 311296]

R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]

S1 SABI;SAMSUNG Kernel Driver For Windows 7;c:\windows\system32\Drivers\SABI.sys [x]

S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]

S2 NOBU;Norton Online Backup;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE [x]

S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [x]

S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]

S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [x]

S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys [x]

.

.

--- Andere Dienste/Treiber im Speicher ---

.

*NewlyCreated* - 03372228

*Deregistered* - 03372228

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]

hpdevmgmt        REG_MULTI_SZ           hpqcxs08 hpqddsvc

.

.

--------- x86-64 -----------

.

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]

@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]

2010-10-06 23:36        97792        ----a-w-        c:\users\Anne-Sophie\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]

@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]

2010-10-06 23:36        97792        ----a-w-        c:\users\Anne-Sophie\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]

@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]

2010-10-06 23:36        97792        ----a-w-        c:\users\Anne-Sophie\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]

@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]

2010-10-06 23:36        97792        ----a-w-        c:\users\Anne-Sophie\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

"LoadAppInit_DLLs"=0x1

.

------- Zusätzlicher Suchlauf -------

.

uLocal Page = c:\windows\system32\blank.htm

uStart Page = hxxp://samsung.msn.com

mStart Page = hxxp://samsung.msn.com

IE: Nach Microsoft E&xel exportieren - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000

TCP: DhcpNameServer = 83.169.184.33 192.168.0.1

FF - ProfilePath - c:\users\Anne-Sophie\AppData\Roaming\Mozilla\Firefox\Profiles\d51rcdsi.default\

FF - prefs.js: browser.search.selectedEngine - Google

FF - prefs.js: browser.startup.homepage - hxxp://www.google.de/webhp?cplp=1308837846503

.

.

--------------------- Gesperrte Registrierungsschluessel ---------------------

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10d.exe,-101"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32]

@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10d.exe"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Shockwave Flash Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]

@="0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]

@="ShockwaveFlash.ShockwaveFlash.10"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="ShockwaveFlash.ShockwaveFlash"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Macromedia Flash Factory Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]

@="FlashFactory.FlashFactory.1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="FlashFactory.FlashFactory"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]

@Denied: (A 2) (Everyone)

@="IFlashBroker3"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]

"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,

   00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

Zeit der Fertigstellung: 2011-11-18  22:51:17

ComboFix-quarantined-files.txt  2011-11-18 21:51

.

Vor Suchlauf: 9 Verzeichnis(se), 144.762.597.376 Bytes frei

Nach Suchlauf: 14 Verzeichnis(se), 144.269.283.328 Bytes frei

.

- - End Of File - - E8046B29DDF4BB48E52852AF97FC90DA

--- --- ---

Downloade dir bitte aswMBR.exe und speichere die Datei auf deinem Desktop.

Starte die aswMBR.exe Vista und Win7 User aswMBR per Rechtsklick "als Administrator ausführen"
Das Tool wird dich fragen, ob Du mit der aktuellen Virendefinition von AVAST! dein System scannen willst. Beantworte diese Frage bitte mit Ja. (Sollte deine Firewall fragen, bitte den Zugriff auf das Internet zulassen) Der Download der Definitionen kann je nach Verbindung eine Weile dauern.
Klicke auf Scan.
Warte bitte bis Scan finished successfully im DOS Fenster steht.
Drücke auf Save Log und speichere diese auf dem Desktop.

Poste mir die aswMBR.txt in deiner nächsten Antwort. Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte es erneut nicht klappen teile mir das bitte mit.

Hallo Arne,

entschuldige die späte Antwort. Das ist das log:

aswMBR version 0.9.8.986 Copyright(c) 2011 AVAST Software
Run date: 2011-11-20 18:07:11
-----------------------------
18:07:11.543 OS Version: Windows x64 6.1.7601 Service Pack 1
18:07:11.543 Number of processors: 4 586 0x2505
18:07:11.544 ComputerName: ACHIM UserName:
18:07:12.349 Initialize success
18:15:00.998 AVAST engine defs: 11112000
18:15:16.174 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
18:15:16.179 Disk 0 Vendor: Hitachi_ PB4O Size: 476940MB BusType: 3
18:15:16.201 Disk 0 MBR read successfully
18:15:16.206 Disk 0 MBR scan
18:15:16.231 Disk 0 unknown MBR code
18:15:16.237 Service scanning
18:15:17.662 Modules scanning
18:15:17.668 Disk 0 trace - called modules:
18:15:17.701 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
18:15:17.707 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80045f1060]
18:15:17.715 3 CLASSPNP.SYS[fffff88001ba643f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8004317050]
18:15:18.392 AVAST engine scan C:\Windows
18:15:21.614 AVAST engine scan C:\Windows\system32
18:16:49.549 AVAST engine scan C:\Windows\system32\drivers
18:16:59.116 AVAST engine scan C:\Users\Anne-Sophie
18:21:14.096 AVAST engine scan C:\ProgramData
18:22:08.992 Scan finished successfully
18:45:45.334 Disk 0 MBR has been saved successfully to "C:\Users\Anne-Sophie\Desktop\MBR.dat"
18:45:45.334 The log file has been saved successfully to "C:\Users\Anne-Sophie\Desktop\aswMBR.txt"

Wir sollten den MBR fixen, sichere für den Fall der Fälle ALLE wichtigen Daten, auch wenn meistens alles glatt geht.

Hinweis: Mach bitte NICHT den MBR-Fix, wenn du noch andere Betriebssysteme wie zB Ubuntu installiert hast, ein MBR-Fix mit Windows-Tools macht ein parallel installiertes (Dualboot) Linux unbootbar.

Starte nach der Datensicherung aswmbr erneut und klick auf den Button FIXMBR.
Anschließend Windows neu starten und ein neues Log mit aswMBR machen.

Hallo Arne,

hat alles super geklappt, nix verloren gegangen!

aswMBR version 0.9.8.986 Copyright(c) 2011 AVAST Software
Run date: 2011-11-20 18:07:11
-----------------------------
18:07:11.543 OS Version: Windows x64 6.1.7601 Service Pack 1
18:07:11.543 Number of processors: 4 586 0x2505
18:07:11.544 ComputerName: ACHIM UserName:
18:07:12.349 Initialize success
18:15:00.998 AVAST engine defs: 11112000
18:15:16.174 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
18:15:16.179 Disk 0 Vendor: Hitachi_ PB4O Size: 476940MB BusType: 3
18:15:16.201 Disk 0 MBR read successfully
18:15:16.206 Disk 0 MBR scan
18:15:16.231 Disk 0 unknown MBR code
18:15:16.237 Service scanning
18:15:17.662 Modules scanning
18:15:17.668 Disk 0 trace - called modules:
18:15:17.701 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
18:15:17.707 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80045f1060]
18:15:17.715 3 CLASSPNP.SYS[fffff88001ba643f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8004317050]
18:15:18.392 AVAST engine scan C:\Windows
18:15:21.614 AVAST engine scan C:\Windows\system32
18:16:49.549 AVAST engine scan C:\Windows\system32\drivers
18:16:59.116 AVAST engine scan C:\Users\Anne-Sophie
18:21:14.096 AVAST engine scan C:\ProgramData
18:22:08.992 Scan finished successfully
18:45:45.334 Disk 0 MBR has been saved successfully to "C:\Users\Anne-Sophie\Desktop\MBR.dat"
18:45:45.334 The log file has been saved successfully to "C:\Users\Anne-Sophie\Desktop\aswMBR.txt"

aswMBR version 0.9.8.986 Copyright(c) 2011 AVAST Software
Run date: 2011-11-21 11:35:05
-----------------------------
11:35:05.437 OS Version: Windows x64 6.1.7601 Service Pack 1
11:35:05.437 Number of processors: 4 586 0x2505
11:35:05.437 ComputerName: ACHIM UserName:
11:35:06.498 Initialize success
11:35:13.378 AVAST engine defs: 11112000
11:35:35.807 Verifying
11:35:45.822 Disk 0 Windows 601 MBR fixed successfully
11:43:42.637 Disk 0 MBR has been saved successfully to "C:\Users\Anne-Sophie\Desktop\MBR.dat"
11:43:42.668 The log file has been saved successfully to "C:\Users\Anne-Sophie\Desktop\aswMBR.txt"

aswMBR version 0.9.8.986 Copyright(c) 2011 AVAST Software
Run date: 2011-11-21 11:35:05
-----------------------------
11:35:05.437 OS Version: Windows x64 6.1.7601 Service Pack 1
11:35:05.437 Number of processors: 4 586 0x2505
11:35:05.437 ComputerName: ACHIM UserName:
11:35:06.498 Initialize success
11:35:13.378 AVAST engine defs: 11112000
11:35:35.807 Verifying
11:35:45.822 Disk 0 Windows 601 MBR fixed successfully
11:43:42.637 Disk 0 MBR has been saved successfully to "C:\Users\Anne-Sophie\Desktop\MBR.dat"
11:43:42.668 The log file has been saved successfully to "C:\Users\Anne-Sophie\Desktop\aswMBR.txt"
11:44:53.681 Disk 0 MBR has been saved successfully to "C:\Users\Anne-Sophie\Desktop\MBR.dat"
11:44:53.681 The log file has been saved successfully to "C:\Users\Anne-Sophie\Desktop\aswMBR.txt"

oh, ich hab wohl zwei mal gespeichert.
Hatte nicht gemerkt, dass alles in einer txt.datei gespeichert wird.

Und was genau solltest du nach dem Fix machen? Ich vermisse da noch was :pfeiff:

huch
wer lesen kann ist klar im Vorteil!

Update:

aswMBR version 0.9.8.986 Copyright(c) 2011 AVAST Software
Run date: 2011-11-20 18:07:11
-----------------------------
18:07:11.543 OS Version: Windows x64 6.1.7601 Service Pack 1
18:07:11.543 Number of processors: 4 586 0x2505
18:07:11.544 ComputerName: ACHIM UserName:
18:07:12.349 Initialize success
18:15:00.998 AVAST engine defs: 11112000
18:15:16.174 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
18:15:16.179 Disk 0 Vendor: Hitachi_ PB4O Size: 476940MB BusType: 3
18:15:16.201 Disk 0 MBR read successfully
18:15:16.206 Disk 0 MBR scan
18:15:16.231 Disk 0 unknown MBR code
18:15:16.237 Service scanning
18:15:17.662 Modules scanning
18:15:17.668 Disk 0 trace - called modules:
18:15:17.701 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
18:15:17.707 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80045f1060]
18:15:17.715 3 CLASSPNP.SYS[fffff88001ba643f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8004317050]
18:15:18.392 AVAST engine scan C:\Windows
18:15:21.614 AVAST engine scan C:\Windows\system32
18:16:49.549 AVAST engine scan C:\Windows\system32\drivers
18:16:59.116 AVAST engine scan C:\Users\Anne-Sophie
18:21:14.096 AVAST engine scan C:\ProgramData
18:22:08.992 Scan finished successfully
18:45:45.334 Disk 0 MBR has been saved successfully to "C:\Users\Anne-Sophie\Desktop\MBR.dat"
18:45:45.334 The log file has been saved successfully to "C:\Users\Anne-Sophie\Desktop\aswMBR.txt"

aswMBR version 0.9.8.986 Copyright(c) 2011 AVAST Software
Run date: 2011-11-21 11:35:05
-----------------------------
11:35:05.437 OS Version: Windows x64 6.1.7601 Service Pack 1
11:35:05.437 Number of processors: 4 586 0x2505
11:35:05.437 ComputerName: ACHIM UserName:
11:35:06.498 Initialize success
11:35:13.378 AVAST engine defs: 11112000
11:35:35.807 Verifying
11:35:45.822 Disk 0 Windows 601 MBR fixed successfully
11:43:42.637 Disk 0 MBR has been saved successfully to "C:\Users\Anne-Sophie\Desktop\MBR.dat"
11:43:42.668 The log file has been saved successfully to "C:\Users\Anne-Sophie\Desktop\aswMBR.txt"

aswMBR version 0.9.8.986 Copyright(c) 2011 AVAST Software
Run date: 2011-11-21 11:35:05
-----------------------------
11:35:05.437 OS Version: Windows x64 6.1.7601 Service Pack 1
11:35:05.437 Number of processors: 4 586 0x2505
11:35:05.437 ComputerName: ACHIM UserName:
11:35:06.498 Initialize success
11:35:13.378 AVAST engine defs: 11112000
11:35:35.807 Verifying
11:35:45.822 Disk 0 Windows 601 MBR fixed successfully
11:43:42.637 Disk 0 MBR has been saved successfully to "C:\Users\Anne-Sophie\Desktop\MBR.dat"
11:43:42.668 The log file has been saved successfully to "C:\Users\Anne-Sophie\Desktop\aswMBR.txt"
11:44:53.681 Disk 0 MBR has been saved successfully to "C:\Users\Anne-Sophie\Desktop\MBR.dat"
11:44:53.681 The log file has been saved successfully to "C:\Users\Anne-Sophie\Desktop\aswMBR.txt"

aswMBR version 0.9.8.986 Copyright(c) 2011 AVAST Software
Run date: 2011-11-21 12:31:30
-----------------------------
12:31:30.428 OS Version: Windows x64 6.1.7601 Service Pack 1
12:31:30.428 Number of processors: 4 586 0x2505
12:31:30.428 ComputerName: ACHIM UserName:
12:31:31.271 Initialize success
12:31:35.436 AVAST engine defs: 11112000
12:31:55.560 The log file has been saved successfully to "C:\Users\Anne-Sophie\Desktop\aswMBR.txt"

Mach doch bitte einfach ein neues Logfile und poste nicht das was du zuvor schon gepostet hast :(

Er macht die logs immer in ein und die selbe textdatei.

der letzte Absatz im obigen log ist nach dem Neustart dazu gekommen.
Hab ich schon wieder was falsch gemacht?

Zitat:

Er macht die logs immer in ein und die selbe textdatei.

Und? Ob das in die bestehende angehangen oder in eine neue Datei geschrieben wird ist doch irrelevant!
Du hast aswMBR fasch ausgeführt halt dich doch einfach mal an die Anleitung!

Downloade dir bitte aswMBR.exe und speichere die Datei auf deinem Desktop.

Starte die aswMBR.exe Vista und Win7 User aswMBR per Rechtsklick "als Administrator ausführen"
Das Tool wird dich fragen, ob Du mit der aktuellen Virendefinition von AVAST! dein System scannen willst. Beantworte diese Frage bitte mit Ja. (Sollte deine Firewall fragen, bitte den Zugriff auf das Internet zulassen) Der Download der Definitionen kann je nach Verbindung eine Weile dauern.
Klicke auf Scan.
Warte bitte bis Scan finished successfully im DOS Fenster steht.
Drücke auf Save Log und speichere diese auf dem Desktop.

aswMBR version 0.9.8.986 Copyright(c) 2011 AVAST Software
Run date: 2011-11-21 15:12:12
-----------------------------
15:12:12.554 OS Version: Windows x64 6.1.7601 Service Pack 1
15:12:12.554 Number of processors: 4 586 0x2505
15:12:12.554 ComputerName: ACHIM UserName:
15:12:13.022 Initialize success
15:12:15.923 AVAST engine defs: 11112000
15:12:30.322 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
15:12:30.322 Disk 0 Vendor: Hitachi_ PB4O Size: 476940MB BusType: 3
15:12:30.338 Disk 0 MBR read successfully
15:12:30.338 Disk 0 MBR scan
15:12:30.338 Disk 0 Windows 7 default MBR code
15:12:30.353 Service scanning
15:12:31.461 Modules scanning
15:12:31.461 Disk 0 trace - called modules:
15:12:31.476 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
15:12:31.492 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80045f3060]
15:12:31.492 3 CLASSPNP.SYS[fffff88001b9643f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8004318050]
15:12:32.225 AVAST engine scan C:\Windows
15:12:35.423 AVAST engine scan C:\Windows\system32
15:14:02.581 AVAST engine scan C:\Windows\system32\drivers
15:14:12.143 AVAST engine scan C:\Users\Anne-Sophie
15:18:59.714 AVAST engine scan C:\ProgramData
15:19:53.644 Scan finished successfully
15:23:10.283 Disk 0 MBR has been saved successfully to "C:\Users\Anne-Sophie\Desktop\MBR.dat"
15:23:10.283 The log file has been saved successfully to "C:\Users\Anne-Sophie\Desktop\aswMBR.txt"

Zitat: "Anschließend Windows neu starten und ein neues Log mit aswMBR machen."

Meintest du damit, einen neuen Scan ausführen? Ich dachte ich soll einfach noch mal "save Log" anklicken.

Geht doch :pfeiff:

Sieht ok aus. Mach bitte zur Kontrolle Vollscans mit Malwarebytes und SASW und poste die Logs.
Denk dran beide Tools zu updaten vor dem Scan!!

Anschließend über den OnlineScanner von ESET eine zusätzliche Meinung zu holen ist auch nicht verkehrt:

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Hier schon mal der Malwarebytes Log.
Der Rest folgt in Kürze:

Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org

Datenbank Version: 8208

Windows 6.1.7601 Service Pack 1
Internet Explorer 8.0.7601.17514

21.11.2011 16:18:17
mbam-log-2011-11-21 (16-18-17).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|)
Durchsuchte Objekte: 303896
Laufzeit: 30 Minute(n), 31 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
(Keine bösartigen Objekte gefunden)

SuperantiSpyware hat lange gedauert: Soll ich die gefundenen Cookies entfernen?

SUPERAntiSpyware Scan Log
SUPERAntiSpyware.com | Remove Malware | Remove Spyware - AntiMalware, AntiSpyware, AntiAdware!

Generated 11/21/2011 at 06:36 PM

Application Version : 5.0.1136

Core Rules Database Version : 7965
Trace Rules Database Version: 5777

Scan type : Complete Scan
Total Scan Time : 01:26:26

Operating System Information
Windows 7 Home Premium 64-bit, Service Pack 1 (Build 6.01.7601)
UAC Off - Administrator

Memory items scanned : 588
Memory threats detected : 0
Registry items scanned : 71344
Registry threats detected : 0
File items scanned : 149036
File threats detected : 424

Adware.Tracking Cookie
C:\Users\Anne-Sophie\AppData\Roaming\Microsoft\Windows\Cookies\anne-sophie@ad.yieldmanager[2].txt [ /ad.yieldmanager ]
C:\Users\Anne-Sophie\AppData\Roaming\Microsoft\Windows\Cookies\anne-sophie@content.yieldmanager[1].txt [ /content.yieldmanager ]
C:\Users\Anne-Sophie\AppData\Roaming\Microsoft\Windows\Cookies\anne-sophie@doubleclick[1].txt [ /doubleclick ]
C:\Users\Anne-Sophie\AppData\Roaming\Microsoft\Windows\Cookies\anne-sophie@invitemedia[1].txt [ /invitemedia ]
C:\Users\Anne-Sophie\AppData\Roaming\Microsoft\Windows\Cookies\anne-sophie@vlc-media-player.softonic[2].txt [ /vlc-media-player.softonic ]
C:\USERS\ANNE-SOPHIE\Cookies\anne-sophie@doubleclick[1].txt [ Cookie:anne-sophie@doubleclick.net/ ]
C:\USERS\ANNE-SOPHIE\Cookies\anne-sophie@content.yieldmanager[1].txt [ Cookie:anne-sophie@content.yieldmanager.com/ ]
.mediaplex.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.sussex.ac.uk [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.sussex.ac.uk [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.atdmt.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.mediaforge.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.adbrite.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.trafficmp.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.easybitsmedia.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.easybitsmedia.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
track.effiliation.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.imrworldwide.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.imrworldwide.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.eyewonder.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.guj.122.2o7.net [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.specificclick.net [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.vodafonegroup.122.2o7.net [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
fl01.ct2.comclick.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.apmebf.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
eas.apm.emediate.eu [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.ru4.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
clicks.pangora.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
clicks.pangora.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
eas.apm.emediate.eu [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
eas.apm.emediate.eu [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.zieltrack.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.xiti.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.ads.quartermedia.de [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.adxpose.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.anrtx.tacoda.net [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.ar.atwola.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.advertising.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.advertising.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.at.atwola.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.tacoda.at.atwola.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.tacoda.at.atwola.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.at.atwola.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.112.2o7.net [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
vlc-media-player.softonic.de [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
vlc-media-player.softonic.de [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
vlc-media-player.softonic.de [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
vlc-media-player.softonic.de [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
vlc-media-player.softonic.de [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.im.banner.t-online.de [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.ero-advertising.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.gostats.de [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
www.zanox-affiliate.de [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.playporn.to [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.playporn.to [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.webstats4u.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
toplist.sbsb.cc [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
adserver2.clipkit.de [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.doubleclick.net [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.estat.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.sexkino.to [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.sexkino.to [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.advert-layer.de [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.advert-layer.de [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.track.webgains.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.euros4click.de [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.apmebf.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.partypoker.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.partypoker.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.de.partypoker.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.de.partypoker.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.de.partypoker.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.partypoker.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.zedo.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.zedo.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.azjmp.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
ads.adxvalue.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.lfstmedia.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.mediaplex.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.mediaforge.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.gsimedia.net [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.adbrite.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.trafficmp.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.trafficmp.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.adserver.adtechus.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
fidelity.rotator.hadj7.adjuggler.net [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
fidelity.rotator.hadj7.adjuggler.net [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
dc.tremormedia.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.getclicky.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.static.getclicky.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
in.getclicky.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
tracking.tchibo.de [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.liveperson.net [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.liveperson.net [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
ad.zanox.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.mm.chitika.net [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
statse.webtrendslive.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.ad.adnet.de [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.ad.adnet.de [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
track.effiliation.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
ads.247activemedia.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
adsrv1.admediate.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
eas.apm.emediate.eu [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.weborama.fr [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
ads2.makemereach.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.eyewonder.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
track.vipgamesnetwork.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
tracking.mtspace.de [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.thinkgeek.112.2o7.net [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
tracking.sim-technik.de [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.rambler.ru [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.banners.victor.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.countomat.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.histats.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.histats.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
www9.addfreestats.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.bubblestat.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.bubblestat.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.bubblestat.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.bubblestat.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.bubblestat.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.bubblestat.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.leylines.solution.weborama.fr [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.leylines.solution.weborama.fr [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.leylines.solution.weborama.fr [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.leylines.solution.weborama.fr [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.stat.4u.pl [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.aim4media.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.aim4media.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.clicksor.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.clicksor.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.clicksor.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.clicksor.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
s06.flagcounter.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.mmotraffic.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.mmotraffic.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.bs.serving-sys.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
tracking.gameforge.de [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.sevenoneintermedia.112.2o7.net [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
ad.adition.net [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.lfstmedia.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.microsoftwindows.112.2o7.net [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.tribalfusion.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
www.active-tracking.de [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
www.active-tracking.de [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
www.active-tracking.de [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.realmedia.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.questionmarket.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.tracking.quisma.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
tracking.quisma.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.overture.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.hightraffic.hugoboss.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
www.zanox-affiliate.de [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.content.yieldmanager.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.usgs.122.2o7.net [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.germanwings.112.2o7.net [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
accounts.youtube.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
track.adform.net [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.amazon-adsystem.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.adbrite.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.unitymedia.de [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.unitymedia.de [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.statcounter.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.amazon-adsystem.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.msnportal.112.2o7.net [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.atdmt.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.realmedia.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.realmedia.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.a.revenuemax.de [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
partners.webmasterplan.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.lfstmedia.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.lfstmedia.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
fl01.ct2.comclick.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.doubleclick.net [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.at.atwola.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
ad.adserver01.de [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
ad.adition.net [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
ad.adition.net [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
eas.apm.emediate.eu [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.adxvalue.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.adxvalue.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.adxvalue.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.adxvalue.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.bs.serving-sys.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.questionmarket.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.liveperson.net [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
fl01.ct2.comclick.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
fl01.ct2.comclick.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
tracking.quisma.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.tracking.quisma.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.adviva.net [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.liveperson.net [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
sales.liveperson.net [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
adserver.mitfahrzentrale.de [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
ww251.smartadserver.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
UseNeXT | In vollem DSL-Speed aus dem Usenet downloaden! [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.yieldmanager.net [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
track.adform.net [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.adform.net [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
ads.adxvalue.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
ads.adxvalue.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
ads.adxvalue.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
ads.adxvalue.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
etracker Home - forget log-file analysis, this is real-time Web Analytics and online market research [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
etracker Home - forget log-file analysis, this is real-time Web Analytics and online market research [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
ad.zanox.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.zanox-affiliate.de [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.traffictrack.de [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.adition.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.adition.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
ad4.adfarm1.adition.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.tracking.quisma.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
studivz.adfarm1.adition.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
studivz.adfarm1.adition.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
ad1.adfarm1.adition.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
moviepilot - Filme nach deinem Geschmack [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.moviepilot.de [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.moviepilot.de [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.moviepilot.de [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
ad2.adfarm1.adition.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
ad3.adfarm1.adition.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
adfarm1.adition.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.zanox.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.mediaplex.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.lfstmedia.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
accounts.google.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
accounts.google.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
accounts.google.com [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]
.fastclick.net [ C:\USERS\ANNE-SOPHIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D51RCDSI.DEFAULT\COOKIES.SQLITE ]

Die Cookies können weg

Last but not least: ESET

ESETSmartInstaller@High as downloader log:
all ok
ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=3327a2e8b704614db4dc6ad376bf0150
# end=stopped
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2011-11-17 01:23:31
# local_time=2011-11-17 02:23:31 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1033
# osver=5.1.2600 NT Service Pack 2
# compatibility_mode=5893 16776573 100 94 11739 73166047 0 0
# compatibility_mode=8192 67108863 100 0 7508 7508 0 0
# scanned=24
# found=0
# cleaned=0
# scan_time=15
ESETSmartInstaller@High as downloader log:
all ok
esets_scanner_update returned -1 esets_gle=53251
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=3327a2e8b704614db4dc6ad376bf0150
# end=stopped
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2011-11-17 02:13:44
# local_time=2011-11-17 03:13:44 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1033
# osver=5.1.2600 NT Service Pack 2
# compatibility_mode=5893 16776573 100 94 11865 73166173 0 0
# compatibility_mode=8192 67108863 100 0 7634 7634 0 0
# scanned=122278
# found=0
# cleaned=0
# scan_time=2901
ESETSmartInstaller@High as downloader log:
all ok
esets_scanner_update returned -1 esets_gle=53251
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=3327a2e8b704614db4dc6ad376bf0150
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2011-11-17 03:06:35
# local_time=2011-11-17 04:06:35 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=5893 16776573 100 94 14868 73169176 0 0
# compatibility_mode=8192 67108863 100 0 10637 10637 0 0
# scanned=137151
# found=1
# cleaned=0
# scan_time=3069
D:\Downloads\SoftonicDownloader_fuer_vlc-media-player.exe a variant of Win32/SoftonicDownloader.A application (unable to clean) 00000000000000000000000000000000 I
ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=3327a2e8b704614db4dc6ad376bf0150
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2011-11-17 06:54:46
# local_time=2011-11-17 07:54:46 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=5893 16776573 100 94 6741 73182140 0 0
# compatibility_mode=8192 67108863 100 0 23601 23601 0 0
# scanned=144968
# found=1
# cleaned=0
# scan_time=3796
D:\Downloads\SoftonicDownloader_fuer_vlc-media-player.exe a variant of Win32/SoftonicDownloader.A application (unable to clean) 00000000000000000000000000000000 I
ESETSmartInstaller@High as downloader log:
Can not read file from internet.ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=3327a2e8b704614db4dc6ad376bf0150
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2011-11-21 07:01:52
# local_time=2011-11-21 08:01:52 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1033
# osver=5.1.2600 NT Service Pack 2
# compatibility_mode=5893 16776573 100 94 10873 73528438 0 0
# compatibility_mode=8192 67108863 100 0 369899 369899 0 0
# scanned=150743
# found=0
# cleaned=0
# scan_time=3524

Ok, keine weiteren Funde.
Rechner wieder im Lot?

Das hoffe ich!

Ich habe gerade etwas probleme mit der Internetverbindung, das kann aber auch an meinem Router liegen.
Eine Frage hätt ich noch:
Der Trojaner hatte die Proxy-einstellungen konfiguriert. Um in's Internet zu kommen habe ich bei den Einstellungen für Firefox "Proxy-Einstellungen des Systems verwenden" ausgewählt. Sollte ich jetzt lieber wieder manuell einen Proxy eingeben, oder kann ich das so lassen?

Nein, "kein Proxy" ist richtig.

Dann wären wir durch! :abklatsch:

Die Programme, die hier zum Einsatz kamen, können alle wieder runter. CF kann über Start, Ausführen mit combofix /uninstall entfernt werden. Melde dich falls es da Fehlermeldungen zu gibt.
Malwarebytes zu behalten ist kein Fehler. Kannst ja 1x im Monat damit scannen, aber immer vorher ans Update denken.

Bitte abschließend die Updates prüfen, unten mein Leitfaden dazu. Um in Zukunft die Aktualität der installierten Programme besser im Überblick zu halten, kannst du zB Secunia PSI verwenden.
Für noch mehr Sicherheit solltest Du nach der beseitigten Infektion auch möglichst alle Passwörter ändern.

Microsoftupdate

Windows XP: Besuch mit dem IE die MS-Updateseite und lass Dir alle wichtigen Updates installieren.

Windows Vista/7: Anleitung Windows-Update

PDF-Reader aktualisieren
Ein veralteter AdobeReader stellt ein großes Sicherheitsrisiko dar. Du solltest daher besser alte Versionen vom AdobeReader über Systemsteuerung => Software bzw. Programme und Funktionen deinstallieren, indem Du dort auf "Adobe Reader x.0" klickst und das Programm entfernst. (falls du AdobeReader installiert hast)

Ich empfehle einen alternativen PDF-Reader wie PDF Xchange Viewer, SumatraPDF oder Foxit PDF Reader, die sind sehr viel schlanker und flotter als der AdobeReader.

Bitte überprüf bei der Gelegenheit auch die Aktualität des Flashplayers, hier der direkte Downloadlink:

Mozilla und andere Browser => http://filepony.de/?q=Flash+Player
Internet Explorer => http://fpdownload.adobe.com/get/flas..._player_ax.exe

Natürlich auch darauf achten, dass andere installierte Browser wie zB Firefox, Opera oder Chrome aktuell sind.

Java-Update
Veraltete Java-Installationen sind ein Sicherheitsrisiko, daher solltest Du die alten Versionen löschen (falls vorhanden, am besten mit JavaRa) und auf die neuste aktualisieren. Beende dazu alle Programme (v.a. die Browser), klick danach auf Start, Systemsteuerung, Software und deinstalliere darüber alle aufgelisteten Java-Versionen. Lad Dir danach von hier das aktuelle Java SE Runtime Environment (JRE) herunter und installiere es.

Oha, das ist ja ne Liste,
Ich versuche alle Tipps zu beherzigen.
McAfee hat bei der erneuten Installation Malwarebytes runter geschmissen. :-(

Also vielen vielen Dank für deine Hilfe, und die Zeit, die du für mich opfern musstest.
Ich werd was auf's Spendenkonto überweisen :-)
Eine schöne Woche noch!

Zitat:

McAfee hat bei der erneuten Installation Malwarebytes runter geschmissen. :-(

Dann solltest du mal McAfee runterschmeißen und nach einem besseren Scanner als Ersatz suchen => Avast, MSE oder einfach nur Malwarebytes

Ja, aber erst wenn die Lizenz abgelaufen ist. Hab ja immerhin Geld dafür bezahlt.

Zitat:

Ja, aber erst wenn die Lizenz abgelaufen ist. Hab ja immerhin Geld dafür bezahlt.

Sehr löblich, dass du die Wirtschaft ankurbeln willst, aber Geld für einen Virenscanner ausgeben muss man wirklich nicht :D
Wenn du Malwarebytes nutzen willst, dann muss es auf der Ausnahmeliste von McAfee stehen. Wie genau das geht wird sicherlich in dem zum Lieferumfang gehörenden Handbuch der McAfee-Lizenz stehen.