| |
| |||||||
Log-Analyse und Auswertung: GVU/ BKA TrojanerWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML |
 |
14.07.2012, 16:28
| #31 |
 |  GVU/ BKA Trojaner Hallo Arne, nichts gefunden sieht wohl gut aus Code:
ATTFilter 17:21:23.0767 1308 TDSS rootkit removing tool 2.7.45.0 Jul 9 2012 12:46:35
17:21:23.0861 1308 ============================================================
17:21:23.0861 1308 Current date / time: 2012/07/14 17:21:23.0861
17:21:23.0861 1308 SystemInfo:
17:21:23.0861 1308
17:21:23.0861 1308 OS Version: 6.0.6002 ServicePack: 2.0
17:21:23.0861 1308 Product type: Workstation
17:21:23.0861 1308 ComputerName: ***-PC
17:21:23.0861 1308 UserName: ***
17:21:23.0861 1308 Windows directory: C:\Windows
17:21:23.0861 1308 System windows directory: C:\Windows
17:21:23.0861 1308 Processor architecture: Intel x86
17:21:23.0861 1308 Number of processors: 2
17:21:23.0861 1308 Page size: 0x1000
17:21:23.0861 1308 Boot type: Normal boot
17:21:23.0861 1308 ============================================================
17:21:25.0093 1308 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
17:21:25.0202 1308 ============================================================
17:21:25.0202 1308 \Device\Harddisk0\DR0:
17:21:25.0202 1308 MBR partitions:
17:21:25.0202 1308 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x186A0000
17:21:25.0202 1308 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x186A0800, BlocksNum 0x249F0000
17:21:25.0202 1308 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x3D090800, BlocksNum 0x37675800
17:21:25.0202 1308 ============================================================
17:21:25.0233 1308 C: <-> \Device\Harddisk0\DR0\Partition0
17:21:25.0265 1308 D: <-> \Device\Harddisk0\DR0\Partition1
17:21:25.0311 1308 E: <-> \Device\Harddisk0\DR0\Partition2
17:21:25.0311 1308 ============================================================
17:21:25.0311 1308 Initialize success
17:21:25.0311 1308 ============================================================
17:23:12.0044 0480 ============================================================
17:23:12.0044 0480 Scan started
17:23:12.0044 0480 Mode: Manual; SigCheck; TDLFS;
17:23:12.0044 0480 ============================================================
17:23:12.0949 0480 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
17:23:13.0027 0480 ACPI - ok
17:23:13.0105 0480 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
17:23:13.0121 0480 AdobeARMservice - ok
17:23:13.0183 0480 AdobeFlashPlayerUpdateSvc (5e1a953c6472e7bb644892a4d0df5e72) C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
17:23:13.0199 0480 AdobeFlashPlayerUpdateSvc - ok
17:23:13.0261 0480 adp94xx (2edc5bbac6c651ece337bde8ed97c9fb) C:\Windows\system32\drivers\adp94xx.sys
17:23:13.0277 0480 adp94xx - ok
17:23:13.0324 0480 adpahci (b84088ca3cdca97da44a984c6ce1ccad) C:\Windows\system32\drivers\adpahci.sys
17:23:13.0339 0480 adpahci - ok
17:23:13.0355 0480 adpu160m (7880c67bccc27c86fd05aa2afb5ea469) C:\Windows\system32\drivers\adpu160m.sys
17:23:13.0355 0480 adpu160m - ok
17:23:13.0370 0480 adpu320 (9ae713f8e30efc2abccd84904333df4d) C:\Windows\system32\drivers\adpu320.sys
17:23:13.0386 0480 adpu320 - ok
17:23:13.0402 0480 AeLookupSvc (9d1fda9e086ba64e3c93c9de32461bcf) C:\Windows\System32\aelupsvc.dll
17:23:13.0480 0480 AeLookupSvc - ok
17:23:13.0511 0480 AFD (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys
17:23:13.0558 0480 AFD - ok
17:23:13.0589 0480 agp440 (ef23439cdd587f64c2c1b8825cead7d8) C:\Windows\system32\drivers\agp440.sys
17:23:13.0589 0480 agp440 - ok
17:23:13.0620 0480 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
17:23:13.0620 0480 aic78xx - ok
17:23:13.0636 0480 ALG (a1545b731579895d8cc44fc0481c1192) C:\Windows\System32\alg.exe
17:23:13.0714 0480 ALG - ok
17:23:13.0729 0480 aliide (496eda16a127ac9a38bb285bef17dbb5) C:\Windows\system32\drivers\aliide.sys
17:23:13.0745 0480 aliide - ok
17:23:13.0745 0480 amdagp (2b13e304c9dfdfa5eb582f6a149fa2c7) C:\Windows\system32\drivers\amdagp.sys
17:23:13.0760 0480 amdagp - ok
17:23:13.0760 0480 amdide (6f65f4147c54398d7280b18cebbed215) C:\Windows\system32\drivers\amdide.sys
17:23:13.0776 0480 amdide - ok
17:23:13.0792 0480 AmdK7 (dc487885bcef9f28eece6fac0e5ddfc5) C:\Windows\system32\drivers\amdk7.sys
17:23:13.0885 0480 AmdK7 - ok
17:23:13.0916 0480 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\DRIVERS\amdk8.sys
17:23:13.0948 0480 AmdK8 - ok
17:23:13.0979 0480 Appinfo (c6d704c7f0434dc791aac37cac4b6e14) C:\Windows\System32\appinfo.dll
17:23:14.0010 0480 Appinfo - ok
17:23:14.0057 0480 Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
17:23:14.0072 0480 Apple Mobile Device - ok
17:23:14.0088 0480 arc (5f673180268bb1fdb69c99b6619fe379) C:\Windows\system32\drivers\arc.sys
17:23:14.0104 0480 arc - ok
17:23:14.0104 0480 arcsas (957f7540b5e7f602e44648c7de5a1c05) C:\Windows\system32\drivers\arcsas.sys
17:23:14.0119 0480 arcsas - ok
17:23:14.0135 0480 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
17:23:14.0182 0480 AsyncMac - ok
17:23:14.0197 0480 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
17:23:14.0197 0480 atapi - ok
17:23:14.0228 0480 AtiPcie (a356e45e8432432c06981ea63a1e0fe8) C:\Windows\system32\DRIVERS\AtiPcie.sys
17:23:14.0228 0480 AtiPcie - ok
17:23:14.0275 0480 AudioEndpointBuilder (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
17:23:14.0306 0480 AudioEndpointBuilder - ok
17:23:14.0322 0480 Audiosrv (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
17:23:14.0338 0480 Audiosrv - ok
17:23:14.0353 0480 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
17:23:14.0384 0480 Beep - ok
17:23:14.0416 0480 BFE (c789af0f724fda5852fb9a7d3a432381) C:\Windows\System32\bfe.dll
17:23:14.0447 0480 BFE - ok
17:23:14.0509 0480 BITS (93952506c6d67330367f7e7934b6a02f) C:\Windows\System32\qmgr.dll
17:23:14.0587 0480 BITS - ok
17:23:14.0603 0480 blbdrive - ok
17:23:14.0650 0480 Bonjour Service (db5bea73edaf19ac68b2c0fad0f92b1a) C:\Program Files\Bonjour\mDNSResponder.exe
17:23:14.0681 0480 Bonjour Service - ok
17:23:14.0696 0480 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys
17:23:14.0728 0480 bowser - ok
17:23:14.0743 0480 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
17:23:14.0774 0480 BrFiltLo - ok
17:23:14.0774 0480 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
17:23:14.0806 0480 BrFiltUp - ok
17:23:14.0837 0480 Browser (a3629a0c4226f9e9c72faaeebc3ad33c) C:\Windows\System32\browser.dll
17:23:14.0884 0480 Browser - ok
17:23:14.0884 0480 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
17:23:14.0946 0480 Brserid - ok
17:23:14.0962 0480 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
17:23:15.0008 0480 BrSerWdm - ok
17:23:15.0024 0480 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
17:23:15.0086 0480 BrUsbMdm - ok
17:23:15.0118 0480 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
17:23:15.0164 0480 BrUsbSer - ok
17:23:15.0180 0480 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
17:23:15.0227 0480 BTHMODEM - ok
17:23:15.0258 0480 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
17:23:15.0274 0480 cdfs - ok
17:23:15.0289 0480 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
17:23:15.0336 0480 cdrom - ok
17:23:15.0352 0480 CertPropSvc (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll
17:23:15.0383 0480 CertPropSvc - ok
17:23:15.0398 0480 circlass (da8e0afc7baa226c538ef53ac2f90897) C:\Windows\system32\drivers\circlass.sys
17:23:15.0445 0480 circlass - ok
17:23:15.0461 0480 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
17:23:15.0476 0480 CLFS - ok
17:23:15.0523 0480 clr_optimization_v2.0.50727_32 (8ee772032e2fe80a924f3b8dd5082194) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:23:15.0539 0480 clr_optimization_v2.0.50727_32 - ok
17:23:15.0570 0480 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:23:15.0570 0480 clr_optimization_v4.0.30319_32 - ok
17:23:15.0586 0480 cmdide (59172a0724f2ab769f31d61b0571d75b) C:\Windows\system32\drivers\cmdide.sys
17:23:15.0601 0480 cmdide - ok
17:23:15.0617 0480 Compbatt (82b8c91d327cfecf76cb58716f7d4997) C:\Windows\system32\drivers\compbatt.sys
17:23:15.0617 0480 Compbatt - ok
17:23:15.0617 0480 COMSysApp - ok
17:23:15.0632 0480 crcdisk (2a213ae086bbec5e937553c7d9a2b22c) C:\Windows\system32\drivers\crcdisk.sys
17:23:15.0632 0480 crcdisk - ok
17:23:15.0648 0480 Crusoe (22a7f883508176489f559ee745b5bf5d) C:\Windows\system32\drivers\crusoe.sys
17:23:15.0695 0480 Crusoe - ok
17:23:15.0742 0480 CryptSvc (75c6a297e364014840b48eccd7525e30) C:\Windows\system32\cryptsvc.dll
17:23:15.0757 0480 CryptSvc - ok
17:23:15.0804 0480 DcomLaunch (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll
17:23:15.0851 0480 DcomLaunch - ok
17:23:15.0866 0480 DfsC (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys
17:23:15.0898 0480 DfsC - ok
17:23:15.0991 0480 DFSR (2cc3dcfb533a1035b13dcab6160ab38b) C:\Windows\system32\DFSR.exe
17:23:16.0147 0480 DFSR - ok
17:23:16.0225 0480 Dhcp (9028559c132146fb75eb7acf384b086a) C:\Windows\System32\dhcpcsvc.dll
17:23:16.0241 0480 Dhcp - ok
17:23:16.0272 0480 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
17:23:16.0288 0480 disk - ok
17:23:16.0319 0480 Dnscache (57d762f6f5974af0da2be88a3349baaa) C:\Windows\System32\dnsrslvr.dll
17:23:16.0350 0480 Dnscache - ok
17:23:16.0381 0480 dot3svc (324fd74686b1ef5e7c19a8af49e748f6) C:\Windows\System32\dot3svc.dll
17:23:16.0397 0480 dot3svc - ok
17:23:16.0412 0480 Dot4 (4f59c172c094e1a1d46463a8dc061cbd) C:\Windows\system32\DRIVERS\Dot4.sys
17:23:16.0444 0480 Dot4 - ok
17:23:16.0459 0480 Dot4Print (80bf3ba09f6f2523c8f6b7cc6dbf7bd5) C:\Windows\system32\DRIVERS\Dot4Prt.sys
17:23:16.0490 0480 Dot4Print - ok
17:23:16.0490 0480 dot4usb (c55004ca6b419b6695970dfe849b122f) C:\Windows\system32\DRIVERS\dot4usb.sys
17:23:16.0522 0480 dot4usb - ok
17:23:16.0553 0480 DPS (a622e888f8aa2f6b49e9bc466f0e5def) C:\Windows\system32\dps.dll
17:23:16.0568 0480 DPS - ok
17:23:16.0584 0480 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
17:23:16.0615 0480 drmkaud - ok
17:23:16.0662 0480 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
17:23:16.0693 0480 DXGKrnl - ok
17:23:16.0724 0480 E1G60 (f88fb26547fd2ce6d0a5af2985892c48) C:\Windows\system32\DRIVERS\E1G60I32.sys
17:23:16.0771 0480 E1G60 - ok
17:23:16.0802 0480 EapHost (c0b95e40d85cd807d614e264248a45b9) C:\Windows\System32\eapsvc.dll
17:23:16.0818 0480 EapHost - ok
17:23:16.0849 0480 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
17:23:16.0865 0480 Ecache - ok
17:23:16.0896 0480 ehRecvr (9be3744d295a7701eb425332014f0797) C:\Windows\ehome\ehRecvr.exe
17:23:16.0943 0480 ehRecvr - ok
17:23:16.0958 0480 ehSched (ad1870c8e5d6dd340c829e6074bf3c3f) C:\Windows\ehome\ehsched.exe
17:23:16.0990 0480 ehSched - ok
17:23:17.0005 0480 ehstart (c27c4ee8926e74aa72efcab24c5242c3) C:\Windows\ehome\ehstart.dll
17:23:17.0021 0480 ehstart - ok
17:23:17.0036 0480 elxstor (e8f3f21a71720c84bcf423b80028359f) C:\Windows\system32\drivers\elxstor.sys
17:23:17.0052 0480 elxstor - ok
17:23:17.0099 0480 EMDMgmt (4e6b23dfc917ea39306b529b773950f4) C:\Windows\system32\emdmgmt.dll
17:23:17.0161 0480 EMDMgmt - ok
17:23:17.0177 0480 EventSystem (67058c46504bc12d821f38cf99b7b28f) C:\Windows\system32\es.dll
17:23:17.0208 0480 EventSystem - ok
17:23:17.0224 0480 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
17:23:17.0270 0480 exfat - ok
17:23:17.0286 0480 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
17:23:17.0317 0480 fastfat - ok
17:23:17.0333 0480 fdc (63bdada84951b9c03e641800e176898a) C:\Windows\system32\DRIVERS\fdc.sys
17:23:17.0380 0480 fdc - ok
17:23:17.0380 0480 fdPHost (6629b5f0e98151f4afdd87567ea32ba3) C:\Windows\system32\fdPHost.dll
17:23:17.0395 0480 fdPHost - ok
17:23:17.0411 0480 FDResPub (89ed56dce8e47af40892778a5bd31fd2) C:\Windows\system32\fdrespub.dll
17:23:17.0458 0480 FDResPub - ok
17:23:17.0473 0480 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
17:23:17.0489 0480 FileInfo - ok
17:23:17.0489 0480 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
17:23:17.0520 0480 Filetrace - ok
17:23:17.0536 0480 flpydisk (6603957eff5ec62d25075ea8ac27de68) C:\Windows\system32\DRIVERS\flpydisk.sys
17:23:17.0582 0480 flpydisk - ok
17:23:17.0598 0480 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
17:23:17.0614 0480 FltMgr - ok
17:23:17.0692 0480 FontCache (8ce364388c8eca59b14b539179276d44) C:\Windows\system32\FntCache.dll
17:23:17.0754 0480 FontCache - ok
17:23:17.0816 0480 FontCache3.0.0.0 (c7fbdd1ed42f82bfa35167a5c9803ea3) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
17:23:17.0816 0480 FontCache3.0.0.0 - ok
17:23:17.0832 0480 Fs_Rec (b972a66758577e0bfd1de0f91aaa27b5) C:\Windows\system32\drivers\Fs_Rec.sys
17:23:17.0863 0480 Fs_Rec - ok
17:23:17.0879 0480 gagp30kx (4e1cd0a45c50a8882616cae5bf82f3c5) C:\Windows\system32\drivers\gagp30kx.sys
17:23:17.0894 0480 gagp30kx - ok
17:23:17.0910 0480 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
17:23:17.0910 0480 GEARAspiWDM - ok
17:23:17.0957 0480 gpsvc (cd5d0aeee35dfd4e986a5aa1500a6e66) C:\Windows\System32\gpsvc.dll
17:23:18.0035 0480 gpsvc - ok
17:23:18.0066 0480 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys
17:23:18.0113 0480 HdAudAddService - ok
17:23:18.0160 0480 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
17:23:18.0238 0480 HDAudBus - ok
17:23:18.0269 0480 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
17:23:18.0300 0480 HidBth - ok
17:23:18.0316 0480 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
17:23:18.0362 0480 HidIr - ok
17:23:18.0378 0480 hidserv (84067081f3318162797385e11a8f0582) C:\Windows\system32\hidserv.dll
17:23:18.0409 0480 hidserv - ok
17:23:18.0425 0480 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
17:23:18.0456 0480 HidUsb - ok
17:23:18.0472 0480 hkmsvc (d8ad255b37da92434c26e4876db7d418) C:\Windows\system32\kmsvc.dll
17:23:18.0503 0480 hkmsvc - ok
17:23:18.0503 0480 HpCISSs (df353b401001246853763c4b7aaa6f50) C:\Windows\system32\drivers\hpcisss.sys
17:23:18.0518 0480 HpCISSs - ok
17:23:18.0550 0480 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys
17:23:18.0628 0480 HTTP - ok
17:23:18.0643 0480 i2omp (324c2152ff2c61abae92d09f3cca4d63) C:\Windows\system32\drivers\i2omp.sys
17:23:18.0643 0480 i2omp - ok
17:23:18.0690 0480 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
17:23:18.0706 0480 i8042prt - ok
17:23:18.0721 0480 iaStorV (c957bf4b5d80b46c5017bf0101e6c906) C:\Windows\system32\drivers\iastorv.sys
17:23:18.0737 0480 iaStorV - ok
17:23:18.0846 0480 idsvc (98477b08e61945f974ed9fdc4cb6bdab) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
17:23:18.0908 0480 idsvc - ok
17:23:18.0955 0480 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
17:23:18.0971 0480 iirsp - ok
17:23:19.0002 0480 IKEEXT (9908d8a397b76cd8d31d0d383c5773c9) C:\Windows\System32\ikeext.dll
17:23:19.0033 0480 IKEEXT - ok
17:23:19.0142 0480 IntcAzAudAddService (0f16d98c3af2138fabfa20adde4e01fe) C:\Windows\system32\drivers\RTKVHDA.sys
17:23:19.0205 0480 IntcAzAudAddService - ok
17:23:19.0298 0480 intelide (e5ea1c17da5065032e346591ff64f3af) C:\Windows\system32\drivers\intelide.sys
17:23:19.0298 0480 intelide - ok
17:23:19.0330 0480 intelppm (ce44cc04262f28216dd4341e9e36a16f) C:\Windows\system32\DRIVERS\intelppm.sys
17:23:19.0361 0480 intelppm - ok
17:23:19.0392 0480 IPBusEnum (9ac218c6e6105477484c6fdbe7d409a4) C:\Windows\system32\ipbusenum.dll
17:23:19.0408 0480 IPBusEnum - ok
17:23:19.0439 0480 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:23:19.0454 0480 IpFilterDriver - ok
17:23:19.0486 0480 iphlpsvc (1998bd97f950680bb55f55a7244679c2) C:\Windows\System32\iphlpsvc.dll
17:23:19.0501 0480 iphlpsvc - ok
17:23:19.0501 0480 IpInIp - ok
17:23:19.0517 0480 IPMIDRV (40f34f8aba2a015d780e4b09138b6c17) C:\Windows\system32\drivers\ipmidrv.sys
17:23:19.0579 0480 IPMIDRV - ok
17:23:19.0595 0480 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
17:23:19.0626 0480 IPNAT - ok
17:23:19.0688 0480 iPod Service (57edb35ea2feca88f8b17c0c095c9a56) C:\Program Files\iPod\bin\iPodService.exe
17:23:19.0751 0480 iPod Service - ok
17:23:19.0798 0480 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
17:23:19.0829 0480 IRENUM - ok
17:23:19.0844 0480 isapnp (350fca7e73cf65bcef43fae1e4e91293) C:\Windows\system32\drivers\isapnp.sys
17:23:19.0860 0480 isapnp - ok
17:23:19.0891 0480 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
17:23:19.0891 0480 iScsiPrt - ok
17:23:19.0907 0480 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
17:23:19.0907 0480 iteatapi - ok
17:23:19.0922 0480 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
17:23:19.0938 0480 iteraid - ok
17:23:19.0954 0480 JRAID (222e263cc06e47bda386fe19b88e8583) C:\Windows\system32\drivers\jraid.sys
17:23:19.0985 0480 JRAID - ok
17:23:20.0016 0480 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
17:23:20.0016 0480 kbdclass - ok
17:23:20.0047 0480 kbdhid (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys
17:23:20.0063 0480 kbdhid - ok
17:23:20.0094 0480 KeyIso (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
17:23:20.0110 0480 KeyIso - ok
17:23:20.0156 0480 KSecDD (4a1445efa932a3baf5bdb02d7131ee20) C:\Windows\system32\Drivers\ksecdd.sys
17:23:20.0172 0480 KSecDD - ok
17:23:20.0219 0480 KtmRm (8078f8f8f7a79e2e6b494523a828c585) C:\Windows\system32\msdtckrm.dll
17:23:20.0250 0480 KtmRm - ok
17:23:20.0266 0480 LanmanServer (1bf5eebfd518dd7298434d8c862f825d) C:\Windows\system32\srvsvc.dll
17:23:20.0297 0480 LanmanServer - ok
17:23:20.0328 0480 LanmanWorkstation (1db69705b695b987082c8baec0c6b34f) C:\Windows\System32\wkssvc.dll
17:23:20.0359 0480 LanmanWorkstation - ok
17:23:20.0390 0480 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
17:23:20.0406 0480 lltdio - ok
17:23:20.0453 0480 lltdsvc (2d5a428872f1442631d0959a34abff63) C:\Windows\System32\lltdsvc.dll
17:23:20.0468 0480 lltdsvc - ok
17:23:20.0484 0480 lmhosts (35d40113e4a5b961b6ce5c5857702518) C:\Windows\System32\lmhsvc.dll
17:23:20.0531 0480 lmhosts - ok
17:23:20.0562 0480 LSI_FC (a2262fb9f28935e862b4db46438c80d2) C:\Windows\system32\drivers\lsi_fc.sys
17:23:20.0562 0480 LSI_FC - ok
17:23:20.0578 0480 LSI_SAS (30d73327d390f72a62f32c103daf1d6d) C:\Windows\system32\drivers\lsi_sas.sys
17:23:20.0578 0480 LSI_SAS - ok
17:23:20.0609 0480 LSI_SCSI (e1e36fefd45849a95f1ab81de0159fe3) C:\Windows\system32\drivers\lsi_scsi.sys
17:23:20.0609 0480 LSI_SCSI - ok
17:23:20.0624 0480 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
17:23:20.0656 0480 luafv - ok
17:23:20.0687 0480 Mcx2Svc (aef9babb8a506bc4ce0451a64aaded46) C:\Windows\system32\Mcx2Svc.dll
17:23:20.0702 0480 Mcx2Svc - ok
17:23:20.0718 0480 megasas (d153b14fc6598eae8422a2037553adce) C:\Windows\system32\drivers\megasas.sys
17:23:20.0734 0480 megasas - ok
17:23:20.0749 0480 MMCSS (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
17:23:20.0780 0480 MMCSS - ok
17:23:20.0812 0480 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
17:23:20.0843 0480 Modem - ok
17:23:20.0858 0480 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
17:23:20.0874 0480 monitor - ok
17:23:20.0890 0480 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
17:23:20.0905 0480 mouclass - ok
17:23:20.0921 0480 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
17:23:20.0936 0480 mouhid - ok
17:23:20.0952 0480 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
17:23:20.0952 0480 MountMgr - ok
17:23:20.0999 0480 MozillaMaintenance (15d5398eed42c2504bb3d4fc875c15d1) C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
17:23:20.0999 0480 MozillaMaintenance - ok
17:23:21.0046 0480 MpFilter (d993bea500e7382dc4e760bf4f35efcb) C:\Windows\system32\DRIVERS\MpFilter.sys
17:23:21.0061 0480 MpFilter - ok
17:23:21.0092 0480 mpio (583a41f26278d9e0ea548163d6139397) C:\Windows\system32\drivers\mpio.sys
17:23:21.0108 0480 mpio - ok
17:23:21.0124 0480 MpKsld96b4d87 (a69630d039c38018689190234f866d77) C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{B00D3692-DA15-4DDD-9475-3A468B56A98F}\MpKsld96b4d87.sys
17:23:21.0139 0480 MpKsld96b4d87 - ok
17:23:21.0155 0480 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
17:23:21.0186 0480 mpsdrv - ok
17:23:21.0217 0480 MpsSvc (5de62c6e9108f14f6794060a9bdecaec) C:\Windows\system32\mpssvc.dll
17:23:21.0264 0480 MpsSvc - ok
17:23:21.0264 0480 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
17:23:21.0280 0480 Mraid35x - ok
17:23:21.0295 0480 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
17:23:21.0311 0480 MRxDAV - ok
17:23:21.0326 0480 mrxsmb (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys
17:23:21.0358 0480 mrxsmb - ok
17:23:21.0389 0480 mrxsmb10 (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:23:21.0404 0480 mrxsmb10 - ok
17:23:21.0420 0480 mrxsmb20 (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:23:21.0436 0480 mrxsmb20 - ok
17:23:21.0451 0480 msahci (5457dcfa7c0da43522f4d9d4049c1472) C:\Windows\system32\drivers\msahci.sys
17:23:21.0482 0480 msahci - ok
17:23:21.0498 0480 msdsm (3fc82a2ae4cc149165a94699183d3028) C:\Windows\system32\drivers\msdsm.sys
17:23:21.0514 0480 msdsm - ok
17:23:21.0545 0480 MSDTC (fd7520cc3a80c5fc8c48852bb24c6ded) C:\Windows\System32\msdtc.exe
17:23:21.0576 0480 MSDTC - ok
17:23:21.0592 0480 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
17:23:21.0623 0480 Msfs - ok
17:23:21.0638 0480 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
17:23:21.0638 0480 msisadrv - ok
17:23:21.0670 0480 MSiSCSI (85466c0757a23d9a9aecdc0755203cb2) C:\Windows\system32\iscsiexe.dll
17:23:21.0685 0480 MSiSCSI - ok
17:23:21.0701 0480 msiserver - ok
17:23:21.0716 0480 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
17:23:21.0748 0480 MSKSSRV - ok
17:23:21.0779 0480 MsMpSvc (24516bf4e12a46cb67302e2cdcb8cddf) C:\Program Files\Microsoft Security Client\MsMpEng.exe
17:23:21.0794 0480 MsMpSvc - ok
17:23:21.0826 0480 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
17:23:21.0841 0480 MSPCLOCK - ok
17:23:21.0857 0480 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
17:23:21.0872 0480 MSPQM - ok
17:23:21.0888 0480 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
17:23:21.0904 0480 MsRPC - ok
17:23:21.0919 0480 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
17:23:21.0935 0480 mssmbios - ok
17:23:21.0935 0480 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
17:23:21.0966 0480 MSTEE - ok
17:23:21.0982 0480 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
17:23:21.0997 0480 Mup - ok
17:23:22.0013 0480 napagent (e4eaf0c5c1b41b5c83386cf212ca9584) C:\Windows\system32\qagentRT.dll
17:23:22.0044 0480 napagent - ok
17:23:22.0075 0480 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
17:23:22.0106 0480 NativeWifiP - ok
17:23:22.0138 0480 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
17:23:22.0169 0480 NDIS - ok
17:23:22.0200 0480 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
17:23:22.0216 0480 NdisTapi - ok
17:23:22.0231 0480 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
17:23:22.0247 0480 Ndisuio - ok
17:23:22.0278 0480 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
17:23:22.0294 0480 NdisWan - ok
17:23:22.0325 0480 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
17:23:22.0340 0480 NDProxy - ok
17:23:22.0356 0480 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
17:23:22.0387 0480 NetBIOS - ok
17:23:22.0418 0480 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
17:23:22.0434 0480 netbt - ok
17:23:22.0450 0480 Netlogon (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
17:23:22.0465 0480 Netlogon - ok
17:23:22.0496 0480 Netman (c8052711daecc48b982434c5116ca401) C:\Windows\System32\netman.dll
17:23:22.0528 0480 Netman - ok
17:23:22.0543 0480 netprofm (2ef3bbe22e5a5acd1428ee387a0d0172) C:\Windows\System32\netprofm.dll
17:23:22.0574 0480 netprofm - ok
17:23:22.0637 0480 NetTcpPortSharing (d6c4e4a39a36029ac0813d476fbd0248) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
17:23:22.0637 0480 NetTcpPortSharing - ok
17:23:22.0668 0480 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
17:23:22.0668 0480 nfrd960 - ok
17:23:22.0699 0480 NgFilter (41e8a98c7dfb2f25942347f1fc9fbb04) C:\Windows\system32\DRIVERS\ngfilter.sys
17:23:22.0902 0480 NgFilter - ok
17:23:22.0933 0480 NgLog (3a42e4d433809346bf192093580eb702) C:\Windows\system32\DRIVERS\nglog.sys
17:23:22.0949 0480 NgLog - ok
17:23:22.0964 0480 NgVpn (b8189d438e4a3d6c92aafae87b9fe516) C:\Windows\system32\DRIVERS\ngvpn.sys
17:23:22.0964 0480 NgVpn - ok
17:23:22.0996 0480 NgVpnMgr (99207440306bf046f6ebc6483ef0b423) C:\Windows\system32\ngvpnmgr.exe
17:23:22.0996 0480 NgVpnMgr - ok
17:23:23.0011 0480 NgWfp (fe2c3b7fba0f55a1aa8d0628a952eec5) C:\Windows\system32\DRIVERS\ngwfp.sys
17:23:23.0011 0480 NgWfp - ok
17:23:23.0042 0480 NisDrv (b52f26bade7d7e4a79706e3fd91834cd) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
17:23:23.0058 0480 NisDrv - ok
17:23:23.0105 0480 NisSrv (290c0d4c4889398797f8df3be00b9698) C:\Program Files\Microsoft Security Client\NisSrv.exe
17:23:23.0120 0480 NisSrv - ok
17:23:23.0152 0480 NlaSvc (2997b15415f9bbe05b5a4c1c85e0c6a2) C:\Windows\System32\nlasvc.dll
17:23:23.0183 0480 NlaSvc - ok
17:23:23.0261 0480 NMIndexingService (7b273501c59d52978b761f82bebadb06) C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
17:23:23.0276 0480 NMIndexingService - ok
17:23:23.0292 0480 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
17:23:23.0308 0480 Npfs - ok
17:23:23.0323 0480 nsi (8bb86f0c7eea2bded6fe095d0b4ca9bd) C:\Windows\system32\nsisvc.dll
17:23:23.0354 0480 nsi - ok
17:23:23.0370 0480 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
17:23:23.0386 0480 nsiproxy - ok
17:23:23.0432 0480 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
17:23:23.0510 0480 Ntfs - ok
17:23:23.0542 0480 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
17:23:23.0588 0480 ntrigdigi - ok
17:23:23.0604 0480 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
17:23:23.0635 0480 Null - ok
17:23:23.0963 0480 nvlddmkm (6ef47521dce982602a25afb41dd13d4f) C:\Windows\system32\DRIVERS\nvlddmkm.sys
17:23:24.0602 0480 nvlddmkm - ok
17:23:24.0774 0480 nvraid (6f785db62a6d8f3fafd3e5695277e849) C:\Windows\system32\drivers\nvraid.sys
17:23:24.0836 0480 nvraid - ok
17:23:24.0836 0480 nvstor (4a5fcab82d9bf6af8a023a66802fe9e9) C:\Windows\system32\drivers\nvstor.sys
17:23:24.0868 0480 nvstor - ok
17:23:24.0914 0480 NVSvc (725754030d809ed7f802399ac5b0ad3d) C:\Windows\system32\nvvsvc.exe
17:23:25.0008 0480 NVSvc - ok
17:23:25.0039 0480 nv_agp (07c186427eb8fcc3d8d7927187f260f7) C:\Windows\system32\drivers\nv_agp.sys
17:23:25.0055 0480 nv_agp - ok
17:23:25.0055 0480 NwlnkFlt - ok
17:23:25.0070 0480 NwlnkFwd - ok
17:23:25.0117 0480 ohci1394 (6f310e890d46e246e0e261a63d9b36b4) C:\Windows\system32\DRIVERS\ohci1394.sys
17:23:25.0148 0480 ohci1394 - ok
17:23:25.0195 0480 ose (7a56cf3e3f12e8af599963b16f50fb6a) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
17:23:25.0195 0480 ose - ok
17:23:25.0242 0480 p2pimsvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
17:23:25.0320 0480 p2pimsvc - ok
17:23:25.0320 0480 p2psvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
17:23:25.0382 0480 p2psvc - ok
17:23:25.0429 0480 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
17:23:25.0460 0480 Parport - ok
17:23:25.0507 0480 partmgr (b9c2b89f08670e159f7181891e449cd9) C:\Windows\system32\drivers\partmgr.sys
17:23:25.0523 0480 partmgr - ok
17:23:25.0523 0480 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
17:23:25.0570 0480 Parvdm - ok
17:23:25.0585 0480 PcaSvc (c6276ad11f4bb49b58aa1ed88537f14a) C:\Windows\System32\pcasvc.dll
17:23:25.0616 0480 PcaSvc - ok
17:23:25.0648 0480 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
17:23:25.0648 0480 pci - ok
17:23:25.0663 0480 pciide (1636d43f10416aeb483bc6001097b26c) C:\Windows\system32\drivers\pciide.sys
17:23:25.0679 0480 pciide - ok
17:23:25.0694 0480 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
17:23:25.0710 0480 pcmcia - ok
17:23:25.0726 0480 PDNMp50 (1bf91f352d746ad7469fa71783b5fae8) C:\Windows\system32\drivers\PDNMp50.sys
17:23:25.0726 0480 PDNMp50 - ok
17:23:25.0757 0480 PDNSp50 (1961590aa191b6b7dcf18a6a693af7b8) C:\Windows\system32\drivers\PDNSp50.sys
17:23:25.0772 0480 PDNSp50 - ok
17:23:25.0819 0480 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
17:23:25.0944 0480 PEAUTH - ok
17:23:26.0022 0480 pla (b1689df169143f57053f795390c99db3) C:\Windows\system32\pla.dll
17:23:26.0147 0480 pla - ok
17:23:26.0256 0480 PlugPlay (c5e7f8a996ec0a82d508fd9064a5569e) C:\Windows\system32\umpnpmgr.dll
17:23:26.0272 0480 PlugPlay - ok
17:23:26.0350 0480 PNRPAutoReg (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
17:23:26.0381 0480 PNRPAutoReg - ok
17:23:26.0381 0480 PNRPsvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
17:23:26.0412 0480 PNRPsvc - ok
17:23:26.0443 0480 PolicyAgent (d0494460421a03cd5225cca0059aa146) C:\Windows\System32\ipsecsvc.dll
17:23:26.0506 0480 PolicyAgent - ok
17:23:26.0521 0480 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
17:23:26.0552 0480 PptpMiniport - ok
17:23:26.0584 0480 Processor (0e3cef5d28b40cf273281d620c50700a) C:\Windows\system32\drivers\processr.sys
17:23:26.0630 0480 Processor - ok
17:23:26.0646 0480 ProfSvc (0508faa222d28835310b7bfca7a77346) C:\Windows\system32\profsvc.dll
17:23:26.0662 0480 ProfSvc - ok
17:23:26.0693 0480 ProtectedStorage (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
17:23:26.0708 0480 ProtectedStorage - ok
17:23:26.0724 0480 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
17:23:26.0740 0480 PSched - ok
17:23:26.0802 0480 ql2300 (ccdac889326317792480c0a67156a1ec) C:\Windows\system32\drivers\ql2300.sys
17:23:26.0833 0480 ql2300 - ok
17:23:26.0849 0480 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
17:23:26.0864 0480 ql40xx - ok
17:23:26.0880 0480 QWAVE (e9ecae663f47e6cb43962d18ab18890f) C:\Windows\system32\qwave.dll
17:23:26.0911 0480 QWAVE - ok
17:23:26.0911 0480 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
17:23:26.0942 0480 QWAVEdrv - ok
17:23:26.0958 0480 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
17:23:26.0989 0480 RasAcd - ok
17:23:27.0005 0480 RasAuto (f6a452eb4ceadbb51c9e0ee6b3ecef0f) C:\Windows\System32\rasauto.dll
17:23:27.0036 0480 RasAuto - ok
17:23:27.0052 0480 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
17:23:27.0083 0480 Rasl2tp - ok
17:23:27.0114 0480 RasMan (75d47445d70ca6f9f894b032fbc64fcf) C:\Windows\System32\rasmans.dll
17:23:27.0130 0480 RasMan - ok
17:23:27.0161 0480 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
17:23:27.0176 0480 RasPppoe - ok
17:23:27.0192 0480 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
17:23:27.0208 0480 RasSstp - ok
17:23:27.0239 0480 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
17:23:27.0254 0480 rdbss - ok
17:23:27.0270 0480 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
17:23:27.0301 0480 RDPCDD - ok
17:23:27.0332 0480 rdpdr (e8bd98d46f2ed77132ba927fccb47d8b) C:\Windows\system32\drivers\rdpdr.sys
17:23:27.0379 0480 rdpdr - ok
17:23:27.0395 0480 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
17:23:27.0410 0480 RDPENCDD - ok
17:23:27.0457 0480 RDPWD (c127ebd5afab31524662c48dfceb773a) C:\Windows\system32\drivers\RDPWD.sys
17:23:27.0488 0480 RDPWD - ok
17:23:27.0520 0480 RemoteAccess (bcdd6b4804d06b1f7ebf29e53a57ece9) C:\Windows\System32\mprdim.dll
17:23:27.0551 0480 RemoteAccess - ok
17:23:27.0566 0480 RemoteRegistry (9e6894ea18daff37b63e1005f83ae4ab) C:\Windows\system32\regsvc.dll
17:23:27.0582 0480 RemoteRegistry - ok
17:23:27.0598 0480 RpcLocator (5123f83cbc4349d065534eeb6bbdc42b) C:\Windows\system32\locator.exe
17:23:27.0629 0480 RpcLocator - ok
17:23:27.0660 0480 RpcSs (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll
17:23:27.0707 0480 RpcSs - ok
17:23:27.0707 0480 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
17:23:27.0738 0480 rspndr - ok
17:23:27.0769 0480 RTL8169 (2d19a7469ea19993d0c12e627f4530bc) C:\Windows\system32\DRIVERS\Rtlh86.sys
17:23:27.0785 0480 RTL8169 - ok
17:23:27.0800 0480 SamSs (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
17:23:27.0816 0480 SamSs - ok
17:23:27.0847 0480 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
17:23:27.0863 0480 sbp2port - ok
17:23:27.0894 0480 SCardSvr (77b7a11a0c3d78d3386398fbbea1b632) C:\Windows\System32\SCardSvr.dll
17:23:27.0956 0480 SCardSvr - ok
17:23:28.0175 0480 Schedule (1a58069db21d05eb2ab58ee5753ebe8d) C:\Windows\system32\schedsvc.dll
17:23:28.0237 0480 Schedule - ok
17:23:28.0253 0480 SCPolicySvc (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll
17:23:28.0284 0480 SCPolicySvc - ok
17:23:28.0315 0480 SDRSVC (716313d9f6b0529d03f726d5aaf6f191) C:\Windows\System32\SDRSVC.dll
17:23:28.0331 0480 SDRSVC - ok
17:23:28.0346 0480 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
17:23:28.0393 0480 secdrv - ok
17:23:28.0424 0480 seclogon (fd5199d4d8a521005e4b5ee7fe00fa9b) C:\Windows\system32\seclogon.dll
17:23:28.0440 0480 seclogon - ok
17:23:28.0471 0480 SENS (a9bbab5759771e523f55563d6cbe140f) C:\Windows\System32\sens.dll
17:23:28.0518 0480 SENS - ok
17:23:28.0705 0480 Serenum (ce9ec966638ef0b10b864ddedf62a099) C:\Windows\system32\DRIVERS\serenum.sys
17:23:28.0736 0480 Serenum - ok
17:23:28.0752 0480 Serial (6d663022db3e7058907784ae14b69898) C:\Windows\system32\DRIVERS\serial.sys
17:23:28.0783 0480 Serial - ok
17:23:28.0799 0480 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
17:23:28.0814 0480 sermouse - ok
17:23:28.0877 0480 SessionEnv (d2193326f729b163125610dbf3e17d57) C:\Windows\system32\sessenv.dll
17:23:28.0892 0480 SessionEnv - ok
17:23:28.0924 0480 sffdisk (103b79418da647736ee95645f305f68a) C:\Windows\system32\drivers\sffdisk.sys
17:23:28.0970 0480 sffdisk - ok
17:23:29.0017 0480 sffp_mmc (8fd08a310645fe872eeec6e08c6bf3ee) C:\Windows\system32\drivers\sffp_mmc.sys
17:23:29.0064 0480 sffp_mmc - ok
17:23:29.0080 0480 sffp_sd (9cfa05fcfcb7124e69cfc812b72f9614) C:\Windows\system32\drivers\sffp_sd.sys
17:23:29.0111 0480 sffp_sd - ok
17:23:29.0142 0480 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
17:23:29.0189 0480 sfloppy - ok
17:23:29.0236 0480 SharedAccess (e1499bd0ff76b1b2fbbf1af339d91165) C:\Windows\System32\ipnathlp.dll
17:23:29.0251 0480 SharedAccess - ok
17:23:29.0314 0480 ShellHWDetection (c7230fbee14437716701c15be02c27b8) C:\Windows\System32\shsvcs.dll
17:23:29.0360 0480 ShellHWDetection - ok
17:23:29.0376 0480 sisagp (d2a595d6eebeeaf4334f8e50efbc9931) C:\Windows\system32\drivers\sisagp.sys
17:23:29.0392 0480 sisagp - ok
17:23:29.0438 0480 SiSRaid2 (cedd6f4e7d84e9f98b34b3fe988373aa) C:\Windows\system32\drivers\sisraid2.sys
17:23:29.0438 0480 SiSRaid2 - ok
17:23:29.0454 0480 SiSRaid4 (df843c528c4f69d12ce41ce462e973a7) C:\Windows\system32\drivers\sisraid4.sys
17:23:29.0470 0480 SiSRaid4 - ok
17:23:29.0657 0480 slsvc (862bb4cbc05d80c5b45be430e5ef872f) C:\Windows\system32\SLsvc.exe
17:23:29.0844 0480 slsvc - ok
17:23:29.0969 0480 SLUINotify (6edc422215cd78aa8a9cde6b30abbd35) C:\Windows\system32\SLUINotify.dll
17:23:30.0000 0480 SLUINotify - ok
17:23:30.0031 0480 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
17:23:30.0047 0480 Smb - ok
17:23:30.0094 0480 SNMPTRAP (2a146a055b4401c16ee62d18b8e2a032) C:\Windows\System32\snmptrap.exe
17:23:30.0094 0480 SNMPTRAP - ok
17:23:30.0109 0480 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
17:23:30.0125 0480 spldr - ok
17:23:30.0156 0480 Spooler (8554097e5136c3bf9f69fe578a1b35f4) C:\Windows\System32\spoolsv.exe
17:23:30.0187 0480 Spooler - ok
17:23:30.0218 0480 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys
17:23:30.0265 0480 srv - ok
17:23:30.0281 0480 srv2 (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys
17:23:30.0312 0480 srv2 - ok
17:23:30.0328 0480 srvnet (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys
17:23:30.0343 0480 srvnet - ok
17:23:30.0359 0480 SSDPSRV (03d50b37234967433a5ea5ba72bc0b62) C:\Windows\System32\ssdpsrv.dll
17:23:30.0374 0480 SSDPSRV - ok
17:23:30.0390 0480 SstpSvc (6f1a32e7b7b30f004d9a20afadb14944) C:\Windows\system32\sstpsvc.dll
17:23:30.0421 0480 SstpSvc - ok
17:23:30.0468 0480 stisvc (5de7d67e49b88f5f07f3e53c4b92a352) C:\Windows\System32\wiaservc.dll
17:23:30.0530 0480 stisvc - ok
17:23:30.0546 0480 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
17:23:30.0562 0480 swenum - ok
17:23:30.0593 0480 swprv (f21fd248040681cca1fb6c9a03aaa93d) C:\Windows\System32\swprv.dll
17:23:30.0624 0480 swprv - ok
17:23:30.0655 0480 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
17:23:30.0671 0480 Symc8xx - ok
17:23:30.0686 0480 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
17:23:30.0686 0480 Sym_hi - ok
17:23:30.0702 0480 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
17:23:30.0702 0480 Sym_u3 - ok
17:23:30.0749 0480 SysMain (9a51b04e9886aa4ee90093586b0ba88d) C:\Windows\system32\sysmain.dll
17:23:30.0796 0480 SysMain - ok
17:23:30.0811 0480 TabletInputService (2dca225eae15f42c0933e998ee0231c3) C:\Windows\System32\TabSvc.dll
17:23:30.0842 0480 TabletInputService - ok
17:23:30.0874 0480 TapiSrv (d7673e4b38ce21ee54c59eeeb65e2483) C:\Windows\System32\tapisrv.dll
17:23:30.0905 0480 TapiSrv - ok
17:23:30.0936 0480 TBS (cb05822cd9cc6c688168e113c603dbe7) C:\Windows\System32\tbssvc.dll
17:23:30.0967 0480 TBS - ok
17:23:31.0061 0480 Tcpip (27d470dabc77bc60d0a3b0e4deb6cb91) C:\Windows\system32\drivers\tcpip.sys
17:23:31.0108 0480 Tcpip - ok
17:23:31.0123 0480 Tcpip6 (27d470dabc77bc60d0a3b0e4deb6cb91) C:\Windows\system32\DRIVERS\tcpip.sys
17:23:31.0201 0480 Tcpip6 - ok
17:23:31.0248 0480 tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys
17:23:31.0264 0480 tcpipreg - ok
17:23:31.0279 0480 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
17:23:31.0295 0480 TDPIPE - ok
17:23:31.0326 0480 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
17:23:31.0342 0480 TDTCP - ok
17:23:31.0357 0480 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
17:23:31.0388 0480 tdx - ok
17:23:31.0404 0480 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
17:23:31.0420 0480 TermDD - ok
17:23:31.0451 0480 TermService (bb95da09bef6e7a131bff3ba5032090d) C:\Windows\System32\termsrv.dll
17:23:31.0513 0480 TermService - ok
17:23:31.0544 0480 Themes (c7230fbee14437716701c15be02c27b8) C:\Windows\system32\shsvcs.dll
17:23:31.0560 0480 Themes - ok
17:23:31.0591 0480 THREADORDER (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
17:23:31.0607 0480 THREADORDER - ok
17:23:31.0654 0480 TrkWks (ec74e77d0eb004bd3a809b5f8fb8c2ce) C:\Windows\System32\trkwks.dll
17:23:31.0685 0480 TrkWks - ok
17:23:31.0716 0480 TrustedInstaller (97d9d6a04e3ad9b6c626b9931db78dba) C:\Windows\servicing\TrustedInstaller.exe
17:23:31.0732 0480 TrustedInstaller - ok
17:23:31.0747 0480 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
17:23:31.0763 0480 tssecsrv - ok
17:23:31.0794 0480 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
17:23:31.0810 0480 tunmp - ok
17:23:31.0825 0480 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
17:23:31.0841 0480 tunnel - ok
17:23:31.0856 0480 uagp35 (c3ade15414120033a36c0f293d4a4121) C:\Windows\system32\drivers\uagp35.sys
17:23:31.0872 0480 uagp35 - ok
17:23:31.0903 0480 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
17:23:31.0919 0480 udfs - ok
17:23:31.0950 0480 UI0Detect (ecef404f62863755951e09c802c94ad5) C:\Windows\system32\UI0Detect.exe
17:23:31.0966 0480 UI0Detect - ok
17:23:31.0997 0480 uliagpkx (75e6890ebfce0841d3291b02e7a8bdb0) C:\Windows\system32\drivers\uliagpkx.sys
17:23:31.0997 0480 uliagpkx - ok
17:23:32.0012 0480 uliahci (3cd4ea35a6221b85dcc25daa46313f8d) C:\Windows\system32\drivers\uliahci.sys
17:23:32.0028 0480 uliahci - ok
17:23:32.0044 0480 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
17:23:32.0059 0480 UlSata - ok
17:23:32.0075 0480 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
17:23:32.0090 0480 ulsata2 - ok
17:23:32.0106 0480 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
17:23:32.0122 0480 umbus - ok
17:23:32.0153 0480 upnphost (68308183f4ae0be7bf8ecd07cb297999) C:\Windows\System32\upnphost.dll
17:23:32.0184 0480 upnphost - ok
17:23:32.0215 0480 USBAAPL (eafe1e00739afe6c51487a050e772e17) C:\Windows\system32\Drivers\usbaapl.sys
17:23:32.0231 0480 USBAAPL - ok
17:23:32.0246 0480 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
17:23:32.0278 0480 usbccgp - ok
17:23:32.0293 0480 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
17:23:32.0324 0480 usbcir - ok
17:23:32.0340 0480 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
17:23:32.0356 0480 usbehci - ok
17:23:32.0371 0480 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
17:23:32.0402 0480 usbhub - ok
17:23:32.0402 0480 usbohci (ce697fee0d479290d89bec80dfe793b7) C:\Windows\system32\DRIVERS\usbohci.sys
17:23:32.0434 0480 usbohci - ok
17:23:32.0449 0480 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
17:23:32.0465 0480 usbprint - ok
17:23:32.0512 0480 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys
17:23:32.0543 0480 usbscan - ok
17:23:32.0543 0480 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
17:23:32.0574 0480 USBSTOR - ok
17:23:32.0590 0480 usbuhci (325dbbacb8a36af9988ccf40eac228cc) C:\Windows\system32\DRIVERS\usbuhci.sys
17:23:32.0621 0480 usbuhci - ok
17:23:32.0636 0480 UxSms (1509e705f3ac1d474c92454a5c2dd81f) C:\Windows\System32\uxsms.dll
17:23:32.0652 0480 UxSms - ok
17:23:32.0683 0480 vds (cd88d1b7776dc17a119049742ec07eb4) C:\Windows\System32\vds.exe
17:23:32.0714 0480 vds - ok
17:23:32.0714 0480 vga (7d92be0028ecdedec74617009084b5ef) C:\Windows\system32\DRIVERS\vgapnp.sys
17:23:32.0761 0480 vga - ok
17:23:32.0777 0480 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
17:23:32.0808 0480 VgaSave - ok
17:23:32.0824 0480 viaagp (045d9961e591cf0674a920b6ba3ba5cb) C:\Windows\system32\drivers\viaagp.sys
17:23:32.0839 0480 viaagp - ok
17:23:32.0855 0480 ViaC7 (56a4de5f02f2e88182b0981119b4dd98) C:\Windows\system32\drivers\viac7.sys
17:23:32.0886 0480 ViaC7 - ok
17:23:32.0917 0480 viaide (7aa7ec9a08dc2c39649c413b1a26e298) C:\Windows\system32\drivers\viaide.sys
17:23:32.0917 0480 viaide - ok
17:23:32.0933 0480 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
17:23:32.0948 0480 volmgr - ok
17:23:32.0980 0480 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
17:23:32.0995 0480 volmgrx - ok
17:23:33.0011 0480 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
17:23:33.0026 0480 volsnap - ok
17:23:33.0058 0480 vsmraid (d984439746d42b30fc65a4c3546c6829) C:\Windows\system32\drivers\vsmraid.sys
17:23:33.0058 0480 vsmraid - ok
17:23:33.0104 0480 VSS (db3d19f850c6eb32bdcb9bc0836acddb) C:\Windows\system32\vssvc.exe
17:23:33.0245 0480 VSS - ok
17:23:33.0260 0480 W32Time (96ea68b9eb310a69c25ebb0282b2b9de) C:\Windows\system32\w32time.dll
17:23:33.0292 0480 W32Time - ok
17:23:33.0323 0480 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
17:23:33.0370 0480 WacomPen - ok
17:23:33.0385 0480 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
17:23:33.0401 0480 Wanarp - ok
17:23:33.0416 0480 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
17:23:33.0432 0480 Wanarpv6 - ok
17:23:33.0463 0480 wcncsvc (a3cd60fd826381b49f03832590e069af) C:\Windows\System32\wcncsvc.dll
17:23:33.0510 0480 wcncsvc - ok
17:23:33.0526 0480 WcsPlugInService (11bcb7afcdd7aadacb5746f544d3a9c7) C:\Windows\System32\WcsPlugInService.dll
17:23:33.0557 0480 WcsPlugInService - ok
17:23:33.0572 0480 Wd (afc5ad65b991c1e205cf25cfdbf7a6f4) C:\Windows\system32\drivers\wd.sys
17:23:33.0588 0480 Wd - ok
17:23:33.0619 0480 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
17:23:33.0635 0480 Wdf01000 - ok
17:23:33.0666 0480 WdiServiceHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
17:23:33.0697 0480 WdiServiceHost - ok
17:23:33.0697 0480 WdiSystemHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
17:23:33.0728 0480 WdiSystemHost - ok
17:23:33.0760 0480 WebClient (04c37d8107320312fbae09926103d5e2) C:\Windows\System32\webclnt.dll
17:23:33.0775 0480 WebClient - ok
17:23:33.0806 0480 Wecsvc (ae3736e7e8892241c23e4ebbb7453b60) C:\Windows\system32\wecsvc.dll
17:23:33.0838 0480 Wecsvc - ok
17:23:33.0853 0480 wercplsupport (670ff720071ed741206d69bd995ea453) C:\Windows\System32\wercplsupport.dll
17:23:33.0869 0480 wercplsupport - ok
17:23:33.0884 0480 WerSvc (32b88481d3b326da6deb07b1d03481e7) C:\Windows\System32\WerSvc.dll
17:23:33.0900 0480 WerSvc - ok
17:23:33.0962 0480 WinDefend (4575aa12561c5648483403541d0d7f2b) C:\Program Files\Windows Defender\mpsvc.dll
17:23:33.0978 0480 WinDefend - ok
17:23:33.0994 0480 WinHttpAutoProxySvc - ok
17:23:34.0025 0480 Winmgmt (6b2a1d0e80110e3d04e6863c6e62fd8a) C:\Windows\system32\wbem\WMIsvc.dll
17:23:34.0040 0480 Winmgmt - ok
17:23:34.0103 0480 WinRM (7cfe68bdc065e55aa5e8421607037511) C:\Windows\system32\WsmSvc.dll
17:23:34.0212 0480 WinRM - ok
17:23:34.0259 0480 Wlansvc (c008405e4feeb069e30da1d823910234) C:\Windows\System32\wlansvc.dll
17:23:34.0306 0480 Wlansvc - ok
17:23:34.0352 0480 WmiAcpi (701a9f884a294327e9141d73746ee279) C:\Windows\system32\drivers\wmiacpi.sys
17:23:34.0384 0480 WmiAcpi - ok
17:23:34.0430 0480 wmiApSrv (43be3875207dcb62a85c8c49970b66cc) C:\Windows\system32\wbem\WmiApSrv.exe
17:23:34.0446 0480 wmiApSrv - ok
17:23:34.0508 0480 WMPNetworkSvc (3978704576a121a9204f8cc49a301a9b) C:\Program Files\Windows Media Player\wmpnetwk.exe
17:23:34.0602 0480 WMPNetworkSvc - ok
17:23:34.0633 0480 WPCSvc (cfc5a04558f5070cee3e3a7809f3ff52) C:\Windows\System32\wpcsvc.dll
17:23:34.0649 0480 WPCSvc - ok
17:23:34.0680 0480 WPDBusEnum (801fbdb89d472b3c467eb112a0fc9246) C:\Windows\system32\wpdbusenum.dll
17:23:34.0711 0480 WPDBusEnum - ok
17:23:34.0758 0480 WpdUsb (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys
17:23:34.0758 0480 WpdUsb - ok
17:23:34.0836 0480 WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
17:23:34.0898 0480 WPFFontCache_v0400 - ok
17:23:34.0914 0480 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
17:23:34.0961 0480 ws2ifsl - ok
17:23:34.0976 0480 wscsvc (1ca6c40261ddc0425987980d0cd2aaab) C:\Windows\System32\wscsvc.dll
17:23:34.0992 0480 wscsvc - ok
17:23:35.0008 0480 WSearch - ok
17:23:35.0101 0480 wuauserv (fc3ec24fce372c89423e015a2ac1a31e) C:\Windows\system32\wuaueng.dll
17:23:35.0226 0480 wuauserv - ok
17:23:35.0335 0480 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
17:23:35.0366 0480 WUDFRd - ok
17:23:35.0382 0480 wudfsvc (575a4190d989f64732119e4114045a4f) C:\Windows\System32\WUDFSvc.dll
17:23:35.0413 0480 wudfsvc - ok
17:23:35.0444 0480 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
17:23:35.0663 0480 \Device\Harddisk0\DR0 - ok
17:23:35.0663 0480 Boot (0x1200) (24aba1c1a3680d1fa56ec03d1d1d056a) \Device\Harddisk0\DR0\Partition0
17:23:35.0663 0480 \Device\Harddisk0\DR0\Partition0 - ok
17:23:35.0678 0480 Boot (0x1200) (37a794c5986675432a812ac3e8741ba6) \Device\Harddisk0\DR0\Partition1
17:23:35.0678 0480 \Device\Harddisk0\DR0\Partition1 - ok
17:23:35.0710 0480 Boot (0x1200) (6944cf9dbb581b1170e41756b7cc2840) \Device\Harddisk0\DR0\Partition2
17:23:35.0710 0480 \Device\Harddisk0\DR0\Partition2 - ok
17:23:35.0710 0480 ============================================================
17:23:35.0710 0480 Scan finished
17:23:35.0710 0480 ============================================================
17:23:35.0725 5516 Detected object count: 0
17:23:35.0725 5516 Actual detected object count: 0
Andra Geändert von andra45 (14.07.2012 um 16:36 Uhr) |
|
14.07.2012, 17:32
| #32 | |
| /// Winkelfunktion /// TB-Süch-Tiger™   | GVU/ BKA Trojaner Dann bitte jetzt CF ausführen:
__________________ComboFix Ein Leitfaden und Tutorium zur Nutzung von ComboFix
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat! Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie Zitat:
__________________ |
|
14.07.2012, 18:52
| #33 |
| | GVU/ BKA Trojaner Hallo Arne,
__________________ich hatte leider ein paar Schwierigkeiten und musste ComboFix 2 x starten, ich hoffe das hat der Bereinigung und Auswertung nicht geschadet.Letztendlich ist das Programm komplett durchgelaufen und und kann das log posten : Combofix Logfile: Code:
ATTFilter ComboFix 12-07-14.01 - *** 14.07.2012 19:12:07.1.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.49.1031.18.2047.1114 [GMT 2:00]
ausgeführt von:: c:\users\***\Downloads\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {9765EA51-0D3C-7DFB-6091-10E4E1F341F6}
SP: Microsoft Security Essentials *Disabled/Updated* {2C040BB5-2B06-7275-5A21-2B969A740B4B}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\ipconfig.txt
c:\program files\xp-AntiSpy
c:\program files\xp-AntiSpy\Uninstall.exe
c:\program files\xp-AntiSpy\xp-AntiSpy.chm
c:\program files\xp-AntiSpy\xp-AntiSpy.exe
c:\program files\xp-AntiSpy\xp-AntiSpy.url
c:\windows\security\Database\tmp.edb
c:\windows\system32\rnaph.dll
.
.
((((((((((((((((((((((( Dateien erstellt von 2012-06-14 bis 2012-07-14 ))))))))))))))))))))))))))))))
.
.
2012-07-14 17:17 . 2012-07-14 17:17 -------- d-----w- c:\users\***\AppData\Local\temp
2012-07-14 17:17 . 2012-07-14 17:17 -------- d-----w- c:\users\***\AppData\Local\temp
2012-07-14 17:17 . 2012-07-14 17:17 -------- d-----w- c:\users\***\AppData\Local\temp
2012-07-14 17:17 . 2012-07-14 17:17 -------- d-----w- c:\users\***\AppData\Local\temp
2012-07-14 17:17 . 2012-07-14 17:17 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-07-14 15:42 . 2012-07-14 15:42 56200 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{4C7241CE-F0D9-4E1A-A813-3647E652FDA6}\offreg.dll
2012-07-14 15:42 . 2012-07-14 15:42 29904 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{4C7241CE-F0D9-4E1A-A813-3647E652FDA6}\MpKslef6aae71.sys
2012-07-14 15:26 . 2012-05-31 03:41 6762896 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{4C7241CE-F0D9-4E1A-A813-3647E652FDA6}\mpengine.dll
2012-07-14 06:27 . 2012-07-14 06:27 -------- d-----w- C:\_OTL
2012-07-13 10:10 . 2012-05-31 03:41 6762896 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-07-12 16:17 . 2012-07-12 16:17 -------- d-----w- c:\users\***\AppData\Local\Apple Computer
2012-07-12 16:14 . 2012-07-12 16:14 -------- d-----w- c:\users\***\AppData\Local\PDF24
2012-07-12 15:56 . 2012-07-12 15:56 -------- d-----w- c:\users\***\AppData\Roaming\Cornelsen
2012-07-11 19:55 . 2012-07-12 19:57 -------- d-----w- c:\users\Andrea & Ralf
2012-07-11 19:03 . 2012-07-11 19:03 -------- d-----w- c:\users\***\AppData\Roaming\Cornelsen
2012-07-11 18:40 . 2012-06-13 13:40 2047488 ----a-w- c:\windows\system32\win32k.sys
2012-07-11 03:40 . 2012-06-05 16:47 708608 ----a-w- c:\program files\Common Files\System\ado\msado15.dll
2012-07-11 03:40 . 2012-06-05 16:47 1401856 ----a-w- c:\windows\system32\msxml6.dll
2012-07-11 03:40 . 2012-06-05 16:47 1248768 ----a-w- c:\windows\system32\msxml3.dll
2012-07-11 03:40 . 2012-06-04 15:26 440704 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2012-07-11 03:40 . 2012-06-02 00:04 278528 ----a-w- c:\windows\system32\schannel.dll
2012-07-11 03:40 . 2012-06-02 00:03 204288 ----a-w- c:\windows\system32\ncrypt.dll
2012-07-09 23:55 . 2012-07-09 23:55 -------- d-----w- c:\users\***\AppData\Local\Apple Computer
2012-07-09 20:35 . 2012-07-09 20:35 -------- d-----w- c:\users\***\AppData\Roaming\Malwarebytes
2012-07-09 20:12 . 2012-07-09 20:12 -------- d-----w- c:\users\***\AppData\Local\Origin
2012-07-06 11:35 . 2012-07-09 20:12 -------- d-----w- c:\users\***\AppData\Roaming\Origin
2012-07-05 16:01 . 2012-07-05 16:01 -------- d-----w- c:\program files\ESET
2012-07-05 15:54 . 2012-07-05 15:54 -------- d-----w- c:\users\***\AppData\Local\Macromedia
2012-07-05 05:32 . 2012-07-05 05:32 -------- d-----w- c:\users\***\AppData\Local\Macromedia
2012-07-05 05:25 . 2012-07-11 18:37 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-07-04 16:19 . 2012-07-04 16:19 -------- d-----w- c:\users\***\AppData\Roaming\Malwarebytes
2012-07-04 16:19 . 2012-07-04 16:19 -------- d-----w- c:\programdata\Malwarebytes
2012-07-04 16:19 . 2012-07-12 19:20 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-07-04 16:19 . 2012-07-03 11:46 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-07-04 15:45 . 2012-02-10 09:15 713784 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{FCE8DCAE-D6EE-40A5-AE59-77DCBCAAE88E}\gapaengine.dll
2012-06-26 19:00 . 2012-06-26 19:00 -------- d--h--w- c:\programdata\CanonIJScan
2012-06-26 19:00 . 2012-06-26 19:00 -------- d-----w- c:\users\***\AppData\Roaming\Canon
2012-06-26 18:57 . 2012-06-26 18:57 -------- d-----w- c:\users\***\AppData\Local\PDF24
2012-06-26 18:56 . 2012-06-26 18:56 -------- d-----w- c:\program files\PDF24
2012-06-21 05:28 . 2012-06-02 22:19 53784 ----a-w- c:\windows\system32\wuauclt.exe
2012-06-21 05:28 . 2012-06-02 22:19 45080 ----a-w- c:\windows\system32\wups2.dll
2012-06-21 05:28 . 2012-06-02 22:12 2422272 ----a-w- c:\windows\system32\wucltux.dll
2012-06-21 05:28 . 2012-06-02 22:19 1933848 ----a-w- c:\windows\system32\wuaueng.dll
2012-06-21 05:27 . 2012-06-02 22:19 35864 ----a-w- c:\windows\system32\wups.dll
2012-06-21 05:27 . 2012-06-02 22:19 577048 ----a-w- c:\windows\system32\wuapi.dll
2012-06-21 05:27 . 2012-06-02 22:12 88576 ----a-w- c:\windows\system32\wudriver.dll
2012-06-21 05:27 . 2012-06-02 13:19 171904 ----a-w- c:\windows\system32\wuwebv.dll
2012-06-21 05:27 . 2012-06-02 13:12 33792 ----a-w- c:\windows\system32\wuapp.exe
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-07-11 18:37 . 2011-06-22 21:43 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-05-01 14:03 . 2012-06-13 07:44 180736 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-04-23 16:00 . 2012-06-13 07:44 984064 ----a-w- c:\windows\system32\crypt32.dll
2012-04-23 16:00 . 2012-06-13 07:44 98304 ----a-w- c:\windows\system32\cryptnet.dll
2012-04-23 16:00 . 2012-06-13 07:44 133120 ----a-w- c:\windows\system32\cryptsvc.dll
2012-06-18 06:48 . 2011-06-21 20:45 85472 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-10 1233920]
"Spiele Post"="c:\program files\OXXOGames\GPlayer\GameCenterNotifier.exe" [2011-10-13 479984]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-18 125952]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="RtHDVCpl.exe" [2007-09-03 4702208]
"Skytel"="Skytel.exe" [2007-08-03 1826816]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-02-26 153136]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-11-29 421888]
"WPCUMI"="c:\windows\system32\WpcUmi.exe" [2006-11-02 176128]
"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2009-07-27 1983816]
"CanonSolutionMenu"="c:\program files\Canon\SolutionMenu\CNSLMAIN.exe" [2009-03-18 767312]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-20 59240]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2012-03-27 421736]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-03-26 931200]
"PDFPrint"="c:\program files\PDF24\pdf24.exe" [2012-05-22 160872]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
phase-6 Reminder.lnk - c:\program files\phase-6\phase-6-basic\reminder\reminder.exe [2011-8-10 1032192]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [x]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - 44357529
*NewlyCreated* - MPKSLEF6AAE71
*Deregistered* - 44357529
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
Inhalt des "geplante Tasks" Ordners
.
2012-07-14 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-05 18:37]
.
.
------- Zusätzlicher Suchlauf -------
.
mStart Page = hxxp://www.netcologne.de
mWindow Title = Internet Explorer bereitgestellt von NetCologne
IE: Nach Microsoft &Excel exportieren - d:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
LSP: c:\windows\system32\wpclsp.dll
TCP: Interfaces\{28C92348-E16C-4AD9-8D7B-16CCAC2DCD76}: NameServer = 81.173.194.77 194.8.194.60
FF - ProfilePath - c:\users\***\AppData\Roaming\Mozilla\Firefox\Profiles\h8cb68qu.default\
FF - prefs.js: browser.startup.homepage - www.google.de
FF - prefs.js: network.proxy.type - 0
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
HKCU-Run-EA Core - c:\program files\Electronic Arts\EADM\Core.exe
AddRemove-7-Zip - c:\users\***\Pictures\Desktop\7-Zip\Uninstall.exe
AddRemove-xp-AntiSpy - c:\program files\xp-AntiSpy\Uninstall.exe
AddRemove-{09FF4DB8-7DE9-4D47-B7DB-915DB7D9A8CA} - c:\programdata\{83C3B2FD-37EA-4C06-A228-E9B5E32FF0B1}\bm_installer.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, hxxp://www.gmer.net
Rootkit scan 2012-07-14 19:17
Windows 6.0.6002 Service Pack 2 NTFS
.
Scanne versteckte Prozesse...
.
Scanne versteckte Autostarteinträge...
.
Scanne versteckte Dateien...
.
Scan erfolgreich abgeschlossen
versteckte Dateien: 0
.
**************************************************************************
.
Zeit der Fertigstellung: 2012-07-14 19:19:51
ComboFix-quarantined-files.txt 2012-07-14 17:19
.
Vor Suchlauf: 12 Verzeichnis(se), 124.644.696.064 Bytes frei
Nach Suchlauf: 15 Verzeichnis(se), 125.484.744.704 Bytes frei
.
- - End Of File - - FE095A6DAAA516226385257D98299AF0
Ich wünsche Dir ein schönes Wochenende und schon wieder vielen Dank bis hierher.... Gruss Andra |
|
14.07.2012, 22:02
| #34 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | GVU/ BKA Trojaner Bitte nun Logs mit GMER und OSAM erstellen und posten. GMER stürzt häufiger ab, wenn das Tool auch beim 2. Mal nicht will, lass es einfach weg und führ nur OSAM aus - die Online-Abfrage durch OSAM bitte überspringen. Bei OSAM bitte darauf auch achten, dass Du das Log auch als *.log und nicht *.html oder so abspeicherst. Hinweis: Zum Entpacken von OSAM bitte WinRAR oder 7zip verwenden! Stell auch unbedingt den Virenscanner ab, besonders der Scanner von McAfee meldet oft einen Fehalarm in OSAM! Downloade dir bitte  aswMBR.exe und speichere die Datei auf deinem Desktop.
Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none). Noch ein Hinweis: Sollte aswMBR abstürzen und es kommt eine Meldung wie "aswMBR.exe funktioniert nicht mehr, dann mach Folgendes: Starte aswMBR neu, wähle unten links im Drop-Down-Menü (unten links im Fenster von aswMBR) bei "AV scan" (none) aus und klick nochmal auf den Scan-Button.
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
15.07.2012, 05:30
| #35 |
| | GVU/ BKA Trojaner Hi Arne, ich hatte nach all den Erfahrungen fast vor bei meinen Bekannten auch in eine leichte Beratertätigkeit bzgl Virenbekämpfung einzusteigen. Nach dem Durchlauf dieser drei Tools lasse ich es aber eher doch. Hier also die 3 logs . GMER GMER Logfile: Code:
ATTFilter GMER 1.0.15.15641 - hxxp://www.gmer.net
Rootkit scan 2012-07-15 04:53:27
Windows 6.0.6002 Service Pack 2 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 WDC_WD10EALX-009BA0 rev.15.01H15
Running: 1d524gup.exe; Driver: C:\Users\***~1\AppData\Local\Temp\pfkoraoc.sys
---- Kernel code sections - GMER 1.0.15 ----
? C:\Windows\system32\Drivers\PROCEXP113.SYS Das System kann die angegebene Datei nicht finden. !
? C:\Users\***~1\AppData\Local\Temp\catchme.sys Das System kann die angegebene Datei nicht finden. !
---- User code sections - GMER 1.0.15 ----
.text C:\Program Files\Origin\Origin.exe[5968] kernel32.dll!CreateProcessW 75D11BF3 5 Bytes JMP 6AD207D0 C:\Program Files\Origin\igo32.dll (Origin IGO/Electronic Arts)
.text C:\Program Files\Origin\Origin.exe[5968] kernel32.dll!CreateProcessA 75D11C28 5 Bytes JMP 6AD20730 C:\Program Files\Origin\igo32.dll (Origin IGO/Electronic Arts)
.text C:\Program Files\Origin\Origin.exe[5968] USER32.dll!SetForegroundWindow 75DFB8A6 5 Bytes JMP 5D951440 C:\Program Files\Origin\OriginClient.dll (Origin/Electronic Arts)
.text C:\Program Files\Origin\Origin.exe[5968] USER32.dll!ShowWindow 75DFCA10 5 Bytes JMP 5D951510 C:\Program Files\Origin\OriginClient.dll (Origin/Electronic Arts)
.text C:\Program Files\Origin\Origin.exe[5968] USER32.dll!ShowWindowAsync 75E01FCE 5 Bytes JMP 5D9514C0 C:\Program Files\Origin\OriginClient.dll (Origin/Electronic Arts)
.text C:\Program Files\Origin\Origin.exe[5968] USER32.dll!SetWindowPos 75E035E3 5 Bytes JMP 5D951580 C:\Program Files\Origin\OriginClient.dll (Origin/Electronic Arts)
.text C:\Program Files\Origin\Origin.exe[5968] USER32.dll!SetFocus 75E03684 5 Bytes JMP 5D951560 C:\Program Files\Origin\OriginClient.dll (Origin/Electronic Arts)
.text C:\Program Files\Origin\Origin.exe[5968] USER32.dll!SetActiveWindow 75E04EF7 5 Bytes JMP 5D9515D0 C:\Program Files\Origin\OriginClient.dll (Origin/Electronic Arts)
.text C:\Program Files\Origin\Origin.exe[5968] USER32.dll!BringWindowToTop 75E1E3EA 5 Bytes JMP 5D951470 C:\Program Files\Origin\OriginClient.dll (Origin/Electronic Arts)
.text C:\Program Files\Origin\Origin.exe[5968] USER32.dll!SwitchToThisWindow 75E23362 5 Bytes JMP 5D9514A0 C:\Program Files\Origin\OriginClient.dll (Origin/Electronic Arts)
.text C:\Program Files\Origin\Origin.exe[5968] ADVAPI32.dll!CreateProcessAsUserA 7610CEB9 5 Bytes JMP 6AD20870 C:\Program Files\Origin\igo32.dll (Origin IGO/Electronic Arts)
.text C:\Program Files\Origin\Origin.exe[5968] ADVAPI32.dll!CreateProcessAsUserW 76121EE9 5 Bytes JMP 6AD20920 C:\Program Files\Origin\igo32.dll (Origin IGO/Electronic Arts)
.text C:\Program Files\Origin\Origin.exe[5968] SHELL32.dll!ShellExecuteW 763C9725 5 Bytes JMP 6AD20AE0 C:\Program Files\Origin\igo32.dll (Origin IGO/Electronic Arts)
.text C:\Program Files\Origin\Origin.exe[5968] SHELL32.dll!ShellExecuteExW 7641C15D 5 Bytes JMP 6AD20A20 C:\Program Files\Origin\igo32.dll (Origin IGO/Electronic Arts)
.text C:\Program Files\Origin\Origin.exe[5968] SHELL32.dll!ShellExecuteEx 765CA432 5 Bytes JMP 6AD209D0 C:\Program Files\Origin\igo32.dll (Origin IGO/Electronic Arts)
.text C:\Program Files\Origin\Origin.exe[5968] SHELL32.dll!ShellExecuteA 765CA4CD 5 Bytes JMP 6AD20A70 C:\Program Files\Origin\igo32.dll (Origin IGO/Electronic Arts)
---- EOF - GMER 1.0.15 ----
OSAM OSAM Logfile: Code:
ATTFilter Report of OSAM: Autorun Manager v5.0.11926.0 hxxp://www.online-solutions.ru/en/ Saved at 05:34:49 on 15.07.2012 OS: Windows Vista Home Premium Edition Service Pack 2 (Build 6002), 32-bit Default Browser: Mozilla Corporation Firefox 13.0.1 Scanner Settings [x] Rootkits detection (hidden registry) [x] Rootkits detection (hidden files) [x] Retrieve files information [x] Check Microsoft signatures Filters [ ] Trusted entries [ ] Empty entries [x] Hidden registry entries (rootkit activity) [x] Exclusively opened files [x] Not found files [x] Files without detailed information [x] Existing files [ ] Non-startable services [ ] Non-startable drivers [x] Active entries [x] Disabled entries [Common] -----( %SystemRoot%\Tasks )----- "Adobe Flash Player Updater.job" - "Adobe Systems Incorporated" - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [Control Panel Objects] -----( %SystemRoot%\system32 )----- "FlashPlayerCPLApp.cpl" - "Adobe Systems Incorporated" - C:\Windows\system32\FlashPlayerCPLApp.cpl -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Control Panel\Cpls )----- "Nero BurnRights" - "Nero AG" - C:\Program Files\Nero\Nero 7\Nero Toolkit\NeroBurnRights.cpl "QuickTime" - "Apple Inc." - C:\Program Files\QuickTime\QTSystem\QuickTime.cpl [Drivers] -----( HKLM\SYSTEM\CurrentControlSet\Services )----- "catchme" (catchme) - ? - C:\Users\***EU~1\AppData\Local\Temp\catchme.sys (File not found) "IP in IP Tunnel Driver" (IpInIp) - ? - C:\Windows\System32\DRIVERS\ipinip.sys (File not found) "IPX Traffic Filter Driver" (NwlnkFlt) - ? - C:\Windows\System32\DRIVERS\nwlnkflt.sys (File not found) "IPX Traffic Forwarder Driver" (NwlnkFwd) - ? - C:\Windows\System32\DRIVERS\nwlnkfwd.sys (File not found) "mbr" (mbr) - ? - C:\ComboFix\mbr.sys (Hidden registry entry, rootkit activity | File not found) "PDNMp50 NDIS Protocol Driver" (PDNMp50) - "Printing Communications Assoc., Inc. (PCAUSA)" - C:\Windows\system32\drivers\PDNMp50.sys "PDNSp50 NDIS Protocol Driver" (PDNSp50) - "Printing Communications Assoc., Inc. (PCAUSA)" - C:\Windows\system32\drivers\PDNSp50.sys "pfkoraoc" (pfkoraoc) - ? - C:\Users\***EU~1\AppData\Local\Temp\pfkoraoc.sys (Hidden registry entry, rootkit activity | File not found) [Explorer] -----( HKLM\Software\Classes\Folder\shellex\ColumnHandlers )----- {F9DB5320-233E-11D1-9F84-707F02C10627} "PDF Shell Extension" - "Adobe Systems, Inc." - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll -----( HKLM\Software\Classes\Protocols\Filter )----- {807553E5-5146-11D5-A672-00B0D022E945} "text/xml" - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL -----( HKLM\Software\Classes\Protocols\Handler )----- {32505114-5902-49B2-880A-1F7738E5A384} "Data Page Plugable Protocal mso-offdap11 Handler" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL {3D9F03FA-7A94-11D3-BE81-0050048385D1} "Data Page Pluggable Protocol mso-offdap Handler" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\10\OWC10.DLL {0A9007C0-4076-11D3-8789-0000F8105754} "Microsoft Infotech Storage Protocol for IE 4.0" - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )----- {911051fa-c21c-4246-b470-070cd8df6dc4} ".cab or .zip files" - ? - (File not found | COM-object registry key not found) {23170F69-40C1-278A-1000-000100020000} "7-Zip Shell Extension" - ? - C:\Users\***EUTZBERG\Pictures\Desktop\7-Zip\7-zip.dll (File not found) {1b24a030-9b20-49bc-97ac-1be4426f9e59} "ActiveDirectory Folder" - ? - (File not found | COM-object registry key not found) {34449847-FD14-4fc8-A75A-7432F5181EFB} "ActiveDirectory Folder" - ? - (File not found | COM-object registry key not found) {0F8604A5-4ECE-4DE1-BA7D-CF10F8AA4F48} "Contacts folder" - ? - (File not found | COM-object registry key not found) {A70C977A-BF00-412C-90B7-034C51DA2439} "DesktopContext Class" - "NVIDIA Corporation" - C:\Program Files\NVIDIA Corporation\Display\nvui.dll {09A47860-11B0-4DA5-AFA5-26D86198A780} "EPP" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\shellext.dll {2C2577C2-63A7-40e3-9B7F-586602617ECB} "Explorer Query Band" - ? - (File not found | COM-object registry key not found) {FAC3CBF6-8697-43d0-BAB9-DCD1FCE19D75} "IE User Assist" - ? - (File not found | COM-object registry key not found) {B9E1D2CB-CCFF-4AA6-9579-D7A4754030EF} "iTunes" - "Apple Inc." - C:\Program Files\iTunes\iTunesMiniPlayer.dll {42042206-2D85-11D3-8CFF-005004838597} "Microsoft Office HTML Icon Handler" - "Microsoft Corporation" - D:\Program Files\Microsoft Office\OFFICE11\msohev.dll {993BE281-6695-4BA5-8A2A-7AACBFAAB69E} "Microsoft Office Metadata Handler" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll {00020d75-0000-0000-c000-000000000046} "Microsoft Office Outlook" - "Microsoft Corporation" - D:\PROGRA~1\MICROS~2\OFFICE11\MLSHEXT.DLL {C41662BB-1FA0-4CE0-8DC5-9B7F8279FF97} "Microsoft Office Thumbnail Handler" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} "NVIDIA CPL Context Menu Extension" - "NVIDIA Corporation" - C:\Windows\system32\nvshext.dll {0006F045-0000-0000-C000-000000000046} "Outlook-Dateisymbolerweiterung" - "Microsoft Corporation" - D:\PROGRA~1\MICROS~2\OFFICE11\OLKFSTUB.DLL {C8494E42-ACDD-4739-B0FB-217361E4894F} "Sam Account Folder" - ? - (File not found | COM-object registry key not found) {E29F9716-5C08-4FCD-955A-119FDB5A522D} "Sam Account Folder" - ? - (File not found | COM-object registry key not found) {BDEADF00-C265-11D0-BCED-00A0C90AB50F} "Webordner" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\WEBFOL~1\MSONSEXT.DLL {da67b8ad-e81b-4c70-9b91b417b5e33527} "Windows Search Shell Service" - ? - (File not found | COM-object registry key not found) [Internet Explorer] -----( HKCU\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars )----- {21347690-EC41-4F9A-8887-1F4AEE672439} "Canon Easy-WebPrint EX" - "CANON INC." - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll -----( HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units )----- {8AD9C840-044E-11D1-B3E9-00805F499D93} "Java Plug-in 1.6.0_31" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} "Java Plug-in 1.6.0_31" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} "Java Plug-in 1.6.0_31" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\npjpi160_31.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab {7530BFB8-7293-4D34-9923-61A11451AFC5} "OnlineScanner Control" - "ESET" - C:\PROGRA~1\ESET\ESETON~1\ONLINE~1.OCX / hxxp://download.eset.com/special/eos/OnlineScanner.cab -----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions )----- {FF059E31-CC5A-4E2E-BF3B-96E929D65503} "Recherchieren" - "Microsoft Corporation" - D:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL -----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar )----- {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} "Canon Easy-WebPrint EX" - "CANON INC." - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects )----- {18DF081C-E8AD-4283-A596-FA578C2EBDC3} "Adobe PDF Link Helper" - "Adobe Systems Incorporated" - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} "Canon Easy-WebPrint EX BHO" - "CANON INC." - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll {DBC80044-A445-435b-BC74-9C25C1C588A9} "Java(tm) Plug-In 2 SSV Helper" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2ssv.dll {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} "Java(tm) Plug-In SSV Helper" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\ssv.dll [Logon] -----( %APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup )----- "desktop.ini" - ? - C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini -----( %AllUsersProfile%\Microsoft\Windows\Start Menu\Programs\Startup )----- "desktop.ini" - ? - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini "phase-6 Reminder.lnk" - "phase-6" - C:\Program Files\phase-6\phase-6-basic\reminder\reminder.exe (Shortcut exists | File exists) -----( HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run )----- "Spiele Post" - "Intenium" - C:\Program Files\OXXOGames\GPlayer\GameCenterNotifier.exe -----( HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server\Wds\rdpwd )----- "StartupPrograms" - ? - rdpclip (File not found) -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Run )----- "Adobe ARM" - "Adobe Systems Incorporated" - "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "APSDaemon" - "Apple Inc." - "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" "CanonMyPrinter" - "CANON INC." - C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon "CanonSolutionMenu" - "CANON INC." - C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon "iTunesHelper" - "Apple Inc." - "C:\Program Files\iTunes\iTunesHelper.exe" "MSC" - "Microsoft Corporation" - "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey "NeroFilterCheck" - "Nero AG" - C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe "PDFPrint" - "Geek Software GmbH" - C:\Program Files\PDF24\pdf24.exe "QuickTime Task" - "Apple Inc." - "C:\Program Files\QuickTime\QTTask.exe" -atboottime "SunJavaUpdateSched" - "Sun Microsystems, Inc." - "C:\Program Files\Common Files\Java\Java Update\jusched.exe" [Print Monitors] -----( HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors )----- "Microsoft Document Imaging Writer Monitor" - "Microsoft Corporation" - C:\Windows\system32\mdimon.dll [Services] -----( HKLM\SYSTEM\CurrentControlSet\Services )----- "@C:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243" (NisSrv) - "Microsoft Corporation" - C:\Program Files\Microsoft Security Client\NisSrv.exe "@C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100" (WPFFontCache_v0400) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe "Adobe Acrobat Update Service" (AdobeARMservice) - "Adobe Systems Incorporated" - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe "Adobe Flash Player Update Service" (AdobeFlashPlayerUpdateSvc) - "Adobe Systems Incorporated" - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe "Apple Mobile Device" (Apple Mobile Device) - "Apple Inc." - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe "Aventail VPN Client" (NgVpnMgr) - "Aventail Corporation" - C:\Windows\system32\ngvpnmgr.exe "Dienst "Bonjour"" (Bonjour Service) - "Apple Inc." - C:\Program Files\Bonjour\mDNSResponder.exe "iPod-Dienst" (iPod Service) - "Apple Inc." - C:\Program Files\iPod\bin\iPodService.exe "Microsoft .NET Framework NGEN v4.0.30319_X86" (clr_optimization_v4.0.30319_32) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe "Microsoft Antimalware Service" (MsMpSvc) - "Microsoft Corporation" - C:\Program Files\Microsoft Security Client\MsMpEng.exe "Mozilla Maintenance Service" (MozillaMaintenance) - "Mozilla Foundation" - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe "NMIndexingService" (NMIndexingService) - "Nero AG" - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe "NVIDIA Driver Helper Service" (NVSvc) - "NVIDIA Corporation" - C:\Windows\system32\nvvsvc.exe "Office Source Engine" (ose) - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [Winsock Providers] -----( HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries )----- "mdnsNSP" - "Apple Inc." - C:\Program Files\Bonjour\mdnsNSP.dll ===[ Logfile end ]=========================================[ Logfile end ]=== If You have questions or want to get some help, You can visit hxxp://forum.online-solutions.ru [/code] aswMBR Code:
ATTFilter aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-07-15 05:49:02
-----------------------------
05:49:02.478 OS Version: Windows 6.0.6002 Service Pack 2
05:49:02.478 Number of processors: 2 586 0x4303
05:49:02.478 ComputerName: ***-PC UserName: ***
05:49:03.227 Initialize success
05:53:26.594 AVAST engine defs: 12071402
05:56:27.195 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
05:56:27.195 Disk 0 Vendor: WDC_WD10EALX-009BA0 15.01H15 Size: 953869MB BusType: 3
05:56:27.304 Disk 0 MBR read successfully
05:56:27.304 Disk 0 MBR scan
05:56:27.304 Disk 0 Windows VISTA default MBR code
05:56:27.351 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 200000 MB offset 2048
05:56:27.398 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 300000 MB offset 409602048
05:56:27.445 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 453867 MB offset 1024002048
05:56:27.492 Disk 0 scanning sectors +1953521664
05:56:27.772 Disk 0 scanning C:\Windows\system32\drivers
05:57:15.196 Service scanning
05:57:28.098 Modules scanning
05:58:27.237 Disk 0 trace - called modules:
05:58:27.268 ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll ataport.SYS pciide.sys PCIIDEX.SYS atapi.sys
05:58:27.284 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x84999ac8]
05:58:27.284 3 CLASSPNP.SYS[87da38b3] -> nt!IofCallDriver -> [0x848eb918]
05:58:27.284 5 acpi.sys[806176bc] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0x848d35e0]
05:58:27.736 AVAST engine scan C:\Windows
05:58:55.832 AVAST engine scan C:\Windows\system32
06:03:55.353 AVAST engine scan C:\Windows\system32\drivers
06:04:15.118 AVAST engine scan C:\Users\***
06:09:49.424 AVAST engine scan C:\ProgramData
06:13:33.674 Scan finished successfully
06:13:57.995 Disk 0 MBR has been saved successfully to "C:\Users\***\Pictures\Desktop\MBR.dat"
06:13:57.995 The log file has been saved successfully to "C:\Users\***\Pictures\Desktop\aswMBR.txt"
Danke und Gruss Andra |
|
15.07.2012, 16:39
| #36 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | GVU/ BKA Trojaner Sieht ok aus. Wir sollten fast durch sein. Mach bitte zur Kontrolle Vollscans mit Malwarebytes und SUPERAntiSpyware und poste die Logs. Denk dran beide Tools zu updaten vor dem Scan!!
__________________ --> GVU/ BKA Trojaner |
|
16.07.2012, 21:39
| #37 |
| | GVU/ BKA Trojaner Hi Arne, ich habe die beiden Suchläufe durchgeführt, bei dem Super Anti Spyware war wieder etwas dabei. In der Anleitung stand nichts weiteres, ich habe die removed und in Quarantäne gestellt. Dazu habe ich eine weitere Frage sind die gefundenen in Anti Malware als auch in meinem Security Essential unter Quarantäne noch endgültig zu löschen oder was passiert damit ? Hier die logs Code:
ATTFilter Malwarebytes Anti-Malware 1.62.0.1300 www.malwarebytes.org Datenbank Version: v2012.07.16.10 Windows Vista Service Pack 2 x86 NTFS Internet Explorer 9.0.8112.16421 *** :: ***-PC [Administrator] 16.07.2012 20:35:17 mbam-log-2012-07-16 (20-35-17).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|E:\|K:\|) Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 400443 Laufzeit: 34 Minute(n), 55 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) Code:
ATTFilter SUPERAntiSpyware Scan Log
hxxp://www.superantispyware.com
Generated 07/16/2012 at 10:07 PM
Application Version : 5.5.1006
Core Rules Database Version : 8907
Trace Rules Database Version: 6719
Scan type : Complete Scan
Total Scan Time : 00:25:35
Operating System Information
Windows Vista Home Premium 32-bit, Service Pack 2 (Build 6.00.6002)
UAC On - Limited User (Administrator User)
Memory items scanned : 629
Memory threats detected : 0
Registry items scanned : 34364
Registry threats detected : 0
File items scanned : 35565
File threats detected : 488
Adware.Tracking Cookie
C:\Users\***\AppData\Roaming\Microsoft\Windows\Cookies\54EIECWZ.txt [ /adfarm1.adition.com ]
C:\Users\***\AppData\Roaming\Microsoft\Windows\Cookies\C1XSGL9T.txt [ /atdmt.com ]
C:\Users\***\AppData\Roaming\Microsoft\Windows\Cookies\FDTEIRFI.txt [ /content.yieldmanager.com ]
C:\Users\***\AppData\Roaming\Microsoft\Windows\Cookies\EBSEVF87.txt [ /doubleclick.net ]
C:\Users\***\AppData\Roaming\Microsoft\Windows\Cookies\4DM83JTY.txt [ /media.gan-online.com ]
C:\Users\***\AppData\Roaming\Microsoft\Windows\Cookies\FDXE8GYH.txt [ /ad.yieldmanager.com ]
C:\Users\***\AppData\Roaming\Microsoft\Windows\Cookies\KE73VKTO.txt [ /fl01.ct2.comclick.com ]
C:\Users\***\AppData\Roaming\Microsoft\Windows\Cookies\WLXU91NV.txt [ /zanox.com ]
C:\Users\***\AppData\Roaming\Microsoft\Windows\Cookies\ED8A2X3F.txt [ /ads.creative-serving.com ]
C:\Users\***\AppData\Roaming\Microsoft\Windows\Cookies\9KC9IX40.txt [ /c.atdmt.com ]
C:\Users\***\AppData\Roaming\Microsoft\Windows\Cookies\6GIOY95Z.txt [ /apmebf.com ]
C:\Users\***\AppData\Roaming\Microsoft\Windows\Cookies\FDJAHLXX.txt [ /specificclick.net ]
C:\Users\***\AppData\Roaming\Microsoft\Windows\Cookies\J5LRJN0L.txt [ /content.yieldmanager.com ]
C:\USERS\***\AppData\Roaming\Microsoft\Windows\Cookies\7I1JWJEP.txt [ Cookie:***@c.atdmt.com/ ]
C:\USERS\***\AppData\Roaming\Microsoft\Windows\Cookies\7OB1613T.txt [ Cookie:***@atdmt.com/ ]
C:\USERS\***\AppData\Roaming\Microsoft\Windows\Cookies\Low\UIEQ90C7.txt [ Cookie:***@2o7.net/ ]
C:\USERS\***\AppData\Roaming\Microsoft\Windows\Cookies\Low\AVC04JYV.txt [ Cookie:***@statse.webtrendslive.com/ ]
C:\USERS\***\AppData\Roaming\Microsoft\Windows\Cookies\Low\57H50I2C.txt [ Cookie:***@ad.yieldmanager.com/ ]
C:\USERS\***\AppData\Roaming\Microsoft\Windows\Cookies\Low\3MJE5SVI.txt [ Cookie:***@apmebf.com/ ]
C:\USERS\***\AppData\Roaming\Microsoft\Windows\Cookies\Low\8F9H3APC.txt [ Cookie:***@mediaplex.com/ ]
C:\USERS\***\AppData\Roaming\Microsoft\Windows\Cookies\Low\Z2TBDR3N.txt [ Cookie:***@bs.serving-sys.com/ ]
C:\USERS\***\AppData\Roaming\Microsoft\Windows\Cookies\Low\ULMERS4A.txt [ Cookie:***@adfarm1.adition.com/ ]
C:\USERS\***\AppData\Roaming\Microsoft\Windows\Cookies\Low\KAKEDJO5.txt [ Cookie:***@c.atdmt.com/ ]
C:\USERS\***\AppData\Roaming\Microsoft\Windows\Cookies\Low\8V4N2SZR.txt [ Cookie:***@fl01.ct2.comclick.com/ ]
C:\USERS\***\AppData\Roaming\Microsoft\Windows\Cookies\Low\J1J991FQ.txt [ Cookie:***@atdmt.com/ ]
C:\USERS\***\Cookies\7I1JWJEP.txt [ Cookie:***@c.atdmt.com/ ]
C:\USERS\***\Cookies\7OB1613T.txt [ Cookie:***@atdmt.com/ ]
C:\USERS\***\AppData\Roaming\Microsoft\Windows\Cookies\Low\***@adx.chip[1].txt [ Cookie:***@adx.chip.de/ ]
C:\USERS\***\AppData\Roaming\Microsoft\Windows\Cookies\Low\5D857H8X.txt [ Cookie:***@adfarm1.adition.com/ ]
C:\USERS\***\AppData\Roaming\Microsoft\Windows\Cookies\Low\***@adform[1].txt [ Cookie:***@adform.net/ ]
C:\USERS\***\AppData\Roaming\Microsoft\Windows\Cookies\Low\FSZ4ZO90.txt [ Cookie:***@atdmt.com/ ]
C:\USERS\***\AppData\Roaming\Microsoft\Windows\Cookies\Low\***@invitemedia[2].txt [ Cookie:***@invitemedia.com/ ]
C:\USERS\***\AppData\Roaming\Microsoft\Windows\Cookies\Low\***@tracking.quisma[1].txt [ Cookie:***@tracking.quisma.com/ ]
C:\USERS\***\AppData\Roaming\Microsoft\Windows\Cookies\Low\***@ad2.adfarm1.adition[1].txt [ Cookie:***@ad2.adfarm1.adition.com/ ]
C:\USERS\***\AppData\Roaming\Microsoft\Windows\Cookies\Low\QHSOB4A2.txt [ Cookie:***@fl01.ct2.comclick.com/ ]
C:\USERS\***\AppData\Roaming\Microsoft\Windows\Cookies\Low\***@track.adform[2].txt [ Cookie:***@track.adform.net/ ]
C:\USERS\***\AppData\Roaming\Microsoft\Windows\Cookies\Low\***@imrworldwide[2].txt [ Cookie:***@imrworldwide.com/cgi-bin ]
C:\USERS\***\AppData\Roaming\Microsoft\Windows\Cookies\Low\***@mediaplex[2].txt [ Cookie:***@mediaplex.com/ ]
C:\USERS\***\Cookies\54EIECWZ.txt [ Cookie:***@adfarm1.adition.com/ ]
C:\USERS\***\Cookies\C1XSGL9T.txt [ Cookie:***@atdmt.com/ ]
C:\USERS\***\Cookies\FDTEIRFI.txt [ Cookie:***@content.yieldmanager.com/ ]
C:\USERS\***\Cookies\4DM83JTY.txt [ Cookie:***@media.gan-online.com/ ]
C:\USERS\***\Cookies\KE73VKTO.txt [ Cookie:***@fl01.ct2.comclick.com/ ]
C:\USERS\***\Cookies\WLXU91NV.txt [ Cookie:***@zanox.com/ ]
C:\USERS\***\Cookies\9KC9IX40.txt [ Cookie:***@c.atdmt.com/ ]
C:\USERS\***\Cookies\J5LRJN0L.txt [ Cookie:***@content.yieldmanager.com/ak/ ]
C:\USERS\***\AppData\Roaming\Microsoft\Windows\Cookies\9MQL0CGA.txt [ Cookie:***@doubleclick.net/ ]
C:\USERS\***\AppData\Roaming\Microsoft\Windows\Cookies\YSZZ2OOJ.txt [ Cookie:***@serving-sys.com/ ]
C:\USERS\***\AppData\Roaming\Microsoft\Windows\Cookies\VHLDJ3WI.txt [ Cookie:***@c.atdmt.com/ ]
C:\USERS\***\AppData\Roaming\Microsoft\Windows\Cookies\Low\NG49OOON.txt [ Cookie:***@fl01.ct2.comclick.com/ ]
C:\USERS\***\AppData\Roaming\Microsoft\Windows\Cookies\Low\EXXOLEML.txt [ Cookie:***@apmebf.com/ ]
C:\USERS\***\AppData\Roaming\Microsoft\Windows\Cookies\Low\JMEDTA92.txt [ Cookie:***@doubleclick.net/ ]
C:\USERS\***\AppData\Roaming\Microsoft\Windows\Cookies\Low\0NJQMK4J.txt [ Cookie:***@serving-sys.com/ ]
C:\USERS\***\AppData\Roaming\Microsoft\Windows\Cookies\Low\YJM07SZW.txt [ Cookie:***@mediaplex.com/ ]
C:\USERS\***\AppData\Roaming\Microsoft\Windows\Cookies\Low\881LP2FS.txt [ Cookie:***@ad.yieldmanager.com/ ]
C:\USERS\***\AppData\Roaming\Microsoft\Windows\Cookies\Low\H1XLXVI5.txt [ Cookie:***@c.atdmt.com/ ]
C:\USERS\***\AppData\Roaming\Microsoft\Windows\Cookies\Low\LE8BR3TB.txt [ Cookie:***@bs.serving-sys.com/ ]
C:\USERS\***\Cookies\9MQL0CGA.txt [ Cookie:***@doubleclick.net/ ]
C:\USERS\***\Cookies\YSZZ2OOJ.txt [ Cookie:***@serving-sys.com/ ]
C:\USERS\***\Cookies\VHLDJ3WI.txt [ Cookie:***@c.atdmt.com/ ]
.atdmt.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.imrworldwide.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.imrworldwide.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.mediaplex.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.statse.webtrendslive.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.im.banner.t-online.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.specificclick.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.a.revenuemax.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
eas.apm.emediate.eu [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.bizrate.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.xiti.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.adxpose.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.ru4.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
track.webtrekk.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.adbrite.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.eyewonder.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.eaeacom.112.2o7.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.guj.122.2o7.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.rewetouristik.112.2o7.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.tracking.quisma.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
tracking.quisma.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
www.zanox-affiliate.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.traffictrack.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.traffictrack.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.apmebf.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.mediaplex.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
fl01.ct2.comclick.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.overture.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.yieldmanager.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.server.cpmstar.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.loyaltypartner.122.2o7.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.liveperson.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
urbia.wwe-media.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
media.gan-online.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
media.gan-online.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
media.gan-online.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.doubleclick.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.amazon-adsystem.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.amazon-adsystem.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
ads.adxvalue.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
fl01.ct2.comclick.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
ad.piximedia.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
banner.holidaycheck.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.lfstmedia.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
weihnachtsmarkt-finder.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.ad.adnet.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.ru4.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.blau.122.2o7.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.liveperson.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.c.atdmt.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.overture.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
www.sexvideos-tube.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.ero-advertising.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
delivery.trafficbroker.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.estat.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.sexyspiele.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.porno-games.eu [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
www.happysexgames.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
mysexgames.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.mysexgames.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.sexyfuckgames.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.sexgames.cc [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.ipcmedia.122.2o7.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.e-sexspiele.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
fl01.ct2.comclick.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
zbox.zanox.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.zedo.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.zedo.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.ad-emea.doubleclick.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.ikea.122.2o7.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.dealtime.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.tracking.comeone.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
banner.lv.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
data.coremetrics.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.adult-sex-games.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.adult-sex-games.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.liveperson.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.roiservice.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.adxvalue.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.adxvalue.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.de.sexgamesbox.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.de.sexgamesbox.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.de.sexgamesbox.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
accounts.google.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
tracking.quisma.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
tracking.quisma.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.mmotraffic.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.mmotraffic.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
tracking.quisma.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
ads.falkemedia.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
ads.falkemedia.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
www.bannerreport.org [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
webcount.feratel.at [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
adserver2.clipkit.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
adserv.kwick.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
adserv.kwick.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.ad.adnet.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
eas4.emediate.eu [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
clicks.pangora.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
clicks.pangora.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.droetker.122.2o7.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.overture.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
tracking.quisma.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.rionordgmbh.122.2o7.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.legolas-media.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.legolas-media.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.legolas-media.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.urbia.wwe-media.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.urbia.wwe-media.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.apmebf.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.adxvalue.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.adxvalue.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.advertising.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.blogads.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.deutschepostag.112.2o7.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
stat.dealtime.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.bs.serving-sys.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.nextag.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.nextag.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.nextag.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.nextag.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.conrad.122.2o7.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
teufel-media.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
track.effiliation.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
fl01.ct2.comclick.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.liveperson.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.ads20.wwe-media.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
tracking.quisma.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
tracking.sim-technik.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.mm.chitika.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
tracking.quisma.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.yadro.ru [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
ad.adserver01.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.eyewonder.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
studivz.adfarm1.adition.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
studivz.adfarm1.adition.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.komtrack.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.komtrack.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.hightraffic.hugoboss.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
eas.apm.emediate.eu [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
tracking.klicktel.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
eas.apm.emediate.eu [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.liveperson.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.112.2o7.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.histats.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.histats.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
delivery.atkmedia.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
track.adform.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
delivery.way2traffic.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
adserver.ep-solutions.org [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.cmpmedica.112.2o7.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
eas.apm.emediate.eu [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
server.adform.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.unister-adservices.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.ad.adnet.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.philips.112.2o7.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
track.effiliation.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.liveperson.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.dmtracker.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.at.atwola.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.interclick.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.interclick.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.pro-market.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.pro-market.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.pro-market.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.pro-market.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.tomsshoes.122.2o7.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.adbrite.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
ad.zanox.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.entrepreneure.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.entrepreneure.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.trackmyrace.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.trackmyrace.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.aim4media.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
partners.webmasterplan.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.eventdiscount24.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.eventdiscount24.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.eventdiscount24.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.tracking.quisma.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
server.adformdsp.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.adformdsp.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.adform.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
eas.apm.emediate.eu [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.googleads.g.doubleclick.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.im.banner.t-online.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
server.adform.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.ads20.wwe-media.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.apmebf.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.aim4media.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
ad.adition.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
ad.adition.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.doubleclick.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.im.banner.t-online.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
www.zanox-affiliate.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.tracking.hermesworld.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.tracking.hermesworld.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.bs.serving-sys.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
adfarm1.adition.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.quartermedia.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.adviva.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.statcounter.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
track.adform.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.adform.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.tracking.quisma.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
ad.dyntracker.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.unitymedia.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.unitymedia.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.tracking.quisma.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.clickfuse.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.tracking.quisma.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.questionmarket.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.questionmarket.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
ad4.adfarm1.adition.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
ad2.adfarm1.adition.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.zanox-affiliate.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
tomtailor.dyntracker.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.im.banner.t-online.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.advertising.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.advertising.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
ad1.adfarm1.adition.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.im.banner.t-online.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.fastclick.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
adx.chip.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
adx.chip.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
adx.chip.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.mediaplex.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.eset.122.2o7.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.tracking.quisma.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.ad.adnet.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.tracking.quisma.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
ad.zanox.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.traffictrack.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.tribalfusion.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
statse.webtrendslive.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
eas.apm.emediate.eu [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
ww251.smartadserver.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.zanox.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
ad3.adfarm1.adition.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.atdmt.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.c.atdmt.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.c.atdmt.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.kontera.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.doubleclick.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H8CB68QU.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7JZZ9MLD.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7JZZ9MLD.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7JZZ9MLD.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7JZZ9MLD.DEFAULT\COOKIES.SQLITE ]
.adxvalue.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7JZZ9MLD.DEFAULT\COOKIES.SQLITE ]
.tracking.quisma.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7JZZ9MLD.DEFAULT\COOKIES.SQLITE ]
.eyewonder.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7JZZ9MLD.DEFAULT\COOKIES.SQLITE ]
.eyewonder.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7JZZ9MLD.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7JZZ9MLD.DEFAULT\COOKIES.SQLITE ]
.specificclick.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7JZZ9MLD.DEFAULT\COOKIES.SQLITE ]
media.gan-online.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7JZZ9MLD.DEFAULT\COOKIES.SQLITE ]
.atdmt.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7JZZ9MLD.DEFAULT\COOKIES.SQLITE ]
.atdmt.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7JZZ9MLD.DEFAULT\COOKIES.SQLITE ]
.xiti.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7JZZ9MLD.DEFAULT\COOKIES.SQLITE ]
.apmebf.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7JZZ9MLD.DEFAULT\COOKIES.SQLITE ]
.mediaplex.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7JZZ9MLD.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7JZZ9MLD.DEFAULT\COOKIES.SQLITE ]
.adviva.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7JZZ9MLD.DEFAULT\COOKIES.SQLITE ]
ad.zanox.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7JZZ9MLD.DEFAULT\COOKIES.SQLITE ]
.im.banner.t-online.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7JZZ9MLD.DEFAULT\COOKIES.SQLITE ]
.unitymedia.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7JZZ9MLD.DEFAULT\COOKIES.SQLITE ]
.unitymedia.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7JZZ9MLD.DEFAULT\COOKIES.SQLITE ]
.zanox.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7JZZ9MLD.DEFAULT\COOKIES.SQLITE ]
media.gan-online.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7JZZ9MLD.DEFAULT\COOKIES.SQLITE ]
media.gan-online.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7JZZ9MLD.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7JZZ9MLD.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7JZZ9MLD.DEFAULT\COOKIES.SQLITE ]
.apmebf.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7JZZ9MLD.DEFAULT\COOKIES.SQLITE ]
.fastclick.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7JZZ9MLD.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7JZZ9MLD.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7JZZ9MLD.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7JZZ9MLD.DEFAULT\COOKIES.SQLITE ]
.tracking.quisma.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7JZZ9MLD.DEFAULT\COOKIES.SQLITE ]
media.gan-online.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7JZZ9MLD.DEFAULT\COOKIES.SQLITE ]
media.gan-online.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7JZZ9MLD.DEFAULT\COOKIES.SQLITE ]
media.gan-online.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7JZZ9MLD.DEFAULT\COOKIES.SQLITE ]
media.gan-online.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7JZZ9MLD.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7JZZ9MLD.DEFAULT\COOKIES.SQLITE ]
ad2.adfarm1.adition.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7JZZ9MLD.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7JZZ9MLD.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7JZZ9MLD.DEFAULT\COOKIES.SQLITE ]
ad3.adfarm1.adition.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7JZZ9MLD.DEFAULT\COOKIES.SQLITE ]
.imrworldwide.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7JZZ9MLD.DEFAULT\COOKIES.SQLITE ]
.imrworldwide.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7JZZ9MLD.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7JZZ9MLD.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7JZZ9MLD.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7JZZ9MLD.DEFAULT\COOKIES.SQLITE ]
.mediaplex.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7JZZ9MLD.DEFAULT\COOKIES.SQLITE ]
media.gan-online.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7JZZ9MLD.DEFAULT\COOKIES.SQLITE ]
media.gan-online.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7JZZ9MLD.DEFAULT\COOKIES.SQLITE ]
media.gan-online.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7JZZ9MLD.DEFAULT\COOKIES.SQLITE ]
.doubleclick.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7JZZ9MLD.DEFAULT\COOKIES.SQLITE ]
.yieldmanager.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7JZZ9MLD.DEFAULT\COOKIES.SQLITE ]
.htc.122.2o7.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7JZZ9MLD.DEFAULT\COOKIES.SQLITE ]
.eyewonder.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7JZZ9MLD.DEFAULT\COOKIES.SQLITE ]
.eyewonder.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7JZZ9MLD.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7JZZ9MLD.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7JZZ9MLD.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7JZZ9MLD.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7JZZ9MLD.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7JZZ9MLD.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7JZZ9MLD.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7JZZ9MLD.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7JZZ9MLD.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7JZZ9MLD.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7JZZ9MLD.DEFAULT\COOKIES.SQLITE ]
.doubleclick.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7JZZ9MLD.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7JZZ9MLD.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7JZZ9MLD.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7JZZ9MLD.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7JZZ9MLD.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7JZZ9MLD.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7JZZ9MLD.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7JZZ9MLD.DEFAULT\COOKIES.SQLITE ]
Trojan.Agent/Gen-Bancos
C:\PROGRAM FILES\CORNELSEN\ENGLISH G 21 E-WORKBOOK A1\CTFPRINTER.DLL
Viele grüsse Andra |
|
17.07.2012, 11:13
| #38 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | GVU/ BKA Trojaner Sieht ok aus, da wurden nur Cookies gefunden und ein Fehlalarm war dabei Cookies sind keine Schädlinge direkt, aber es besteht die Gefahr der missbräuchlichen Verwendung (eindeutige Wiedererkennung zB für gezielte Werbung o.ä. => HTTP-Cookie ) Wegen Cookies und anderer Dinge im Web: Um die Pest von vornherein zu blocken (also TrackingCookies, Werbebanner etc.) müsstest du dir mal sowas wie MVPS Hosts File anschauen => Blocking Unwanted Parasites with a Hosts File - sinnvollerweise solltest du alle 4 Wochen mal bei MVPS nachsehen, ob er eine neue Hosts Datei herausgebracht hat. Ansonsten gibt es noch gute Cookiemanager, Erweiterungen für den Firefox zB wäre da CookieCuller http://filepony.de/download-cookie_culler/ Wenn du aber damit leben kannst, dich bei jeder Browsersession überall neu einzuloggen (zB Facebook, Ebay, GMX, oder auch Trojaner-Board) dann stell den Browser einfach so ein, dass einfach alles beim Beenden des Browser inkl. Cookies gelöscht wird. Ich halte es so, dass ich zum "wilden Surfen" den Opera-Browser oder Chromium unter meinem Linux verwende. Mein Hauptbrowser (Firefox) speichert nur die Cookies von den Sites die ich auch will, alles andere lehne ich manuell ab (der FF fragt mich immer) - die anderen Browser nehmen alles an Cookies zwar an, aber spätestens beim nächsten Start von Opera oder Chromium sind keine Cookies mehr da. Ist dein System nun wieder in Ordnung oder gibt's noch andere Funde oder Probleme? Zitat:
Überleg doch mal was eine Quarantäne ist!! Ob da die schädliche Datei drinbleibt oder nicht, das hat keine Auswirkungen. Schädlinge in der Quarantäne können nichts mehr anrichten, sie sind dort isoliert. Du solltest grundsätzlich mit der Quarantäne arbeiten, denn falls der Virenscanner durch einen Fehlalarm was wichtiges löscht, kannst Du notfalls noch über die Quarantäne an die Datei ran.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
17.07.2012, 11:50
| #39 |
| | GVU/ BKA Trojaner Hallo Arne, vielen Dank für all' Deine Hilfe, keine neuen Tools mehr, ich glaub ich bin also fertig. Ich habe mich in der Zwischenzeit bei Euren Anleitungen/FAQ's mal die generelle Anleitung von markusg " Maßnahmen zur Absicherung des Rechners" durchgelesen, da ist noch einiges für mich dabei.( Ich habe bereits mit dem separieren der Accounts angefangen ) In einem anderen Thread von Dir Start 13.06 zum gleichen GVU Thema hast Gustav86 noch ein paar Tipps bzgl. Secunia PSI und weiteren updates Windows etc gegeben. Auch davon nehme ich mir das ein oder andere mit. Ich kann mich nur wiederholen vielen Dank an Dich und Eurer gesamtes Team Ihr macht einen Top Job  , Eure Seite kann man nur empfehlen....Gruss und hoffentlich nicht so schnell wieder Andra |
|
17.07.2012, 15:29
| #40 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | GVU/ BKA Trojaner Dann wären wir durch!  Die Programme, die hier zum Einsatz kamen, können alle wieder runter. Mit Hilfe von OTL kannst du auch viele Tools entfernen: Starte bitte OTL und klicke auf Bereinigung. Dies wird die meisten Tools entfernen, die wir zur Bereinigung benötigt haben. Sollte etwas bestehen bleiben, bitte mit Rechtsklick --> Löschen entfernen. Malwarebytes zu behalten ist zu empfehlen. Kannst ja 1x im Monat damit einen Vollscan machen, aber immer vorher ans Update denken. Bitte abschließend die Updates prüfen, unten mein Leitfaden dazu. Um in Zukunft die Aktualität der installierten Programme besser im Überblick zu halten, kannst du zB Secunia PSI verwenden. Für noch mehr Sicherheit solltest Du nach der beseitigten Infektion auch möglichst alle Passwörter ändern. Microsoftupdate Windows XP: Besuch mit dem IE die MS-Updateseite und lass Dir alle wichtigen Updates installieren. Windows Vista/7: Anleitung Windows-Update PDF-Reader aktualisieren Ein veralteter AdobeReader stellt ein großes Sicherheitsrisiko dar. Du solltest daher besser alte Versionen vom AdobeReader über Systemsteuerung => Software bzw. Programme und Funktionen deinstallieren, indem Du dort auf "Adobe Reader x.0" klickst und das Programm entfernst. (falls du AdobeReader installiert hast) Ich empfehle einen alternativen PDF-Reader wie PDF Xchange Viewer, SumatraPDF oder Foxit PDF Reader, die sind sehr viel schlanker und flotter als der AdobeReader. Bitte überprüf bei der Gelegenheit auch die Aktualität des Flashplayers: Prüfen => http://www.adobe.com/software/flash/about/ Downloadlinks => Adobe Flash Player Distribution | Adobe Natürlich auch darauf achten, dass andere installierte Browser wie zB Firefox, Opera oder Chrome aktuell sind. Java-Update Veraltete Java-Installationen sind ein Sicherheitsrisiko, daher solltest Du die alten Versionen löschen (falls vorhanden, am besten mit JavaRa) und auf die neuste aktualisieren. Beende dazu alle Programme (v.a. die Browser), klick danach auf Start, Systemsteuerung, Software und deinstalliere darüber alle aufgelisteten Java-Versionen. Lad Dir danach von hier das aktuelle Java SE Runtime Environment (JRE) herunter und installiere es.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
| Themen zu GVU/ BKA Trojaner |
| anhang, anti, antimalware, antwort, anweisung, button, erhalte, gesperrt, gestern, heute, klicke, krieg, laufen, log, malware, problem, rechner, schonmal, schädling, seite, start, trojane, trojaner, unmöglich, variante, überhaupt |
Linear-Darstellung
