| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Verschlüsselungs-Trojaner mit Aufforderung Geld zu überweisenWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
11.06.2012, 15:57
| #16 |
| /// Winkelfunktion /// TB-Süch-Tiger™   |  Verschlüsselungs-Trojaner mit Aufforderung Geld zu überweisen Du hast die Anleitung nicht 1:1 umgesetzt! Das Fixscript muss in die Textbox Bitte sorgfältiger lesen und umsetzen!
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
11.06.2012, 16:24
| #17 |
 | Verschlüsselungs-Trojaner mit Aufforderung Geld zu überweisen Hmm, da muss wohl irgendwas falsch gelaufen sein ... Habs jetzt nochmal gemacht.
__________________Danke für deine Mühe !Code:
ATTFilter All processes killed
========== OTL ==========
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Local Page| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
HKU\S-1-5-21-3810083623-1191388484-3988811414-1001\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully!
HKU\S-1-5-21-3810083623-1191388484-3988811414-1001\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache| /E : value set successfully!
HKU\S-1-5-21-3810083623-1191388484-3988811414-1001\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache AcceptLangs| /E : value set successfully!
HKU\S-1-5-21-3810083623-1191388484-3988811414-1001\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache_TIMESTAMP| /E : value set successfully!
HKEY_USERS\S-1-5-21-3810083623-1191388484-3988811414-1001\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-3810083623-1191388484-3988811414-1001\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked not found.
Registry value HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin not found.
Registry value HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktop not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktopChanges not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\ConsentPromptBehaviorAdmin not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\ConsentPromptBehaviorUser not found.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33103 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Karolin
->Temp folder emptied: 1519056058 bytes
->Temporary Internet Files folder emptied: 86362339 bytes
->Java cache emptied: 22395374 bytes
->FireFox cache emptied: 331405107 bytes
->Flash cache emptied: 98761 bytes
User: Public
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 508951686 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 67698 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 2.354,00 mb
[EMPTYFLASH]
User: All Users
User: Default
User: Default User
User: Karolin
->Flash cache emptied: 0 bytes
User: Public
Total Flash Files Cleaned = 0,00 mb
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
OTL by OldTimer - Version 3.2.47.0 log created on 06112012_171440
Files\Folders moved on Reboot...
C:\Users\Karolin\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
File move failed. C:\Windows\temp\dsiwmis.log scheduled to be moved on reboot.
Registry entries deleted on Reboot...
|
|
11.06.2012, 20:17
| #18 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Verschlüsselungs-Trojaner mit Aufforderung Geld zu überweisen Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten Anleitung und Downloadlink hier => http://www.trojaner-board.de/82358-t...entfernen.html
__________________Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm! Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet, Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten. Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition (meistens Laufwerk C nach, da speichert der TDSS-Killer seine Logs.Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten! 
__________________ |
|
11.06.2012, 22:34
| #19 |
| | Verschlüsselungs-Trojaner mit Aufforderung Geld zu überweisenCode:
ATTFilter 23:29:41.0840 2604 TDSS rootkit removing tool 2.7.36.0 May 21 2012 16:40:16
23:29:42.0121 2604 ============================================================
23:29:42.0121 2604 Current date / time: 2012/06/11 23:29:42.0121
23:29:42.0121 2604 SystemInfo:
23:29:42.0121 2604
23:29:42.0121 2604 OS Version: 6.1.7600 ServicePack: 0.0
23:29:42.0121 2604 Product type: Workstation
23:29:42.0121 2604 ComputerName: KAROLIN-PC
23:29:42.0121 2604 UserName: Karolin
23:29:42.0121 2604 Windows directory: C:\Windows
23:29:42.0121 2604 System windows directory: C:\Windows
23:29:42.0121 2604 Running under WOW64
23:29:42.0121 2604 Processor architecture: Intel x64
23:29:42.0121 2604 Number of processors: 2
23:29:42.0121 2604 Page size: 0x1000
23:29:42.0136 2604 Boot type: Normal boot
23:29:42.0136 2604 ============================================================
23:29:43.0431 2604 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
23:29:43.0431 2604 ============================================================
23:29:43.0431 2604 \Device\Harddisk0\DR0:
23:29:43.0431 2604 MBR partitions:
23:29:43.0431 2604 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x1C01A24, BlocksNum 0x32FCD
23:29:43.0431 2604 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1C349F1, BlocksNum 0x237F98BF
23:29:43.0431 2604 ============================================================
23:29:43.0462 2604 C: <-> \Device\Harddisk0\DR0\Partition1
23:29:43.0462 2604 ============================================================
23:29:43.0462 2604 Initialize success
23:29:43.0462 2604 ============================================================
23:30:07.0003 4376 ============================================================
23:30:07.0003 4376 Scan started
23:30:07.0003 4376 Mode: Manual; SigCheck; TDLFS;
23:30:07.0003 4376 ============================================================
23:30:07.0923 4376 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\DRIVERS\1394ohci.sys
23:30:08.0110 4376 1394ohci - ok
23:30:08.0157 4376 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\DRIVERS\ACPI.sys
23:30:08.0173 4376 ACPI - ok
23:30:08.0204 4376 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\DRIVERS\acpipmi.sys
23:30:08.0297 4376 AcpiPmi - ok
23:30:08.0344 4376 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
23:30:08.0360 4376 adp94xx - ok
23:30:08.0422 4376 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
23:30:08.0438 4376 adpahci - ok
23:30:08.0453 4376 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
23:30:08.0485 4376 adpu320 - ok
23:30:08.0516 4376 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
23:30:08.0594 4376 AeLookupSvc - ok
23:30:08.0656 4376 AFD (db9d6c6b2cd95a9ca414d045b627422e) C:\Windows\system32\drivers\afd.sys
23:30:08.0765 4376 AFD - ok
23:30:08.0797 4376 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\DRIVERS\agp440.sys
23:30:08.0828 4376 agp440 - ok
23:30:08.0875 4376 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
23:30:08.0953 4376 ALG - ok
23:30:08.0984 4376 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\DRIVERS\aliide.sys
23:30:09.0015 4376 aliide - ok
23:30:09.0062 4376 AMD External Events Utility (53e74b13eef0e3ed256f4b8028f91274) C:\Windows\system32\atiesrxx.exe
23:30:09.0124 4376 AMD External Events Utility - ok
23:30:09.0124 4376 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\DRIVERS\amdide.sys
23:30:09.0140 4376 amdide - ok
23:30:09.0187 4376 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
23:30:09.0233 4376 AmdK8 - ok
23:30:09.0577 4376 amdkmdag (09a3d41550116e898c4c6f2b941e6d07) C:\Windows\system32\DRIVERS\atipmdag.sys
23:30:09.0748 4376 amdkmdag - ok
23:30:09.0857 4376 amdkmdap (5e9d3213040458690ebb61c37ec685ba) C:\Windows\system32\DRIVERS\atikmpag.sys
23:30:09.0904 4376 amdkmdap - ok
23:30:09.0935 4376 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
23:30:09.0998 4376 AmdPPM - ok
23:30:10.0045 4376 amdsata (ec7ebab00a4d8448bab68d1e49b4beb9) C:\Windows\system32\drivers\amdsata.sys
23:30:10.0076 4376 amdsata - ok
23:30:10.0091 4376 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
23:30:10.0107 4376 amdsbs - ok
23:30:10.0138 4376 amdxata (db27766102c7bf7e95140a2aa81d042e) C:\Windows\system32\drivers\amdxata.sys
23:30:10.0154 4376 amdxata - ok
23:30:10.0247 4376 AntiVirSchedulerService (c27d46b06d340293670450fce9dfb166) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
23:30:10.0279 4376 AntiVirSchedulerService - ok
23:30:10.0310 4376 AntiVirService (72d90e56563165984224493069c69ed4) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
23:30:10.0325 4376 AntiVirService - ok
23:30:10.0357 4376 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys
23:30:10.0466 4376 AppID - ok
23:30:10.0497 4376 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
23:30:10.0544 4376 AppIDSvc - ok
23:30:10.0575 4376 Appinfo (d065be66822847b7f127d1f90158376e) C:\Windows\System32\appinfo.dll
23:30:10.0637 4376 Appinfo - ok
23:30:10.0700 4376 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
23:30:10.0731 4376 arc - ok
23:30:10.0731 4376 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
23:30:10.0747 4376 arcsas - ok
23:30:10.0778 4376 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
23:30:10.0825 4376 AsyncMac - ok
23:30:10.0840 4376 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\DRIVERS\atapi.sys
23:30:10.0856 4376 atapi - ok
23:30:10.0996 4376 athr (d53972336e7408330417de45619d75e7) C:\Windows\system32\DRIVERS\athrx.sys
23:30:11.0090 4376 athr - ok
23:30:11.0230 4376 AtiPcie (c07a040d6b5a42dd41ee386cf90974c8) C:\Windows\system32\DRIVERS\AtiPcie.sys
23:30:11.0293 4376 AtiPcie - ok
23:30:11.0355 4376 AudioEndpointBuilder (07721a77180edd4d39ccb865bf63c7fd) C:\Windows\System32\Audiosrv.dll
23:30:11.0433 4376 AudioEndpointBuilder - ok
23:30:11.0449 4376 AudioSrv (07721a77180edd4d39ccb865bf63c7fd) C:\Windows\System32\Audiosrv.dll
23:30:11.0496 4376 AudioSrv - ok
23:30:11.0558 4376 avgntflt (b1224e6b086cd6548315b04ab575a23e) C:\Windows\system32\DRIVERS\avgntflt.sys
23:30:11.0589 4376 avgntflt - ok
23:30:11.0636 4376 avipbb (ed45f12cfa62b83765c9c1496758cc87) C:\Windows\system32\DRIVERS\avipbb.sys
23:30:11.0652 4376 avipbb - ok
23:30:11.0683 4376 AxInstSV (b20b5fa5ca050e9926e4d1db81501b32) C:\Windows\System32\AxInstSV.dll
23:30:11.0792 4376 AxInstSV - ok
23:30:11.0854 4376 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
23:30:11.0917 4376 b06bdrv - ok
23:30:11.0948 4376 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
23:30:12.0010 4376 b57nd60a - ok
23:30:12.0073 4376 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
23:30:12.0151 4376 BDESVC - ok
23:30:12.0182 4376 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
23:30:12.0276 4376 Beep - ok
23:30:12.0338 4376 BFE (4992c609a6315671463e30f6512bc022) C:\Windows\System32\bfe.dll
23:30:12.0416 4376 BFE - ok
23:30:12.0478 4376 BITS (7f0c323fe3da28aa4aa1bda3f575707f) C:\Windows\System32\qmgr.dll
23:30:12.0541 4376 BITS - ok
23:30:12.0588 4376 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
23:30:12.0634 4376 blbdrive - ok
23:30:12.0697 4376 bowser (19d20159708e152267e53b66677a4995) C:\Windows\system32\DRIVERS\bowser.sys
23:30:12.0759 4376 bowser - ok
23:30:12.0806 4376 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
23:30:12.0853 4376 BrFiltLo - ok
23:30:12.0853 4376 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
23:30:12.0868 4376 BrFiltUp - ok
23:30:12.0900 4376 Browser (94fbc06f294d58d02361918418f996e3) C:\Windows\System32\browser.dll
23:30:12.0993 4376 Browser - ok
23:30:13.0024 4376 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
23:30:13.0071 4376 Brserid - ok
23:30:13.0087 4376 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
23:30:13.0118 4376 BrSerWdm - ok
23:30:13.0118 4376 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
23:30:13.0180 4376 BrUsbMdm - ok
23:30:13.0212 4376 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
23:30:13.0227 4376 BrUsbSer - ok
23:30:13.0243 4376 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
23:30:13.0258 4376 BTHMODEM - ok
23:30:13.0290 4376 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
23:30:13.0336 4376 bthserv - ok
23:30:13.0368 4376 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
23:30:13.0414 4376 cdfs - ok
23:30:13.0446 4376 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys
23:30:13.0477 4376 cdrom - ok
23:30:13.0508 4376 CertPropSvc (312e2f82af11e79906898ac3e3d58a1f) C:\Windows\System32\certprop.dll
23:30:13.0617 4376 CertPropSvc - ok
23:30:13.0648 4376 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
23:30:13.0680 4376 circlass - ok
23:30:13.0711 4376 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
23:30:13.0726 4376 CLFS - ok
23:30:13.0804 4376 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
23:30:13.0836 4376 clr_optimization_v2.0.50727_32 - ok
23:30:13.0851 4376 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
23:30:13.0867 4376 clr_optimization_v2.0.50727_64 - ok
23:30:13.0945 4376 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
23:30:13.0976 4376 clr_optimization_v4.0.30319_32 - ok
23:30:14.0007 4376 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
23:30:14.0007 4376 clr_optimization_v4.0.30319_64 - ok
23:30:14.0038 4376 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
23:30:14.0070 4376 CmBatt - ok
23:30:14.0085 4376 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\DRIVERS\cmdide.sys
23:30:14.0101 4376 cmdide - ok
23:30:14.0179 4376 CNG (937beb186a735aca91d717044a49d17e) C:\Windows\system32\Drivers\cng.sys
23:30:14.0226 4376 CNG - ok
23:30:14.0257 4376 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
23:30:14.0288 4376 Compbatt - ok
23:30:14.0304 4376 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\DRIVERS\CompositeBus.sys
23:30:14.0350 4376 CompositeBus - ok
23:30:14.0366 4376 COMSysApp - ok
23:30:14.0382 4376 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
23:30:14.0397 4376 crcdisk - ok
23:30:14.0444 4376 CryptSvc (8c57411b66282c01533cb776f98ad384) C:\Windows\system32\cryptsvc.dll
23:30:14.0491 4376 CryptSvc - ok
23:30:14.0538 4376 DcomLaunch (7266972e86890e2b30c0c322e906b027) C:\Windows\system32\rpcss.dll
23:30:14.0600 4376 DcomLaunch - ok
23:30:14.0647 4376 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
23:30:14.0694 4376 defragsvc - ok
23:30:14.0756 4376 DfsC (9c253ce7311ca60fc11c774692a13208) C:\Windows\system32\Drivers\dfsc.sys
23:30:14.0818 4376 DfsC - ok
23:30:14.0881 4376 Dhcp (ce3b9562d997f69b330d181a8875960f) C:\Windows\system32\dhcpcore.dll
23:30:15.0006 4376 Dhcp - ok
23:30:15.0037 4376 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
23:30:15.0130 4376 discache - ok
23:30:15.0177 4376 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
23:30:15.0193 4376 Disk - ok
23:30:15.0240 4376 Dnscache (85cf424c74a1d5ec33533e1dbff9920a) C:\Windows\System32\dnsrslvr.dll
23:30:15.0271 4376 Dnscache - ok
23:30:15.0318 4376 dot3svc (14452acdb09b70964c8c21bf80a13acb) C:\Windows\System32\dot3svc.dll
23:30:15.0364 4376 dot3svc - ok
23:30:15.0427 4376 Dot4 (b42ed0320c6e41102fde0005154849bb) C:\Windows\system32\DRIVERS\Dot4.sys
23:30:15.0474 4376 Dot4 - ok
23:30:15.0505 4376 Dot4Print (85135ad27e79b689335c08167d917cde) C:\Windows\system32\DRIVERS\Dot4Prt.sys
23:30:15.0536 4376 Dot4Print - ok
23:30:15.0567 4376 dot4usb (fd05a02b0370bc3000f402e543ca5814) C:\Windows\system32\DRIVERS\dot4usb.sys
23:30:15.0598 4376 dot4usb - ok
23:30:15.0630 4376 DPS (8c2ba6bea949ee6e68385f5692bafb94) C:\Windows\system32\dps.dll
23:30:15.0692 4376 DPS - ok
23:30:15.0723 4376 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
23:30:15.0786 4376 drmkaud - ok
23:30:15.0895 4376 DsiWMIService (61e894fe1e9cc720c909e6e343351794) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
23:30:15.0926 4376 DsiWMIService - ok
23:30:16.0004 4376 DXGKrnl (1633b9abf52784a1331476397a48cbef) C:\Windows\System32\drivers\dxgkrnl.sys
23:30:16.0051 4376 DXGKrnl - ok
23:30:16.0098 4376 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
23:30:16.0176 4376 EapHost - ok
23:30:16.0332 4376 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
23:30:16.0394 4376 ebdrv - ok
23:30:16.0503 4376 EFS (156f6159457d0aa7e59b62681b56eb90) C:\Windows\System32\lsass.exe
23:30:16.0566 4376 EFS - ok
23:30:16.0659 4376 ehRecvr (47c071994c3f649f23d9cd075ac9304a) C:\Windows\ehome\ehRecvr.exe
23:30:16.0753 4376 ehRecvr - ok
23:30:16.0784 4376 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
23:30:16.0862 4376 ehSched - ok
23:30:16.0956 4376 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
23:30:16.0971 4376 elxstor - ok
23:30:17.0080 4376 ePowerSvc (49eef52bfb986a2b5d70f4ec12637d7b) C:\Program Files\eMachines\eMachines Power Management\ePowerSvc.exe
23:30:17.0112 4376 ePowerSvc - ok
23:30:17.0221 4376 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\DRIVERS\errdev.sys
23:30:17.0268 4376 ErrDev - ok
23:30:17.0346 4376 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
23:30:17.0408 4376 EventSystem - ok
23:30:17.0455 4376 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
23:30:17.0517 4376 exfat - ok
23:30:17.0548 4376 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
23:30:17.0595 4376 fastfat - ok
23:30:17.0673 4376 Fax (d607b2f1bee3992aa6c2c92c0a2f0855) C:\Windows\system32\fxssvc.exe
23:30:17.0736 4376 Fax - ok
23:30:17.0751 4376 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
23:30:17.0798 4376 fdc - ok
23:30:17.0829 4376 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
23:30:17.0907 4376 fdPHost - ok
23:30:17.0938 4376 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
23:30:17.0985 4376 FDResPub - ok
23:30:18.0016 4376 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
23:30:18.0032 4376 FileInfo - ok
23:30:18.0048 4376 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
23:30:18.0094 4376 Filetrace - ok
23:30:18.0110 4376 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
23:30:18.0141 4376 flpydisk - ok
23:30:18.0172 4376 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys
23:30:18.0188 4376 FltMgr - ok
23:30:18.0266 4376 FontCache (cb5e4b9c319e3c6bb363eb7e58a4a051) C:\Windows\system32\FntCache.dll
23:30:18.0313 4376 FontCache - ok
23:30:18.0375 4376 FontCache3.0.0.0 (8d89e3131c27fdd6932189cb785e1b7a) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
23:30:18.0406 4376 FontCache3.0.0.0 - ok
23:30:18.0438 4376 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
23:30:18.0469 4376 FsDepends - ok
23:30:18.0500 4376 Fs_Rec (d3e3f93d67821a2db2b3d9fac2dc2064) C:\Windows\system32\drivers\Fs_Rec.sys
23:30:18.0516 4376 Fs_Rec - ok
23:30:18.0562 4376 fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\Windows\system32\DRIVERS\fvevol.sys
23:30:18.0578 4376 fvevol - ok
23:30:18.0609 4376 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
23:30:18.0625 4376 gagp30kx - ok
23:30:18.0734 4376 GameConsoleService (6858c318e8daa40e747e6fb9b214e104) C:\Program Files (x86)\eMachines Games\eMachines Game Console\GameConsoleService.exe
23:30:18.0765 4376 GameConsoleService - ok
23:30:18.0812 4376 gpsvc (fe5ab4525bc2ec68b9119a6e5d40128b) C:\Windows\System32\gpsvc.dll
23:30:18.0859 4376 gpsvc - ok
23:30:18.0937 4376 GREGService (0191dee9b9eb7902af2cf4f67301095d) C:\Program Files (x86)\eMachines\Registration\GREGsvc.exe
23:30:18.0952 4376 GREGService - ok
23:30:18.0999 4376 gupdate (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
23:30:18.0999 4376 gupdate - ok
23:30:19.0030 4376 gupdatem (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
23:30:19.0046 4376 gupdatem - ok
23:30:19.0093 4376 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
23:30:19.0124 4376 gusvc - ok
23:30:19.0171 4376 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
23:30:19.0218 4376 hcw85cir - ok
23:30:19.0264 4376 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\Windows\system32\drivers\HdAudio.sys
23:30:19.0311 4376 HdAudAddService - ok
23:30:19.0358 4376 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\DRIVERS\HDAudBus.sys
23:30:19.0374 4376 HDAudBus - ok
23:30:19.0389 4376 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
23:30:19.0420 4376 HidBatt - ok
23:30:19.0436 4376 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
23:30:19.0467 4376 HidBth - ok
23:30:19.0498 4376 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
23:30:19.0530 4376 HidIr - ok
23:30:19.0561 4376 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
23:30:19.0623 4376 hidserv - ok
23:30:19.0670 4376 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys
23:30:19.0701 4376 HidUsb - ok
23:30:19.0764 4376 hkmsvc (efa58ede58dd74388ffd04cb32681518) C:\Windows\system32\kmsvc.dll
23:30:19.0810 4376 hkmsvc - ok
23:30:19.0857 4376 HomeGroupListener (046b2673767ca626e2cfb7fdf735e9e8) C:\Windows\system32\ListSvc.dll
23:30:19.0935 4376 HomeGroupListener - ok
23:30:19.0966 4376 HomeGroupProvider (06a7422224d9865a5613710a089987df) C:\Windows\system32\provsvc.dll
23:30:20.0029 4376 HomeGroupProvider - ok
23:30:20.0154 4376 hpqcxs08 (1dae5c46d42b02a6d5862e1482efb390) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
23:30:20.0185 4376 hpqcxs08 ( UnsignedFile.Multi.Generic ) - warning
23:30:20.0185 4376 hpqcxs08 - detected UnsignedFile.Multi.Generic (1)
23:30:20.0232 4376 hpqddsvc (99e8eef42fe2f4af29b08c3355dd7685) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
23:30:20.0263 4376 hpqddsvc ( UnsignedFile.Multi.Generic ) - warning
23:30:20.0263 4376 hpqddsvc - detected UnsignedFile.Multi.Generic (1)
23:30:20.0294 4376 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\DRIVERS\HpSAMD.sys
23:30:20.0325 4376 HpSAMD - ok
23:30:20.0372 4376 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys
23:30:20.0466 4376 HTTP - ok
23:30:20.0481 4376 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys
23:30:20.0512 4376 hwpolicy - ok
23:30:20.0559 4376 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
23:30:20.0590 4376 i8042prt - ok
23:30:20.0653 4376 iaStorV (b75e45c564e944a2657167d197ab29da) C:\Windows\system32\drivers\iaStorV.sys
23:30:20.0684 4376 iaStorV - ok
23:30:20.0778 4376 idsvc (2f2be70d3e02b6fa877921ab9516d43c) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
23:30:20.0824 4376 idsvc - ok
23:30:20.0856 4376 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
23:30:20.0871 4376 iirsp - ok
23:30:20.0918 4376 IKEEXT (c5b4683680df085b57bc53e5ef34861f) C:\Windows\System32\ikeext.dll
23:30:20.0980 4376 IKEEXT - ok
23:30:21.0136 4376 IntcAzAudAddService (feadc18677a85a123e95a9b976101120) C:\Windows\system32\drivers\RTKVHD64.sys
23:30:21.0199 4376 IntcAzAudAddService - ok
23:30:21.0308 4376 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\DRIVERS\intelide.sys
23:30:21.0339 4376 intelide - ok
23:30:21.0355 4376 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
23:30:21.0402 4376 intelppm - ok
23:30:21.0448 4376 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
23:30:21.0526 4376 IPBusEnum - ok
23:30:21.0542 4376 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys
23:30:21.0589 4376 IpFilterDriver - ok
23:30:21.0636 4376 iphlpsvc (f8e058d17363ec580e4b7232778b6cb5) C:\Windows\System32\iphlpsvc.dll
23:30:21.0729 4376 iphlpsvc - ok
23:30:21.0760 4376 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\DRIVERS\IPMIDrv.sys
23:30:21.0776 4376 IPMIDRV - ok
23:30:21.0792 4376 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
23:30:21.0838 4376 IPNAT - ok
23:30:21.0870 4376 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
23:30:21.0885 4376 IRENUM - ok
23:30:21.0901 4376 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\DRIVERS\isapnp.sys
23:30:21.0916 4376 isapnp - ok
23:30:21.0932 4376 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\DRIVERS\msiscsi.sys
23:30:21.0948 4376 iScsiPrt - ok
23:30:21.0994 4376 k57nd60a (c9b4ecc187581e5bf3f76648884b7829) C:\Windows\system32\DRIVERS\k57nd60a.sys
23:30:22.0010 4376 k57nd60a - ok
23:30:22.0041 4376 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
23:30:22.0057 4376 kbdclass - ok
23:30:22.0072 4376 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys
23:30:22.0104 4376 kbdhid - ok
23:30:22.0135 4376 KeyIso (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
23:30:22.0150 4376 KeyIso - ok
23:30:22.0150 4376 KSecDD (16c1b906fc5ead84769f90b736b6bf0e) C:\Windows\system32\Drivers\ksecdd.sys
23:30:22.0182 4376 KSecDD - ok
23:30:22.0197 4376 KSecPkg (0b711550c56444879d71c7daabda6c83) C:\Windows\system32\Drivers\ksecpkg.sys
23:30:22.0213 4376 KSecPkg - ok
23:30:22.0244 4376 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
23:30:22.0291 4376 ksthunk - ok
23:30:22.0338 4376 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
23:30:22.0416 4376 KtmRm - ok
23:30:22.0494 4376 LanmanServer (81f1d04d4d0e433099365127375fd501) C:\Windows\system32\srvsvc.dll
23:30:22.0572 4376 LanmanServer - ok
23:30:22.0603 4376 LanmanWorkstation (27026eac8818e8a6c00a1cad2f11d29a) C:\Windows\System32\wkssvc.dll
23:30:22.0650 4376 LanmanWorkstation - ok
23:30:22.0696 4376 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
23:30:22.0774 4376 lltdio - ok
23:30:22.0806 4376 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
23:30:22.0852 4376 lltdsvc - ok
23:30:22.0884 4376 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
23:30:22.0930 4376 lmhosts - ok
23:30:22.0977 4376 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
23:30:23.0008 4376 LSI_FC - ok
23:30:23.0024 4376 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
23:30:23.0055 4376 LSI_SAS - ok
23:30:23.0055 4376 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
23:30:23.0086 4376 LSI_SAS2 - ok
23:30:23.0086 4376 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
23:30:23.0102 4376 LSI_SCSI - ok
23:30:23.0118 4376 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
23:30:23.0164 4376 luafv - ok
23:30:23.0227 4376 MBAMProtector (dbc08862a71459e74f7538b432c114cc) C:\Windows\system32\drivers\mbam.sys
23:30:23.0258 4376 MBAMProtector - ok
23:30:23.0398 4376 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
23:30:23.0445 4376 MBAMService - ok
23:30:23.0508 4376 McComponentHostService (f453d1e6d881e8f8717e20ccd4199e85) C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe
23:30:23.0539 4376 McComponentHostService - ok
23:30:23.0570 4376 Mcx2Svc (f84c8f1000bc11e3b7b23cbd3baff111) C:\Windows\system32\Mcx2Svc.dll
23:30:23.0601 4376 Mcx2Svc - ok
23:30:23.0617 4376 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
23:30:23.0632 4376 megasas - ok
23:30:23.0679 4376 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
23:30:23.0726 4376 MegaSR - ok
23:30:23.0773 4376 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
23:30:23.0851 4376 MMCSS - ok
23:30:23.0866 4376 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
23:30:23.0913 4376 Modem - ok
23:30:23.0960 4376 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
23:30:24.0007 4376 monitor - ok
23:30:24.0038 4376 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
23:30:24.0069 4376 mouclass - ok
23:30:24.0100 4376 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
23:30:24.0132 4376 mouhid - ok
23:30:24.0163 4376 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys
23:30:24.0194 4376 mountmgr - ok
23:30:24.0256 4376 MozillaMaintenance (96aa8ba23142cc8e2b30f3cae0c80254) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
23:30:24.0288 4376 MozillaMaintenance - ok
23:30:24.0319 4376 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\DRIVERS\mpio.sys
23:30:24.0334 4376 mpio - ok
23:30:24.0350 4376 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
23:30:24.0381 4376 mpsdrv - ok
23:30:24.0444 4376 MpsSvc (aecab449567d1846dad63ece49e893e3) C:\Windows\system32\mpssvc.dll
23:30:24.0506 4376 MpsSvc - ok
23:30:24.0553 4376 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys
23:30:24.0600 4376 MRxDAV - ok
23:30:24.0646 4376 mrxsmb (040d62a9d8ad28922632137acdd984f2) C:\Windows\system32\DRIVERS\mrxsmb.sys
23:30:24.0693 4376 mrxsmb - ok
23:30:24.0740 4376 mrxsmb10 (f0067552f8f9b33d7c59403ab808a3cb) C:\Windows\system32\DRIVERS\mrxsmb10.sys
23:30:24.0787 4376 mrxsmb10 - ok
23:30:24.0802 4376 mrxsmb20 (3c142d31de9f2f193218a53fe2632051) C:\Windows\system32\DRIVERS\mrxsmb20.sys
23:30:24.0834 4376 mrxsmb20 - ok
23:30:24.0849 4376 msahci (5c37497276e3b3a5488b23a326a754b7) C:\Windows\system32\DRIVERS\msahci.sys
23:30:24.0880 4376 msahci - ok
23:30:24.0912 4376 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\DRIVERS\msdsm.sys
23:30:24.0943 4376 msdsm - ok
23:30:24.0990 4376 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
23:30:25.0052 4376 MSDTC - ok
23:30:25.0083 4376 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
23:30:25.0130 4376 Msfs - ok
23:30:25.0177 4376 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
23:30:25.0208 4376 mshidkmdf - ok
23:30:25.0224 4376 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\DRIVERS\msisadrv.sys
23:30:25.0239 4376 msisadrv - ok
23:30:25.0270 4376 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
23:30:25.0317 4376 MSiSCSI - ok
23:30:25.0333 4376 msiserver - ok
23:30:25.0364 4376 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
23:30:25.0411 4376 MSKSSRV - ok
23:30:25.0411 4376 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
23:30:25.0473 4376 MSPCLOCK - ok
23:30:25.0489 4376 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
23:30:25.0536 4376 MSPQM - ok
23:30:25.0582 4376 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys
23:30:25.0598 4376 MsRPC - ok
23:30:25.0629 4376 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
23:30:25.0645 4376 mssmbios - ok
23:30:25.0692 4376 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
23:30:25.0754 4376 MSTEE - ok
23:30:25.0754 4376 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
23:30:25.0785 4376 MTConfig - ok
23:30:25.0801 4376 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
23:30:25.0816 4376 Mup - ok
23:30:25.0848 4376 napagent (4987e079a4530fa737a128be54b63b12) C:\Windows\system32\qagentRT.dll
23:30:25.0910 4376 napagent - ok
23:30:25.0957 4376 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
23:30:25.0988 4376 NativeWifiP - ok
23:30:26.0050 4376 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys
23:30:26.0082 4376 NDIS - ok
23:30:26.0097 4376 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
23:30:26.0144 4376 NdisCap - ok
23:30:26.0175 4376 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
23:30:26.0222 4376 NdisTapi - ok
23:30:26.0253 4376 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys
23:30:26.0331 4376 Ndisuio - ok
23:30:26.0347 4376 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys
23:30:26.0394 4376 NdisWan - ok
23:30:26.0409 4376 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys
23:30:26.0503 4376 NDProxy - ok
23:30:26.0565 4376 Net Driver HPZ12 (d5ac41ae382738483faffbd7e373d49a) C:\Windows\system32\HPZinw12.dll
23:30:26.0581 4376 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
23:30:26.0581 4376 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
23:30:26.0628 4376 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
23:30:26.0690 4376 NetBIOS - ok
23:30:26.0721 4376 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys
23:30:26.0784 4376 NetBT - ok
23:30:26.0830 4376 Netlogon (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
23:30:26.0846 4376 Netlogon - ok
23:30:26.0877 4376 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
23:30:26.0924 4376 Netman - ok
23:30:26.0971 4376 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
23:30:27.0033 4376 netprofm - ok
23:30:27.0158 4376 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
23:30:27.0189 4376 NetTcpPortSharing - ok
23:30:27.0220 4376 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
23:30:27.0252 4376 nfrd960 - ok
23:30:27.0314 4376 NlaSvc (d9a0ce66046d6efa0c61baa885cba0a8) C:\Windows\System32\nlasvc.dll
23:30:27.0376 4376 NlaSvc - ok
23:30:27.0423 4376 nmwcd (985a3f046dfcd58e26d3a95283bb8f1d) C:\Windows\system32\drivers\ccdcmbx64.sys
23:30:27.0501 4376 nmwcd - ok
23:30:27.0532 4376 nmwcdc (5eb41a9656388dc21119ccc33f0ee22a) C:\Windows\system32\drivers\ccdcmbox64.sys
23:30:27.0595 4376 nmwcdc - ok
23:30:27.0626 4376 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
23:30:27.0673 4376 Npfs - ok
23:30:27.0704 4376 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
23:30:27.0798 4376 nsi - ok
23:30:27.0813 4376 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
23:30:27.0860 4376 nsiproxy - ok
23:30:27.0969 4376 Ntfs (378e0e0dfea67d98ae6ea53adbbd76bc) C:\Windows\system32\drivers\Ntfs.sys
23:30:28.0016 4376 Ntfs - ok
23:30:28.0094 4376 NTIBackupSvc (15221dd637d9d0ffc60848ebbf1df538) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
23:30:28.0125 4376 NTIBackupSvc - ok
23:30:28.0234 4376 NTIDrvr (64ddd0dee976302f4bd93e5efcc2f013) C:\Windows\system32\drivers\NTIDrvr.sys
23:30:28.0250 4376 NTIDrvr - ok
23:30:28.0531 4376 NTISchedulerSvc (b5071e15d4c3f5ef5018aff7e85a85e5) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
23:30:28.0578 4376 NTISchedulerSvc - ok
23:30:28.0609 4376 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
23:30:28.0702 4376 Null - ok
23:30:28.0749 4376 nvraid (a4d9c9a608a97f59307c2f2600edc6a4) C:\Windows\system32\drivers\nvraid.sys
23:30:28.0765 4376 nvraid - ok
23:30:28.0780 4376 nvstor (6c1d5f70e7a6a3fd1c90d840edc048b9) C:\Windows\system32\drivers\nvstor.sys
23:30:28.0796 4376 nvstor - ok
23:30:28.0843 4376 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\DRIVERS\nv_agp.sys
23:30:28.0874 4376 nv_agp - ok
23:30:28.0968 4376 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
23:30:28.0999 4376 odserv - ok
23:30:29.0014 4376 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\DRIVERS\ohci1394.sys
23:30:29.0046 4376 ohci1394 - ok
23:30:29.0077 4376 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
23:30:29.0092 4376 ose - ok
23:30:29.0139 4376 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
23:30:29.0202 4376 p2pimsvc - ok
23:30:29.0248 4376 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
23:30:29.0280 4376 p2psvc - ok
23:30:29.0311 4376 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
23:30:29.0326 4376 Parport - ok
23:30:29.0358 4376 partmgr (90061b1acfe8ccaa5345750ffe08d8b8) C:\Windows\system32\drivers\partmgr.sys
23:30:29.0373 4376 partmgr - ok
23:30:29.0404 4376 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
23:30:29.0436 4376 PcaSvc - ok
23:30:29.0482 4376 pccsmcfd (bc0018c2d29f655188a0ed3fa94fdb24) C:\Windows\system32\DRIVERS\pccsmcfdx64.sys
23:30:29.0529 4376 pccsmcfd - ok
23:30:29.0560 4376 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\DRIVERS\pci.sys
23:30:29.0592 4376 pci - ok
23:30:29.0607 4376 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\DRIVERS\pciide.sys
23:30:29.0623 4376 pciide - ok
23:30:29.0638 4376 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
23:30:29.0654 4376 pcmcia - ok
23:30:29.0670 4376 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
23:30:29.0685 4376 pcw - ok
23:30:29.0716 4376 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
23:30:29.0779 4376 PEAUTH - ok
23:30:29.0857 4376 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
23:30:29.0872 4376 PerfHost - ok
23:30:29.0966 4376 pla (557e9a86f65f0de18c9b6751dfe9d3f1) C:\Windows\system32\pla.dll
23:30:30.0044 4376 pla - ok
23:30:30.0122 4376 PlugPlay (98b1721b8718164293b9701b98c52d77) C:\Windows\system32\umpnpmgr.dll
23:30:30.0216 4376 PlugPlay - ok
23:30:30.0262 4376 Pml Driver HPZ12 (37f6046cdc630442d7dc087501ff6fc6) C:\Windows\system32\HPZipm12.dll
23:30:30.0294 4376 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
23:30:30.0294 4376 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
23:30:30.0325 4376 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
23:30:30.0372 4376 PNRPAutoReg - ok
23:30:30.0465 4376 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
23:30:30.0496 4376 PNRPsvc - ok
23:30:30.0543 4376 PolicyAgent (166eb40d1f5b47e615de3d0fffe5f243) C:\Windows\System32\ipsecsvc.dll
23:30:30.0621 4376 PolicyAgent - ok
23:30:30.0668 4376 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
23:30:30.0746 4376 Power - ok
23:30:30.0824 4376 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys
23:30:30.0902 4376 PptpMiniport - ok
23:30:30.0918 4376 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
23:30:30.0949 4376 Processor - ok
23:30:30.0980 4376 ProfSvc (f381975e1f4346de875cb07339ce8d3a) C:\Windows\system32\profsvc.dll
23:30:31.0042 4376 ProfSvc - ok
23:30:31.0074 4376 ProtectedStorage (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
23:30:31.0105 4376 ProtectedStorage - ok
23:30:31.0136 4376 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys
23:30:31.0198 4376 Psched - ok
23:30:31.0308 4376 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
23:30:31.0354 4376 ql2300 - ok
23:30:31.0479 4376 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
23:30:31.0510 4376 ql40xx - ok
23:30:31.0557 4376 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
23:30:31.0604 4376 QWAVE - ok
23:30:31.0604 4376 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
23:30:31.0635 4376 QWAVEdrv - ok
23:30:31.0635 4376 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
23:30:31.0682 4376 RasAcd - ok
23:30:31.0713 4376 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
23:30:31.0760 4376 RasAgileVpn - ok
23:30:31.0776 4376 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
23:30:31.0822 4376 RasAuto - ok
23:30:31.0838 4376 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys
23:30:31.0900 4376 Rasl2tp - ok
23:30:31.0947 4376 RasMan (47394ed3d16d053f5906efe5ab51cc83) C:\Windows\System32\rasmans.dll
23:30:31.0994 4376 RasMan - ok
23:30:32.0025 4376 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
23:30:32.0103 4376 RasPppoe - ok
23:30:32.0119 4376 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
23:30:32.0212 4376 RasSstp - ok
23:30:32.0244 4376 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys
23:30:32.0306 4376 rdbss - ok
23:30:32.0337 4376 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
23:30:32.0353 4376 rdpbus - ok
23:30:32.0384 4376 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
23:30:32.0415 4376 RDPCDD - ok
23:30:32.0446 4376 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
23:30:32.0509 4376 RDPENCDD - ok
23:30:32.0524 4376 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
23:30:32.0571 4376 RDPREFMP - ok
23:30:32.0618 4376 RDPWD (074ac702d8b8b660b0e1371555995386) C:\Windows\system32\drivers\RDPWD.sys
23:30:32.0696 4376 RDPWD - ok
23:30:32.0727 4376 rdyboost (634b9a2181d98f15941236886164ec8b) C:\Windows\system32\drivers\rdyboost.sys
23:30:32.0743 4376 rdyboost - ok
23:30:32.0790 4376 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
23:30:32.0852 4376 RemoteAccess - ok
23:30:32.0899 4376 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
23:30:32.0961 4376 RemoteRegistry - ok
23:30:32.0992 4376 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
23:30:33.0086 4376 RpcEptMapper - ok
23:30:33.0117 4376 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
23:30:33.0148 4376 RpcLocator - ok
23:30:33.0211 4376 RpcSs (7266972e86890e2b30c0c322e906b027) C:\Windows\system32\rpcss.dll
23:30:33.0273 4376 RpcSs - ok
23:30:33.0304 4376 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
23:30:33.0367 4376 rspndr - ok
23:30:33.0445 4376 RSUSBSTOR (3ceee53bbf8ba284ff44585cec0162fe) C:\Windows\System32\Drivers\RtsUStor.sys
23:30:33.0476 4376 RSUSBSTOR - ok
23:30:33.0507 4376 RTHDMIAzAudService (4e821c740a675f6d040be41d59a62b1d) C:\Windows\system32\drivers\RtHDMIVX.sys
23:30:33.0523 4376 RTHDMIAzAudService - ok
23:30:33.0726 4376 SamSs (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
23:30:33.0757 4376 SamSs - ok
23:30:33.0772 4376 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\DRIVERS\sbp2port.sys
23:30:33.0804 4376 sbp2port - ok
23:30:33.0835 4376 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
23:30:33.0882 4376 SCardSvr - ok
23:30:33.0897 4376 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys
23:30:33.0944 4376 scfilter - ok
23:30:34.0006 4376 Schedule (624d0f5ff99428bb90a5b8a4123e918e) C:\Windows\system32\schedsvc.dll
23:30:34.0053 4376 Schedule - ok
23:30:34.0084 4376 SCPolicySvc (312e2f82af11e79906898ac3e3d58a1f) C:\Windows\System32\certprop.dll
23:30:34.0131 4376 SCPolicySvc - ok
23:30:34.0162 4376 SDRSVC (765a27c3279ce11d14cb9e4f5869fca5) C:\Windows\System32\SDRSVC.dll
23:30:34.0240 4376 SDRSVC - ok
23:30:34.0303 4376 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
23:30:34.0396 4376 secdrv - ok
23:30:34.0428 4376 seclogon (463b386ebc70f98da5dff85f7e654346) C:\Windows\system32\seclogon.dll
23:30:34.0490 4376 seclogon - ok
23:30:34.0506 4376 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
23:30:34.0568 4376 SENS - ok
23:30:34.0599 4376 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
23:30:34.0677 4376 SensrSvc - ok
23:30:34.0693 4376 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
23:30:34.0708 4376 Serenum - ok
23:30:34.0724 4376 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
23:30:34.0755 4376 Serial - ok
23:30:34.0771 4376 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
23:30:34.0802 4376 sermouse - ok
23:30:34.0927 4376 ServiceLayer (7d3903af48e6c1dc2704eafcb608d031) C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
23:30:34.0958 4376 ServiceLayer ( UnsignedFile.Multi.Generic ) - warning
23:30:34.0958 4376 ServiceLayer - detected UnsignedFile.Multi.Generic (1)
23:30:35.0020 4376 SessionEnv (c3bc61ce47ff6f4e88ab8a3b429a36af) C:\Windows\system32\sessenv.dll
23:30:35.0067 4376 SessionEnv - ok
23:30:35.0098 4376 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys
23:30:35.0130 4376 sffdisk - ok
23:30:35.0130 4376 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\DRIVERS\sffp_mmc.sys
23:30:35.0145 4376 sffp_mmc - ok
23:30:35.0161 4376 sffp_sd (5588b8c6193eb1522490c122eb94dffa) C:\Windows\system32\DRIVERS\sffp_sd.sys
23:30:35.0192 4376 sffp_sd - ok
23:30:35.0208 4376 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
23:30:35.0239 4376 sfloppy - ok
23:30:35.0286 4376 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
23:30:35.0379 4376 SharedAccess - ok
23:30:35.0410 4376 ShellHWDetection (0298ac45d0efffb2db4baa7dd186e7bf) C:\Windows\System32\shsvcs.dll
23:30:35.0473 4376 ShellHWDetection - ok
23:30:35.0504 4376 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
23:30:35.0535 4376 SiSRaid2 - ok
23:30:35.0535 4376 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
23:30:35.0566 4376 SiSRaid4 - ok
23:30:35.0582 4376 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
23:30:35.0629 4376 Smb - ok
23:30:35.0676 4376 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
23:30:35.0707 4376 SNMPTRAP - ok
23:30:35.0722 4376 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
23:30:35.0738 4376 spldr - ok
23:30:35.0800 4376 Spooler (f8e1fa03cb70d54a9892ac88b91d1e7b) C:\Windows\System32\spoolsv.exe
23:30:35.0847 4376 Spooler - ok
23:30:36.0003 4376 sppsvc (913d843498553a1bc8f8dbad6358e49f) C:\Windows\system32\sppsvc.exe
23:30:36.0097 4376 sppsvc - ok
23:30:36.0190 4376 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
23:30:36.0284 4376 sppuinotify - ok
23:30:36.0346 4376 srv (2408c0366d96bcdf63e8f1c78e4a29c5) C:\Windows\system32\DRIVERS\srv.sys
23:30:36.0393 4376 srv - ok
23:30:36.0440 4376 srv2 (76548f7b818881b47d8d1ae1be9c11f8) C:\Windows\system32\DRIVERS\srv2.sys
23:30:36.0456 4376 srv2 - ok
23:30:36.0502 4376 srvnet (0af6e19d39c70844c5caa8fb0183c36e) C:\Windows\system32\DRIVERS\srvnet.sys
23:30:36.0549 4376 srvnet - ok
23:30:36.0580 4376 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
23:30:36.0674 4376 SSDPSRV - ok
23:30:36.0690 4376 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
23:30:36.0752 4376 SstpSvc - ok
23:30:36.0783 4376 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
23:30:36.0814 4376 stexstor - ok
23:30:36.0861 4376 stisvc (52d0e33b681bd0f33fdc08812fee4f7d) C:\Windows\System32\wiaservc.dll
23:30:36.0924 4376 stisvc - ok
23:30:36.0939 4376 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
23:30:36.0955 4376 swenum - ok
23:30:37.0002 4376 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
23:30:37.0064 4376 swprv - ok
23:30:37.0126 4376 SynTP (064a2530a4a7c7cec1be6a1945645be4) C:\Windows\system32\DRIVERS\SynTP.sys
23:30:37.0158 4376 SynTP - ok
23:30:37.0236 4376 SysMain (3c1284516a62078fb68f768de4f1a7be) C:\Windows\system32\sysmain.dll
23:30:37.0298 4376 SysMain - ok
23:30:37.0392 4376 TabletInputService (238935c3cf2854886dc7cbb2a0e2cc66) C:\Windows\System32\TabSvc.dll
23:30:37.0438 4376 TabletInputService - ok
23:30:37.0470 4376 TapiSrv (884264ac597b690c5707c89723bb8e7b) C:\Windows\System32\tapisrv.dll
23:30:37.0532 4376 TapiSrv - ok
23:30:37.0548 4376 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
23:30:37.0626 4376 TBS - ok
23:30:37.0782 4376 Tcpip (624c5b3aa4c99b3184bb922d9ece3ff0) C:\Windows\system32\drivers\tcpip.sys
23:30:37.0828 4376 Tcpip - ok
23:30:38.0062 4376 TCPIP6 (624c5b3aa4c99b3184bb922d9ece3ff0) C:\Windows\system32\DRIVERS\tcpip.sys
23:30:38.0125 4376 TCPIP6 - ok
23:30:38.0234 4376 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys
23:30:38.0312 4376 tcpipreg - ok
23:30:38.0328 4376 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
23:30:38.0359 4376 TDPIPE - ok
23:30:38.0406 4376 TDTCP (7518f7bcfd4b308abc9192bacaf6c970) C:\Windows\system32\drivers\tdtcp.sys
23:30:38.0421 4376 TDTCP - ok
23:30:38.0452 4376 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys
23:30:38.0515 4376 tdx - ok
23:30:38.0530 4376 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\DRIVERS\termdd.sys
23:30:38.0546 4376 TermDD - ok
23:30:38.0593 4376 TermService (0f05ec2887bfe197ad82a13287d2f404) C:\Windows\System32\termsrv.dll
23:30:38.0702 4376 TermService - ok
23:30:38.0764 4376 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
23:30:38.0811 4376 Themes - ok
23:30:38.0842 4376 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
23:30:38.0889 4376 THREADORDER - ok
23:30:38.0920 4376 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
23:30:38.0998 4376 TrkWks - ok
23:30:39.0076 4376 TrustedInstaller (840f7fb849f5887a49ba18c13b2da920) C:\Windows\servicing\TrustedInstaller.exe
23:30:39.0108 4376 TrustedInstaller - ok
23:30:39.0139 4376 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys
23:30:39.0186 4376 tssecsrv - ok
23:30:39.0217 4376 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys
23:30:39.0264 4376 tunnel - ok
23:30:39.0295 4376 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
23:30:39.0310 4376 uagp35 - ok
23:30:39.0342 4376 UBHelper (2e22c1fd397a5a9ffef55e9d1fc96c00) C:\Windows\system32\drivers\UBHelper.sys
23:30:39.0373 4376 UBHelper - ok
23:30:39.0404 4376 udfs (d47baead86c65d4f4069d7ce0a4edceb) C:\Windows\system32\DRIVERS\udfs.sys
23:30:39.0482 4376 udfs - ok
23:30:39.0529 4376 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
23:30:39.0544 4376 UI0Detect - ok
23:30:39.0576 4376 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\DRIVERS\uliagpkx.sys
23:30:39.0591 4376 uliagpkx - ok
23:30:39.0607 4376 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys
23:30:39.0638 4376 umbus - ok
23:30:39.0669 4376 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
23:30:39.0700 4376 UmPass - ok
23:30:39.0763 4376 Updater Service (f9ec9acd504d823d9b9ca98a4f8d3ca2) C:\Program Files\eMachines\eMachines Updater\UpdaterService.exe
23:30:39.0794 4376 Updater Service - ok
23:30:39.0841 4376 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
23:30:39.0919 4376 upnphost - ok
23:30:39.0966 4376 upperdev (afa3a0937b7044a8322d8bc91722c53b) C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys
23:30:40.0044 4376 upperdev - ok
23:30:40.0075 4376 usbccgp (7b6a127c93ee590e4d79a5f2a76fe46f) C:\Windows\system32\DRIVERS\usbccgp.sys
23:30:40.0137 4376 usbccgp - ok
23:30:40.0168 4376 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\DRIVERS\usbcir.sys
23:30:40.0215 4376 usbcir - ok
23:30:40.0246 4376 usbehci (92969ba5ac44e229c55a332864f79677) C:\Windows\system32\DRIVERS\usbehci.sys
23:30:40.0262 4376 usbehci - ok
23:30:40.0309 4376 usbfilter (2c780746dc44a28fe67004dc58173f05) C:\Windows\system32\DRIVERS\usbfilter.sys
23:30:40.0324 4376 usbfilter - ok
23:30:40.0387 4376 usbhub (e7df1cfd28ca86b35ef5add0735ceef3) C:\Windows\system32\DRIVERS\usbhub.sys
23:30:40.0418 4376 usbhub - ok
23:30:40.0449 4376 usbohci (f1bb1e55f1e7a65c5839ccc7b36d773e) C:\Windows\system32\DRIVERS\usbohci.sys
23:30:40.0465 4376 usbohci - ok
23:30:40.0496 4376 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
23:30:40.0527 4376 usbprint - ok
23:30:40.0558 4376 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
23:30:40.0574 4376 usbscan - ok
23:30:40.0621 4376 usbser (0f0c72a657c622286013788b886968ad) C:\Windows\system32\drivers\usbser.sys
23:30:40.0652 4376 usbser - ok
23:30:40.0668 4376 UsbserFilt (b826f3ff5a1975cc9096b4caadde77b6) C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys
23:30:40.0699 4376 UsbserFilt - ok
23:30:40.0730 4376 USBSTOR (f39983647bc1f3e6100778ddfe9dce29) C:\Windows\system32\DRIVERS\USBSTOR.SYS
23:30:40.0808 4376 USBSTOR - ok
23:30:40.0839 4376 usbuhci (bc3070350a491d84b518d7cca9abd36f) C:\Windows\system32\drivers\usbuhci.sys
23:30:40.0870 4376 usbuhci - ok
23:30:40.0902 4376 usbvideo (7cb8c573c6e4a2714402cc0a36eab4fe) C:\Windows\System32\Drivers\usbvideo.sys
23:30:40.0948 4376 usbvideo - ok
23:30:40.0980 4376 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
23:30:41.0011 4376 UxSms - ok
23:30:41.0058 4376 VaultSvc (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
23:30:41.0089 4376 VaultSvc - ok
23:30:41.0120 4376 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\DRIVERS\vdrvroot.sys
23:30:41.0151 4376 vdrvroot - ok
23:30:41.0198 4376 vds (44d73e0bbc1d3c8981304ba15135c2f2) C:\Windows\System32\vds.exe
23:30:41.0229 4376 vds - ok
23:30:41.0260 4376 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
23:30:41.0276 4376 vga - ok
23:30:41.0292 4376 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
23:30:41.0338 4376 VgaSave - ok
23:30:41.0354 4376 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\DRIVERS\vhdmp.sys
23:30:41.0370 4376 vhdmp - ok
23:30:41.0385 4376 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\DRIVERS\viaide.sys
23:30:41.0401 4376 viaide - ok
23:30:41.0432 4376 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\DRIVERS\volmgr.sys
23:30:41.0448 4376 volmgr - ok
23:30:41.0479 4376 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys
23:30:41.0494 4376 volmgrx - ok
23:30:41.0510 4376 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\DRIVERS\volsnap.sys
23:30:41.0526 4376 volsnap - ok
23:30:41.0557 4376 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
23:30:41.0572 4376 vsmraid - ok
23:30:41.0666 4376 VSS (787898bf9fb6d7bd87a36e2d95c899ba) C:\Windows\system32\vssvc.exe
23:30:41.0728 4376 VSS - ok
23:30:41.0822 4376 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
23:30:41.0869 4376 vwifibus - ok
23:30:41.0884 4376 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
23:30:41.0931 4376 vwififlt - ok
23:30:41.0978 4376 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
23:30:41.0994 4376 vwifimp - ok
23:30:42.0056 4376 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
23:30:42.0103 4376 W32Time - ok
23:30:42.0134 4376 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
23:30:42.0165 4376 WacomPen - ok
23:30:42.0196 4376 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
23:30:42.0259 4376 WANARP - ok
23:30:42.0259 4376 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
23:30:42.0306 4376 Wanarpv6 - ok
23:30:42.0399 4376 wbengine (5ab1bb85bd8b5089cc5d64200dedae68) C:\Windows\system32\wbengine.exe
23:30:42.0493 4376 wbengine - ok
23:30:42.0618 4376 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
23:30:42.0649 4376 WbioSrvc - ok
23:30:42.0696 4376 wcncsvc (dd1bae8ebfc653824d29ccf8c9054d68) C:\Windows\System32\wcncsvc.dll
23:30:42.0742 4376 wcncsvc - ok
23:30:42.0758 4376 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
23:30:42.0836 4376 WcsPlugInService - ok
23:30:42.0883 4376 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
23:30:42.0914 4376 Wd - ok
23:30:42.0976 4376 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
23:30:43.0008 4376 Wdf01000 - ok
23:30:43.0039 4376 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
23:30:43.0070 4376 WdiServiceHost - ok
23:30:43.0070 4376 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
23:30:43.0101 4376 WdiSystemHost - ok
23:30:43.0132 4376 WebClient (733006127f235be7c35354ebee7b9a7b) C:\Windows\System32\webclnt.dll
23:30:43.0179 4376 WebClient - ok
23:30:43.0195 4376 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
23:30:43.0320 4376 Wecsvc - ok
23:30:43.0351 4376 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
23:30:43.0398 4376 wercplsupport - ok
23:30:43.0444 4376 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
23:30:43.0491 4376 WerSvc - ok
23:30:43.0569 4376 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
23:30:43.0632 4376 WfpLwf - ok
23:30:43.0663 4376 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
23:30:43.0678 4376 WIMMount - ok
23:30:43.0725 4376 WinDefend - ok
23:30:43.0741 4376 WinHttpAutoProxySvc - ok
23:30:43.0803 4376 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
23:30:43.0866 4376 Winmgmt - ok
23:30:43.0959 4376 WinRM (41fbb751936b387f9179e7f03a74fe29) C:\Windows\system32\WsmSvc.dll
23:30:44.0037 4376 WinRM - ok
23:30:44.0193 4376 WinUsb (817eaff5d38674edd7713b9dfb8e9791) C:\Windows\system32\DRIVERS\WinUsb.sys
23:30:44.0240 4376 WinUsb - ok
23:30:44.0287 4376 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
23:30:44.0334 4376 Wlansvc - ok
23:30:44.0380 4376 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys
23:30:44.0412 4376 WmiAcpi - ok
23:30:44.0474 4376 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
23:30:44.0521 4376 wmiApSrv - ok
23:30:44.0583 4376 WMPNetworkSvc - ok
23:30:44.0599 4376 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
23:30:44.0661 4376 WPCSvc - ok
23:30:44.0692 4376 WPDBusEnum (2e57ddf2880a7e52e76f41c7e96d327b) C:\Windows\system32\wpdbusenum.dll
23:30:44.0724 4376 WPDBusEnum - ok
23:30:44.0739 4376 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
23:30:44.0802 4376 ws2ifsl - ok
23:30:44.0848 4376 wscsvc (8f9f3969933c02da96eb0f84576db43e) C:\Windows\System32\wscsvc.dll
23:30:44.0911 4376 wscsvc - ok
23:30:44.0911 4376 WSearch - ok
23:30:45.0051 4376 wuauserv (38340204a2d0228f1e87740fc5e554a7) C:\Windows\system32\wuaueng.dll
23:30:45.0129 4376 wuauserv - ok
23:30:45.0238 4376 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys
23:30:45.0285 4376 WudfPf - ok
23:30:45.0332 4376 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\Windows\system32\DRIVERS\WUDFRd.sys
23:30:45.0363 4376 WUDFRd - ok
23:30:45.0394 4376 wudfsvc (b551d6637aa0e132c18ac6e504f7b79b) C:\Windows\System32\WUDFSvc.dll
23:30:45.0441 4376 wudfsvc - ok
23:30:45.0504 4376 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
23:30:45.0550 4376 WwanSvc - ok
23:30:45.0597 4376 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
23:30:46.0658 4376 \Device\Harddisk0\DR0 - ok
23:30:46.0689 4376 Boot (0x1200) (426c4b802374b9498af654bce2ab51fb) \Device\Harddisk0\DR0\Partition0
23:30:46.0689 4376 \Device\Harddisk0\DR0\Partition0 - ok
23:30:46.0705 4376 Boot (0x1200) (eb5c4824c9aefa017dd96aa4530e3813) \Device\Harddisk0\DR0\Partition1
23:30:46.0705 4376 \Device\Harddisk0\DR0\Partition1 - ok
23:30:46.0705 4376 ============================================================
23:30:46.0705 4376 Scan finished
23:30:46.0705 4376 ============================================================
23:30:46.0736 3832 Detected object count: 5
23:30:46.0736 3832 Actual detected object count: 5
23:31:22.0242 3832 hpqcxs08 ( UnsignedFile.Multi.Generic ) - skipped by user
23:31:22.0242 3832 hpqcxs08 ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:31:22.0242 3832 hpqddsvc ( UnsignedFile.Multi.Generic ) - skipped by user
23:31:22.0242 3832 hpqddsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:31:22.0242 3832 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
23:31:22.0242 3832 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:31:22.0242 3832 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
23:31:22.0242 3832 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:31:22.0257 3832 ServiceLayer ( UnsignedFile.Multi.Generic ) - skipped by user
23:31:22.0257 3832 ServiceLayer ( UnsignedFile.Multi.Generic ) - User select action: Skip
|
|
12.06.2012, 10:52
| #20 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Verschlüsselungs-Trojaner mit Aufforderung Geld zu überweisen Dann bitte jetzt CF ausführen: ComboFix Ein Leitfaden und Tutorium zur Nutzung von ComboFix
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat! Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie Zitat:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
12.06.2012, 13:16
| #21 |
| | Verschlüsselungs-Trojaner mit Aufforderung Geld zu überweisen Combofix Logfile: Code:
ATTFilter ComboFix 12-06-12.01 - Karolin 12.06.2012 13:57:01.1.2 - x64
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.49.1031.18.2811.1666 [GMT 2:00]
ausgeführt von:: c:\users\Karolin\Desktop\ComboFix.exe
AV: AntiVir Desktop *Disabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}
SP: AntiVir Desktop *Disabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Karolin\4.0
c:\windows\IsUn0407.exe
.
.
((((((((((((((((((((((( Dateien erstellt von 2012-05-12 bis 2012-06-12 ))))))))))))))))))))))))))))))
.
.
2012-06-12 12:04 . 2012-06-12 12:04 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-06-12 11:48 . 2012-05-08 17:02 8955792 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{AF8A475D-50CD-417F-83ED-ACA1CD2DF992}\mpengine.dll
2012-06-11 15:04 . 2012-06-11 15:04 -------- d-----w- c:\windows\system32\%LOCALAPPDATA%
2012-06-11 14:32 . 2012-06-11 14:32 -------- d-----w- C:\_OTL
2012-06-11 09:48 . 2012-06-11 09:48 -------- d-----w- c:\program files (x86)\ESET
2012-05-14 15:20 . 2012-03-03 06:29 1541120 ----a-w- c:\windows\system32\DWrite.dll
2012-05-14 15:20 . 2012-03-03 05:40 1074176 ----a-w- c:\windows\SysWow64\DWrite.dll
2012-05-14 15:20 . 2012-03-03 06:29 320512 ----a-w- c:\windows\system32\d3d10_1core.dll
2012-05-14 15:20 . 2012-03-03 06:29 197120 ----a-w- c:\windows\system32\d3d10_1.dll
2012-05-14 15:20 . 2012-03-03 06:29 1837568 ----a-w- c:\windows\system32\d3d10warp.dll
2012-05-14 15:20 . 2012-03-03 06:29 902656 ----a-w- c:\windows\system32\d2d1.dll
2012-05-14 15:20 . 2012-03-03 05:40 1170944 ----a-w- c:\windows\SysWow64\d3d10warp.dll
2012-05-14 15:20 . 2012-03-03 05:40 739840 ----a-w- c:\windows\SysWow64\d2d1.dll
2012-05-14 15:20 . 2012-03-03 05:40 218624 ----a-w- c:\windows\SysWow64\d3d10_1core.dll
2012-05-14 15:20 . 2012-03-03 05:40 161792 ----a-w- c:\windows\SysWow64\d3d10_1.dll
2012-05-14 15:19 . 2012-04-02 05:34 5504880 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-05-14 15:19 . 2012-04-02 04:46 3902320 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2012-05-14 15:19 . 2012-04-02 03:01 3143680 ----a-w- c:\windows\system32\win32k.sys
2012-05-14 15:19 . 2012-04-02 04:46 3958128 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2012-05-14 15:19 . 2012-03-17 07:55 75632 ----a-w- c:\windows\system32\drivers\partmgr.sys
2012-05-14 15:19 . 2012-03-30 11:09 1895280 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-05-14 15:19 . 2012-04-02 05:26 1732096 ----a-w- c:\program files\Windows Journal\NBDoc.DLL
2012-05-14 15:19 . 2012-04-02 05:24 1367552 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\journal.dll
2012-05-14 15:19 . 2012-04-02 05:24 1402880 ----a-w- c:\program files\Windows Journal\JNWDRV.dll
2012-05-14 15:19 . 2012-04-02 05:24 1393664 ----a-w- c:\program files\Windows Journal\JNTFiltr.dll
2012-05-14 15:19 . 2012-04-02 04:40 936960 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\ink\journal.dll
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-04-04 13:56 . 2010-10-11 19:04 24904 ----a-w- c:\windows\system32\drivers\mbam.sys
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-04-03 39408]
"PC Suite Tray"="c:\program files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe" [2010-12-21 1483264]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"NortonOnlineBackupReminder"="c:\program files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" [2009-07-24 588648]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-03-17 98304]
"LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2010-03-03 1300560]
"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]
"hpqSRMon"="c:\program files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-07-22 150528]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2010-11-04 281768]
"PDFPrint"="c:\program files (x86)\PDF24\pdf24.exe" [2011-07-07 216064]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-04-04 462408]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-03-27 37296]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-02 843712]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [2009-9-20 270336]
McAfee Security Scan Plus.lnk - c:\program files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe [2010-1-15 255536]
Microsoft Office.lnk - c:\program files (x86)\Microsoft Office\Office\OSA9.EXE [1999-4-30 65588]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 gupdatem;Google Update-Dienst (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-07-07 135664]
R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-01-15 227232]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-04-21 129976]
R3 NTIBackupSvc;NTI Backup Now 5 Backup Service;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2009-11-06 50432]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\System32\Drivers\RtsUStor.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 AntiVirSchedulerService;Avira AntiVir Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2011-04-29 136360]
S2 DsiWMIService;Dritek WMI Service;c:\program files (x86)\Launch Manager\dsiwmis.exe [2010-03-03 325200]
S2 ePowerSvc;Acer ePower Service;c:\program files\eMachines\eMachines Power Management\ePowerSvc.exe [2010-02-05 865824]
S2 GREGService;GREGService;c:\program files (x86)\eMachines\Registration\GREGsvc.exe [2010-01-08 23584]
S2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-07-07 135664]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-04-04 654408]
S2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2009-11-06 144640]
S2 Updater Service;Updater Service;c:\program files\eMachines\eMachines Updater\UpdaterService.exe [2010-01-28 243232]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atipmdag.sys [x]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]
S3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys [x]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Inhalt des "geplante Tasks" Ordners
.
2012-06-12 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-07-07 17:10]
.
2012-06-12 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-07-07 17:10]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-12-15 9644576]
"PLFSetI"="c:\windows\PLFSetI.exe" [2010-05-05 206208]
"Acer ePower Management"="c:\program files\eMachines\eMachines Power Management\ePowerTray.exe" [2010-02-05 860192]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
mStart Page =
mLocal Page =
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\Karolin\AppData\Roaming\Mozilla\Firefox\Profiles\rn7u4nmy.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.bing.com/search?FORM=IEFM1&q=
FF - prefs.js: browser.search.selectedEngine - Wikipedia (de)
FF - prefs.js: browser.startup.homepage - hxxp://www.google.de/firefox?client=firefox-a&rls=org.mozilla:de:official
FF - prefs.js: keyword.URL - hxxp://www.bing.com/search?FORM=IEFM1&q=
FF - prefs.js: network.proxy.type - 0
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
AddRemove-Schroedel Arbeitsblätter - c:\windows\ISUN0407.EXE
AddRemove-{09FF4DB8-7DE9-4D47-B7DB-915DB7D9A8CA} - c:\programdata\{83C3B2FD-37EA-4C06-A228-E9B5E32FF0B1}\bm_installer.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10e.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10e.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
@Denied: (A 2) (Everyone)
@="IFlashBroker3"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe
c:\program files (x86)\Launch Manager\LMworker.exe
c:\program files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
c:\program files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
c:\program files (x86)\PC Connectivity Solution\ServiceLayer.exe
c:\program files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
c:\program files (x86)\PC Connectivity Solution\Transports\NclRSSrv.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2012-06-12 14:13:02 - PC wurde neu gestartet
ComboFix-quarantined-files.txt 2012-06-12 12:13
.
Vor Suchlauf: 7 Verzeichnis(se), 210.054.549.504 Bytes frei
Nach Suchlauf: 13 Verzeichnis(se), 209.443.856.384 Bytes frei
.
- - End Of File - - 47A8B68F7E92CFD52332BC0507A29388
|
|
12.06.2012, 13:55
| #22 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Verschlüsselungs-Trojaner mit Aufforderung Geld zu überweisen Bitte nun Logs mit GMER und OSAM erstellen und posten. GMER stürzt häufiger ab, wenn das Tool auch beim 2. Mal nicht will, lass es einfach weg und führ nur OSAM aus - die Online-Abfrage durch OSAM bitte überspringen. Bei OSAM bitte darauf auch achten, dass Du das Log auch als *.log und nicht *.html oder so abspeicherst. Hinweis: Zum Entpacken von OSAM bitte WinRAR oder 7zip verwenden! Stell auch unbedingt den Virenscanner ab, besonders der Scanner von McAfee meldet oft einen Fehalarm in OSAM! Downloade dir bitte  aswMBR.exe und speichere die Datei auf deinem Desktop.
Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none). Noch ein Hinweis: Sollte aswMBR abstürzen und es kommt eine Meldung wie "aswMBR.exe funktioniert nicht mehr, dann mach Folgendes: Starte aswMBR neu, wähle unten links im Drop-Down-Menü (unten links im Fenster von aswMBR) bei "AV scan" (none) aus und klick nochmal auf den Scan-Button.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
12.06.2012, 16:24
| #23 |
| | Verschlüsselungs-Trojaner mit Aufforderung Geld zu überweisen Ich habe jetzt alle 3 Scans durchgeführt. Mit GMER wurde nichts gefunden und auch keine Log-Datei erstellt. OSAM Logfile: Code:
ATTFilter Report of OSAM: Autorun Manager v5.0.11926.0 hxxp://www.online-solutions.ru/en/ Saved at 16:44:39 on 12.06.2012 OS: Windows 7 Home Premium Edition (Build 7600), 64-bit Default Browser: Mozilla Corporation Firefox 12.0 Scanner Settings [x] Rootkits detection (hidden registry) [x] Rootkits detection (hidden files) [x] Retrieve files information [x] Check Microsoft signatures Filters [ ] Trusted entries [ ] Empty entries [x] Hidden registry entries (rootkit activity) [x] Exclusively opened files [x] Not found files [x] Files without detailed information [x] Existing files [ ] Non-startable services [ ] Non-startable drivers [x] Active entries [x] Disabled entries [Common] -----( %SystemRoot%\Tasks )----- "GoogleUpdateTaskMachineCore.job" - "Google Inc." - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe "GoogleUpdateTaskMachineUA.job" - "Google Inc." - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [Control Panel Objects] -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Control Panel\Cpls )----- "NokiaConnectionManager" - "Nokia" - C:\PROGRA~2\Nokia\NOKIAP~1\CONNEC~1.CPL [Drivers] -----( HKLM\SYSTEM\CurrentControlSet\Services )----- "avgntflt" (avgntflt) - "Avira GmbH" - C:\Windows\System32\DRIVERS\avgntflt.sys "avipbb" (avipbb) - "Avira GmbH" - C:\Windows\System32\DRIVERS\avipbb.sys "catchme" (catchme) - ? - C:\ComboFix\catchme.sys (File not found) "MBAMProtector" (MBAMProtector) - "Malwarebytes Corporation" - C:\Windows\system32\drivers\mbam.sys "NTIDrvr" (NTIDrvr) - "NewTech Infosystems, Inc." - C:\Windows\system32\drivers\NTIDrvr.sys "UBHelper" (UBHelper) - "NewTech Infosystems Corporation" - C:\Windows\system32\drivers\UBHelper.sys [Explorer] -----( HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )----- {BDEADF00-C265-11d0-BCED-00A0C90AB50F} "Webordner" - "Microsoft Corporation" - C:\PROGRA~2\COMMON~1\MICROS~1\WEBFOL~1\MSONSEXT.DLL -----( HKLM\Software\Classes\Folder\shellex\ColumnHandlers )----- {F9DB5320-233E-11D1-9F84-707F02C10627} "PDF Shell Extension" - "Adobe Systems, Inc." - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll -----( HKLM\Software\Classes\Protocols\Filter )----- {807563E5-5146-11D5-A672-00B0D022E945} "Microsoft Office InfoPath XML Mime Filter" - "Microsoft Corporation" - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL -----( HKLM\Software\Classes\Protocols\Handler )----- {314111c7-a502-11d2-bbca-00c04f8ec294} "HxProtocol Class" - "Microsoft Corporation" - C:\Program Files (x86)\Common Files\Microsoft Shared\Help\hxds.dll {0A9007C0-4076-11D3-8789-0000F8105754} "Microsoft Infotech Storage Protocol for IE 4.0" - "Microsoft Corporation" - c:\Program Files (x86)\Common Files\Microsoft Shared\Information Retrieval\msitss.dll -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )----- {5E2121EE-0300-11D4-8D3B-444553540000} "Catalyst Context Menu extension" - ? - (File not found | COM-object registry key not found) {42042206-2D85-11D3-8CFF-005004838597} "Microsoft Office HTML Icon Handler" - "Microsoft Corporation" - C:\Program Files (x86)\Microsoft Office\Office12\msohevi.dll {993BE281-6695-4BA5-8A2A-7AACBFAAB69E} "Microsoft Office Metadata Handler" - "Microsoft Corporation" - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\msoshext.dll {5858A72C-C2B4-4dd7-B2BF-B76DB1BD9F6C} "Microsoft Office OneNote Namespace Extension for Windows Desktop Search" - "Microsoft Corporation" - C:\PROGRA~2\MICROS~1\Office12\ONFILTER.DLL {C41662BB-1FA0-4CE0-8DC5-9B7F8279FF97} "Microsoft Office Thumbnail Handler" - "Microsoft Corporation" - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\msoshext.dll {416651E4-9C3C-11D9-8BDE-F66BAD1E3F3A} "Nokia Phone Browser" - "Nokia" - C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PhoneBrowser.dll {0006F045-0000-0000-C000-000000000046} "Outlook-Dateisymbolerweiterung" - "Microsoft Corporation" - C:\PROGRA~2\MICROS~1\Office\OLKFSTUB.DLL [Internet Explorer] -----( HKCU\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars )----- {555D4D79-4BD2-4094-A395-CFC534424A05} "HP Smart Web Printing" - "Hewlett-Packard Co." - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll -----( HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser )----- <binary data> "Google Toolbar" - "Google Inc." - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll ITBar7Height "ITBar7Height" - ? - (File not found | COM-object registry key not found) <binary data> "ITBar7Layout" - ? - (File not found | COM-object registry key not found) -----( HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units )----- {8AD9C840-044E-11D1-B3E9-00805F499D93} "Java Plug-in 1.6.0_31" - "Sun Microsystems, Inc." - C:\Program Files (x86)\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} "Java Plug-in 1.6.0_31" - "Sun Microsystems, Inc." - C:\Program Files (x86)\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} "Java Plug-in 1.6.0_31" - "Sun Microsystems, Inc." - C:\Program Files (x86)\Java\jre6\bin\npjpi160_31.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab {C345E174-3E87-4F41-A01C-B066A90A49B4} "WRC Class" - "Microsoft Corporation" - C:\Windows\Downloaded Program Files\wrc32.ocx / hxxp://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework/microsoft/wrc32.ocx -----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions )----- {DDE87865-83C5-48c4-8357-2F5B1AA84522} "HP Smart Web Printing ein- oder ausblenden" - "Hewlett-Packard Co." - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll {FF059E31-CC5A-4E2E-BF3B-96E929D65503} "Research" - "Microsoft Corporation" - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL {48E73304-E1D6-4330-914C-F5F514E3486C} "Send to OneNote" - "Microsoft Corporation" - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll -----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar )----- <binary data> "Google Toolbar" - "Google Inc." - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects )----- {18DF081C-E8AD-4283-A596-FA578C2EBDC3} "Adobe PDF Link Helper" - "Adobe Systems Incorporated" - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll {AA58ED58-01DD-4d91-8333-CF10577473F7} "Google Toolbar Helper" - "Google Inc." - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} "Google Toolbar Notifier BHO" - "Google Inc." - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll {0347C33E-8762-4905-BF09-768834316C61} "HP Print Enhancer" - "Hewlett-Packard Co." - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} "HP Smart BHO Class" - "Hewlett-Packard Co." - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll {DBC80044-A445-435b-BC74-9C25C1C588A9} "Java(tm) Plug-In 2 SSV Helper" - "Sun Microsystems, Inc." - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} "Java(tm) Plug-In SSV Helper" - "Sun Microsystems, Inc." - C:\Program Files (x86)\Java\jre6\bin\ssv.dll {9030D464-4C02-4ABF-8ECC-5164760863C6} "Windows Live Anmelde-Hilfsprogramm" - "Microsoft Corporation" - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [Logon] -----( %APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup )----- "desktop.ini" - ? - C:\Users\Karolin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini -----( %AllUsersProfile%\Microsoft\Windows\Start Menu\Programs\Startup )----- "desktop.ini" - ? - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini "HP Digital Imaging Monitor.lnk" - "Hewlett-Packard Co." - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Shortcut exists | File exists) "McAfee Security Scan Plus.lnk" - "McAfee, Inc." - C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe (Shortcut exists | File exists) "Microsoft Office.lnk" - "Microsoft Corporation" - C:\Program Files (x86)\Microsoft Office\Office\OSA9.EXE (Shortcut exists | File exists) -----( HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run )----- "PC Suite Tray" - "Nokia" - "C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray "swg" - "Google Inc." - "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" -----( HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server\Wds\rdpwd )----- "StartupPrograms" - ? - rdpclip (File not found) -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Run )----- "Adobe ARM" - "Adobe Systems Incorporated" - "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "Adobe Reader Speed Launcher" - "Adobe Systems Incorporated" - "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" "avgnt" - "Avira GmbH" - "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min "HP Software Update" - "Hewlett-Packard" - C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe "hpqSRMon" - "Hewlett-Packard" - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe "LManager" - "Dritek System Inc." - C:\Program Files (x86)\Launch Manager\LManager.exe "Malwarebytes' Anti-Malware" - "Malwarebytes Corporation" - "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray "NortonOnlineBackupReminder" - "Symantec Corporation" - "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED "PDFPrint" - "Geek Software GmbH" - C:\Program Files (x86)\PDF24\pdf24.exe "StartCCC" - "Advanced Micro Devices, Inc." - "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun "SunJavaUpdateSched" - "Sun Microsystems, Inc." - "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [Services] -----( HKLM\SYSTEM\CurrentControlSet\Services )----- "@%ProgramFiles%\Windows Defender\MsMpRes.dll,-103" (WinDefend) - ? - C:\Program Files (x86)\Windows Defender\mpsvc.dll (File not found) "@%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101" (WMPNetworkSvc) - ? - "C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe" (File not found) "Acer ePower Service" (ePowerSvc) - "Acer Incorporated" - C:\Program Files\eMachines\eMachines Power Management\ePowerSvc.exe "Avira AntiVir Guard" (AntiVirService) - "Avira GmbH" - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe "Avira AntiVir Planer" (AntiVirSchedulerService) - "Avira GmbH" - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe "Dritek WMI Service" (DsiWMIService) - "Dritek System Inc." - C:\Program Files (x86)\Launch Manager\dsiwmis.exe "GameConsoleService" (GameConsoleService) - "WildTangent, Inc." - C:\Program Files (x86)\eMachines Games\eMachines Game Console\GameConsoleService.exe "Google Software Updater" (gusvc) - "Google" - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe "Google Update Service (gupdate)" (gupdate) - "Google Inc." - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe "Google Update-Dienst (gupdatem)" (gupdatem) - "Google Inc." - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe "GREGService" (GREGService) - "Acer Incorporated" - C:\Program Files (x86)\eMachines\Registration\GREGsvc.exe "HP CUE DeviceDiscovery Service" (hpqddsvc) - "Hewlett-Packard Co." - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll "hpqcxs08" (hpqcxs08) - "Hewlett-Packard Co." - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll "MBAMService" (MBAMService) - "Malwarebytes Corporation" - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe "McAfee Security Scan Component Host Service" (McComponentHostService) - "McAfee, Inc." - C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe "Microsoft .NET Framework NGEN v4.0.30319_X64" (clr_optimization_v4.0.30319_64) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe "Microsoft .NET Framework NGEN v4.0.30319_X86" (clr_optimization_v4.0.30319_32) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe "Microsoft Office Diagnostics Service" (odserv) - "Microsoft Corporation" - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE "Mozilla Maintenance Service" (MozillaMaintenance) - "Mozilla Foundation" - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe "Net Driver HPZ12" (Net Driver HPZ12) - "Hewlett-Packard" - C:\Windows\system32\HPZinw12.dll "NTI Backup Now 5 Backup Service" (NTIBackupSvc) - "NewTech InfoSystems, Inc." - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe "NTI Backup Now 5 Scheduler Service" (NTISchedulerSvc) - "NewTech Infosystems, Inc." - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe "Office Source Engine" (ose) - "Microsoft Corporation" - C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE "Pml Driver HPZ12" (Pml Driver HPZ12) - "Hewlett-Packard" - C:\Windows\system32\HPZipm12.dll "ServiceLayer" (ServiceLayer) - "Nokia" - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe "Updater Service" (Updater Service) - "Acer Group" - C:\Program Files\eMachines\eMachines Updater\UpdaterService.exe [Winlogon] -----( HKCU\Control Panel\Desktop )----- "SCRNSAVE.EXE" - ? - C:\Windows\System32\eMachines.scr ===[ Logfile end ]=========================================[ Logfile end ]=== If You have questions or want to get some help, You can visit hxxp://forum.online-solutions.ru [/code] Code:
ATTFilter aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-06-12 16:48:18
-----------------------------
16:48:18.059 OS Version: Windows x64 6.1.7600
16:48:18.059 Number of processors: 2 586 0x603
16:48:18.060 ComputerName: KAROLIN-PC UserName: Karolin
16:48:19.290 Initialize success
16:51:26.785 AVAST engine defs: 12061200
16:52:10.738 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
16:52:10.742 Disk 0 Vendor: TOSHIBA_MK3265GSX GJ002J Size: 305245MB BusType: 11
16:52:10.761 Disk 0 MBR read successfully
16:52:10.767 Disk 0 MBR scan
16:52:10.778 Disk 0 Windows 7 default MBR code
16:52:10.782 Disk 0 Partition 1 00 27 Hidden NTFS WinRE NTFS 14339 MB offset 63
16:52:10.802 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 101 MB offset 29366820
16:52:10.816 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 290803 MB offset 29575665
16:52:10.870 Disk 0 scanning C:\Windows\system32\drivers
16:52:23.673 Service scanning
16:53:02.898 Modules scanning
16:53:02.917 Disk 0 trace - called modules:
16:53:02.963 ntoskrnl.exe CLASSPNP.SYS disk.sys ataport.SYS PCIIDEX.SYS hal.dll msahci.sys
16:53:02.977 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80030e8790]
16:53:02.989 3 CLASSPNP.SYS[fffff8800190143f] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa8003097680]
16:53:04.026 AVAST engine scan C:\Windows
16:53:11.304 AVAST engine scan C:\Windows\system32
16:58:41.544 AVAST engine scan C:\Windows\system32\drivers
16:58:57.445 AVAST engine scan C:\Users\Karolin
17:13:00.968 AVAST engine scan C:\ProgramData
17:16:02.711 Scan finished successfully
17:20:32.037 Disk 0 MBR has been saved successfully to "C:\Users\Karolin\Desktop\Trojaner\MBR.dat"
17:20:32.042 The log file has been saved successfully to "C:\Users\Karolin\Desktop\Trojaner\aswMBR.txt"
|
|
12.06.2012, 21:25
| #24 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Verschlüsselungs-Trojaner mit Aufforderung Geld zu überweisen Sieht ok aus. Wir sollten fast durch sein. Mach bitte zur Kontrolle Vollscans mit Malwarebytes und SUPERAntiSpyware und poste die Logs. Denk dran beide Tools zu updaten vor dem Scan!!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
13.06.2012, 18:56
| #25 |
| | Verschlüsselungs-Trojaner mit Aufforderung Geld zu überweisen Hallo, so hier jetzt die beiden Log-Dateien. Bei SUPERAntiSpyware habe ich noch keine Aktion bzgl. der Funde durchgeführt. Achso, mir ist aufgefallen, dass eure Seite mit den Hinweisen zu SUPERAntiSpyware nicht mehr ganz aktuell ist, da die Graphikoberfläche beim Programm geändert wurde. Ich hoffe, ich habe den Scan trotzdem richtig durchgeführt. Code:
ATTFilter SUPERAntiSpyware Scan Log
hxxp://www.superantispyware.com
Generated 06/13/2012 at 07:48 PM
Application Version : 5.0.1150
Core Rules Database Version : 8726
Trace Rules Database Version: 6538
Scan type : Complete Scan
Total Scan Time : 01:43:39
Operating System Information
Windows 7 Home Premium 64-bit (Build 6.01.7600)
UAC On - Administrator
Memory items scanned : 755
Memory threats detected : 0
Registry items scanned : 65498
Registry threats detected : 0
File items scanned : 180276
File threats detected : 466
Adware.Tracking Cookie
C:\Users\Karolin\AppData\Roaming\Microsoft\Windows\Cookies\karolin@doubleclick[2].txt [ /doubleclick ]
C:\Users\Karolin\AppData\Roaming\Microsoft\Windows\Cookies\karolin@msadcenter.112.2o7[1].txt [ /msadcenter.112.2o7 ]
C:\Users\Karolin\AppData\Roaming\Microsoft\Windows\Cookies\6UOP3IVL.txt [ /atdmt.com ]
C:\Users\Karolin\AppData\Roaming\Microsoft\Windows\Cookies\ILUQQFJ7.txt [ /apmebf.com ]
C:\Users\Karolin\AppData\Roaming\Microsoft\Windows\Cookies\DOPR7ZCB.txt [ /tracking.quisma.com ]
C:\Users\Karolin\AppData\Roaming\Microsoft\Windows\Cookies\O1ZR1MVA.txt [ /msadcenter.112.2o7.net ]
C:\Users\Karolin\AppData\Roaming\Microsoft\Windows\Cookies\2WK880JY.txt [ /mediaplex.com ]
C:\Users\Karolin\AppData\Roaming\Microsoft\Windows\Cookies\15RRYJI3.txt [ /doubleclick.net ]
C:\Users\Karolin\AppData\Roaming\Microsoft\Windows\Cookies\P4JOIB89.txt [ /fastclick.net ]
C:\Users\Karolin\AppData\Roaming\Microsoft\Windows\Cookies\TFU7CFTM.txt [ /dyntracker.com ]
C:\Users\Karolin\AppData\Roaming\Microsoft\Windows\Cookies\3C7N8XJP.txt [ /smartadserver.com ]
C:\Users\Karolin\AppData\Roaming\Microsoft\Windows\Cookies\LJ75LUMX.txt [ /ru4.com ]
C:\USERS\KAROLIN\AppData\Roaming\Microsoft\Windows\Cookies\Low\karolin@msnportal.112.2o7[1].txt [ Cookie:karolin@msnportal.112.2o7.net/ ]
C:\USERS\KAROLIN\AppData\Roaming\Microsoft\Windows\Cookies\Low\karolin@ads.quartermedia[2].txt [ Cookie:karolin@ads.quartermedia.de/ ]
C:\USERS\KAROLIN\AppData\Roaming\Microsoft\Windows\Cookies\Low\karolin@traffictrack[2].txt [ Cookie:karolin@traffictrack.de/ ]
C:\USERS\KAROLIN\AppData\Roaming\Microsoft\Windows\Cookies\Low\karolin@bs.serving-sys[1].txt [ Cookie:karolin@bs.serving-sys.com/ ]
C:\USERS\KAROLIN\Cookies\ILUQQFJ7.txt [ Cookie:karolin@apmebf.com/ ]
C:\USERS\KAROLIN\Cookies\DOPR7ZCB.txt [ Cookie:karolin@tracking.quisma.com/ ]
C:\USERS\KAROLIN\Cookies\O1ZR1MVA.txt [ Cookie:karolin@msadcenter.112.2o7.net/ ]
C:\USERS\KAROLIN\Cookies\15RRYJI3.txt [ Cookie:karolin@doubleclick.net/ ]
C:\USERS\KAROLIN\Cookies\P4JOIB89.txt [ Cookie:karolin@fastclick.net/ ]
C:\USERS\KAROLIN\Cookies\TFU7CFTM.txt [ Cookie:karolin@dyntracker.com/ ]
C:\USERS\KAROLIN\Cookies\3C7N8XJP.txt [ Cookie:karolin@smartadserver.com/ ]
C:\USERS\KAROLIN\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\KAROLIN@AD.ADC-SERV[1].TXT [ /AD.ADC-SERV ]
C:\USERS\KAROLIN\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\KAROLIN@ATDMT[2].TXT [ /ATDMT ]
C:\USERS\KAROLIN\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\KAROLIN@EAS.APM.EMEDIATE[1].TXT [ /EAS.APM.EMEDIATE ]
C:\USERS\KAROLIN\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\KAROLIN@HIMEDIA.INDIVIDUAD[2].TXT [ /HIMEDIA.INDIVIDUAD ]
C:\USERS\KAROLIN\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\KAROLIN@SERVING-SYS[1].TXT [ /SERVING-SYS ]
C:\USERS\KAROLIN\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\KAROLIN@WEBMASTERPLAN[2].TXT [ /WEBMASTERPLAN ]
C:\USERS\KAROLIN\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\KAROLIN@ZANOX[2].TXT [ /ZANOX ]
.eas.apm.emediate.eu [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.eas.apm.emediate.eu [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.eas.apm.emediate.eu [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
track.effiliation.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.ad.adnet.de [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.imrworldwide.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.imrworldwide.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
fl01.ct2.comclick.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.atdmt.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.apmebf.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.mediaplex.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.adviva.net [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
www.usenext.de [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.overture.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.advertising.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.a.revenuemax.de [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.adxpose.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.adviva.net [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.countomat.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.xiti.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.adinterax.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.eyewonder.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.guj.122.2o7.net [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
data.coremetrics.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
spenden.wikimedia.de [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
fr.sitestat.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
fr.sitestat.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.im.banner.t-online.de [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.mediacenter.betzold.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.apmebf.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
fl01.ct2.comclick.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
eas4.emediate.eu [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.weborama.fr [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.ru4.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.discounto.de [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.adbrite.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.adserver.adtechus.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
in.getclicky.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.traffictrack.de [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.dealtime.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.adcentriconline.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.4stats.de [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.4stats.de [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.getclicky.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.static.getclicky.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
adserver.edv-visions.net [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.deutschepostag.112.2o7.net [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
int.sitestat.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
int.sitestat.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
media.stage-entertainment.de [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
adserver.kino-zeit.de [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
track.webtrekk.net [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
adserver.kauperts.de [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
tracking.sim-technik.de [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
tracking.quisma.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
software-download.mediamarkt.de [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.amazon-adsystem.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.amazon-adsystem.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
adserver.wolterskluwer.de [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.lfstmedia.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.histats.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.histats.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.googleads.g.doubleclick.net [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.conrad.122.2o7.net [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
emediate.apmmedia.net [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.adbrite.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.interclick.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.interclick.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.adbrite.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.aim4media.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.adxvalue.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.4stats.de [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.4stats.de [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.eyewonder.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
fl01.ct2.comclick.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
fl01.ct2.comclick.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.traffictrack.de [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.tto2.traffictrack.de [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
spenden.wikimedia.de [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
spenden.wikimedia.de [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.questionmarket.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
zbox.zanox.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.blogads.de [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.yieldmanager.net [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
fl01.ct2.comclick.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.farheap.122.2o7.net [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.adxvalue.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
adserver1.mokono.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.liveperson.net [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.liveperson.net [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
track.webtrekk.de [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.urbia.wwe-media.de [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.urbia.wwe-media.de [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.tracking.quisma.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
tracking.quisma.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.hiddencounter.de [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
adx.chip.de [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.112.2o7.net [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.adxvalue.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
tracking.quisma.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
ad.adition.net [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
ad.adition.net [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.adxvalue.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.adxvalue.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.adxvalue.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.adxvalue.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
www.easymedia-gmbh.de [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.adxvalue.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
audit.median.hu [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.adverticum.net [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
kursnet-finden.arbeitsagentur.de [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
eas.apm.emediate.eu [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
eas.apm.emediate.eu [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
adserver.mitfahrzentrale.de [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
media.neodau.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
tracker.pegsanalytics.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
tracker.pegsanalytics.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.c.atdmt.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
ads2.borkum.de [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.rewetouristik.112.2o7.net [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.ru4.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.ads20.wwe-media.de [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
adserver2.clipkit.de [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.samsung.solution.weborama.fr [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.edge.download.newmedia.nacamar.net [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.edge.download.newmedia.nacamar.net [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.hotlog.ru [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
server.adform.net [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.snapfish.112.2o7.net [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.quartermedia.de [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
tracking.quisma.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.e-2dj6wjmicidzgkq.stats.esomniture.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.discounto.arcor.de [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.discounto.arcor.de [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.secmedia.de [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
stat.dealtime.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.discounto.de [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.discounto.de [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
tracking.klicktel.de [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
tracking.klicktel.de [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
partners.webmasterplan.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
partners.webmasterplan.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
ad.adserver01.de [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.e-2dj6wjloelczidp.stats.esomniture.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.paypal.112.2o7.net [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.stats.paypal.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.mediaplex.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
wstat.wibiya.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.unister-adservices.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.doubleclick.net [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
adfarm1.adition.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.clicksor.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.clicksor.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.hightraffic.hugoboss.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.tracking.quisma.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.youporn.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.youporn.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
www.youporn.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.youporninhd.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.youporninhd.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.server.cpmstar.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
keyword-advertising.web.de [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.ad-emea.doubleclick.net [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.ad-emea.doubleclick.net [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.urbia.wwe-media.de [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
openx.mediatrust.de [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
dc.tremormedia.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.ad.adnet.de [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
ad.zanox.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.apmebf.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
ad.dyntracker.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
track.adform.net [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
eas4.emediate.eu [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.server.cpmstar.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.server.cpmstar.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.server.cpmstar.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.doubleclick.net [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
ad.adserver01.de [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.server.cpmstar.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
studivz.adfarm1.adition.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
studivz.adfarm1.adition.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.traffictrack.de [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
accounts.google.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.accounts.google.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.accounts.google.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.tracking.quisma.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.adviva.net [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
adserver.mvg-werbung.de [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.ad.adnet.de [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.bs.serving-sys.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.bs.serving-sys.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.atdmt.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.c.atdmt.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.c.atdmt.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.overture.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
track.effiliation.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
server.adformdsp.net [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.adformdsp.net [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.adform.net [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
openx.mediatrust.de [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.adbrite.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.tracking.quisma.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.tracking.mindshare.de [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.ero-advertising.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.ero-advertising.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.statcounter.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.youporn.de [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.youporn.de [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.porno.youporn.de [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.porno.youporn.de [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
de.youporn.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
de.youporn.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.mm.chitika.net [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.you-porn-sex.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.you-porn-sex.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
ads.crakmedia.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.server.cpmstar.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.server.cpmstar.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.server.cpmstar.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
www.youporn.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.im.banner.t-online.de [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.clickfuse.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.clickfuse.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.im.banner.t-online.de [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.im.banner.t-online.de [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.ad.adnet.de [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
partners.webmasterplan.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
media.gan-online.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
statse.webtrendslive.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.mediaplex.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.overture.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
www.heisse-teenies.de [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
nl.youporn.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.youporn.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.youporn.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
ads.trafficjunky.net [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.sexad.net [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
nl.youporn.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.liveperson.net [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.tracking.quisma.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
eas.apm.emediate.eu [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.adinterax.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
server.adform.net [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.im.banner.t-online.de [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
banner.testberichte.de [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
www.zanox-affiliate.de [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.ads20.wwe-media.de [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.tracking.quisma.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
clicks.pangora.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
clicks.pangora.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
clicks.pangora.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.clickfuse.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
clicks.pangora.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
clicks.pangora.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
delivery.atkmedia.de [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
tomtailor.dyntracker.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.advertising.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.advertising.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.e-2dj6wmkycpd5mlp.stats.esomniture.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.lucidmedia.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
ad1.adfarm1.adition.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.eyewonder.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.eyewonder.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.zanox-affiliate.de [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
ad.dyntracker.de [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
www.zanox-affiliate.de [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
eas.apm.emediate.eu [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.im.banner.t-online.de [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.im.banner.t-online.de [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.questionmarket.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.fastclick.net [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
ww251.smartadserver.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
track.adform.net [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.adform.net [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
adfarm1.adition.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.zanox.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
ad3.adfarm1.adition.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.mediaplex.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
ad.zanox.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.doubleclick.net [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.specificclick.net [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.im.banner.t-online.de [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
ad4.adfarm1.adition.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
ad2.adfarm1.adition.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\KAROLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RN7U4NMY.DEFAULT\COOKIES.SQLITE ]
Code:
ATTFilter Malwarebytes Anti-Malware (Test) 1.61.0.1400 www.malwarebytes.org Datenbank Version: v2012.06.12.09 Windows 7 x64 NTFS Internet Explorer 8.0.7600.16385 Karolin :: KAROLIN-PC [Administrator] Schutz: Aktiviert 12.06.2012 23:21:03 mbam-log-2012-06-12 (23-21-03).txt Art des Suchlaufs: Vollständiger Suchlauf Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 405642 Laufzeit: 1 Stunde(n), 17 Minute(n), 41 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) |
|
13.06.2012, 21:12
| #26 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Verschlüsselungs-Trojaner mit Aufforderung Geld zu überweisen Sieht ok aus, da wurden nur Cookies gefunden. Cookies sind keine Schädlinge direkt, aber es besteht die Gefahr der missbräuchlichen Verwendung (eindeutige Wiedererkennung zB für gezielte Werbung o.ä. => HTTP-Cookie ) Wegen Cookies und anderer Dinge im Web: Um die Pest von vornherein zu blocken (also TrackingCookies, Werbebanner etc.) müsstest du dir mal sowas wie MVPS Hosts File anschauen => Blocking Unwanted Parasites with a Hosts File - sinnvollerweise solltest du alle 4 Wochen mal bei MVPS nachsehen, ob er eine neue Hosts Datei herausgebracht hat. Ansonsten gibt es noch gute Cookiemanager, Erweiterungen für den Firefox zB wäre da CookieCuller http://filepony.de/download-cookie_culler/ Wenn du aber damit leben kannst, dich bei jeder Browsersession überall neu einzuloggen (zB Facebook, Ebay, GMX, oder auch Trojaner-Board) dann stell den Browser einfach so ein, dass einfach alles beim Beenden des Browser inkl. Cookies gelöscht wird. Ich halte es so, dass ich zum "wilden Surfen" den Opera-Browser oder Chromium unter meinem Linux verwende. Mein Hauptbrowser (Firefox) speichert nur die Cookies von den Sites die ich auch will, alles andere lehne ich manuell ab (der FF fragt mich immer) - die anderen Browser nehmen alles an Cookies zwar an, aber spätestens beim nächsten Start von Opera oder Chromium sind keine Cookies mehr da. Ist dein System nun wieder in Ordnung oder gibt's noch andere Funde oder Probleme?
__________________ Logfiles bitte immer in CODE-Tags posten |
|
15.06.2012, 17:56
| #27 |
| | Verschlüsselungs-Trojaner mit Aufforderung Geld zu überweisen Hey, also ich habe jetzt nochmal McAfee und Malwarebytes durchlaufen lassen und nichts gefunden. Davor habe ich mir jeweils noch die aktuellsten Updates gezogen. Eine Frage habe ich jetzt aber noch. Ich habe jetzt bei Malwarebytes noch 2 Trojan.Agent Files in der Quarantäne. Die Log-Datei findest du hier auf Seite 1. Der Beitrag vom 10.06 um 22:08 und die Datei die unter 'Heute' deklariert ist. Was mache ich mit den Funden? Einfach lassen oder löschen? Vielen Dank nochmal für deine ausgezeichnete Hilfe  !!!!!! |
|
15.06.2012, 20:53
| #28 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Verschlüsselungs-Trojaner mit Aufforderung Geld zu überweisen Überleg doch mal was eine Quarantäne ist. Ob da die schädliche Datei drinbleibt oder nicht, das hat keine Auswirkungen. Schädlinge in der Quarantäne können nichts mehr anrichten, sie sind dort isoliert. Du solltest grundsätzlich mit der Quarantäne arbeiten, denn falls der Virenscanner durch einen Fehlalarm was wichtiges löscht, kannst Du notfalls noch über die Quarantäne an die Datei ran.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
15.06.2012, 23:20
| #29 |
| | Verschlüsselungs-Trojaner mit Aufforderung Geld zu überweisen Klar, hast ja Recht. Aber ich war mir eben nicht ganz sicher. Was ist eigentlich mit den ganzen Programmen die ich runtergeladen habe. Kann ich die wieder deinstallieren oder sollte die eher behalten? |
|
15.06.2012, 23:33
| #30 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Verschlüsselungs-Trojaner mit Aufforderung Geld zu überweisen Dann wären wir durch!  Die Programme, die hier zum Einsatz kamen, können alle wieder runter. Mit Hilfe von OTL kannst du auch viele Tools entfernen: Starte bitte OTL und klicke auf Bereinigung. Dies wird die meisten Tools entfernen, die wir zur Bereinigung benötigt haben. Sollte etwas bestehen bleiben, bitte mit Rechtsklick --> Löschen entfernen. Malwarebytes zu behalten ist zu empfehlen. Kannst ja 1x im Monat damit einen Vollscan machen, aber immer vorher ans Update denken. Bitte abschließend die Updates prüfen, unten mein Leitfaden dazu. Um in Zukunft die Aktualität der installierten Programme besser im Überblick zu halten, kannst du zB Secunia PSI verwenden. Für noch mehr Sicherheit solltest Du nach der beseitigten Infektion auch möglichst alle Passwörter ändern. Microsoftupdate Windows XP: Besuch mit dem IE die MS-Updateseite und lass Dir alle wichtigen Updates installieren. Windows Vista/7: Anleitung Windows-Update PDF-Reader aktualisieren Ein veralteter AdobeReader stellt ein großes Sicherheitsrisiko dar. Du solltest daher besser alte Versionen vom AdobeReader über Systemsteuerung => Software bzw. Programme und Funktionen deinstallieren, indem Du dort auf "Adobe Reader x.0" klickst und das Programm entfernst. (falls du AdobeReader installiert hast) Ich empfehle einen alternativen PDF-Reader wie PDF Xchange Viewer, SumatraPDF oder Foxit PDF Reader, die sind sehr viel schlanker und flotter als der AdobeReader. Bitte überprüf bei der Gelegenheit auch die Aktualität des Flashplayers: Adobe - Andere Version des Adobe Flash Player installieren Notfalls kann man auch von Chip.de runterladen => http://filepony.de/?q=Flash+Player Natürlich auch darauf achten, dass andere installierte Browser wie zB Firefox, Opera oder Chrome aktuell sind. Java-Update Veraltete Java-Installationen sind ein Sicherheitsrisiko, daher solltest Du die alten Versionen löschen (falls vorhanden, am besten mit JavaRa) und auf die neuste aktualisieren. Beende dazu alle Programme (v.a. die Browser), klick danach auf Start, Systemsteuerung, Software und deinstalliere darüber alle aufgelisteten Java-Versionen. Lad Dir danach von hier das aktuelle Java SE Runtime Environment (JRE) herunter und installiere es.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
| Themen zu Verschlüsselungs-Trojaner mit Aufforderung Geld zu überweisen |
| abgesicherten, amd, anschluss, aufforderung, bräuchte, einloggen, fenster, geld, geld bezahlen, gestartet, google earth, helft, infiziert, install.exe, interne, internetverbindung, klicke, klicken, langs, laptop, launch, malwarebytes, microsoft office word, modus, neustart., office 2007, plug-in, richtlinie, searchscopes, security scan, seite, trojaner, updates, usb 2.0, verbindung, version, version=1.0, windows, windows 7, windows-update |
Linear-Darstellung
