| |
| |||||||
Log-Analyse und Auswertung: Computer gesperrt, BundespolizeiWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
19.09.2012, 12:53
| #16 |
| /// Winkelfunktion /// TB-Süch-Tiger™   |  Computer gesperrt, Bundespolizei Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten Anleitung und Downloadlink hier => http://www.trojaner-board.de/82358-t...entfernen.html Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm! Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet, Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten. Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition ( meistens Laufwerk C: ) nach, da speichert der TDSS-Killer seine Logs. Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten! 
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
19.09.2012, 18:55
| #17 |
 | Computer gesperrt, Bundespolizei Hallo,
__________________hier das Ergebnis des TDSS-Killers: Code:
ATTFilter
19:31:47.0796 5212 TDSS rootkit removing tool 2.8.10.0 Sep 17 2012 19:23:24
19:31:48.0022 5212 ============================================================
19:31:48.0022 5212 Current date / time: 2012/09/19 19:31:48.0022
19:31:48.0022 5212 SystemInfo:
19:31:48.0022 5212
19:31:48.0022 5212 OS Version: 6.0.6001 ServicePack: 1.0
19:31:48.0022 5212 Product type: Workstation
19:31:48.0022 5212 ComputerName: SANDRA-PC
19:31:48.0023 5212 UserName: Sandra
19:31:48.0023 5212 Windows directory: C:\Windows
19:31:48.0023 5212 System windows directory: C:\Windows
19:31:48.0023 5212 Processor architecture: Intel x86
19:31:48.0023 5212 Number of processors: 2
19:31:48.0023 5212 Page size: 0x1000
19:31:48.0023 5212 Boot type: Normal boot
19:31:48.0023 5212 ============================================================
19:31:49.0269 5212 Drive \Device\Harddisk0\DR0 - Size: 0x2E93E36000 (186.31 Gb), SectorSize: 0x200, Cylinders: 0x5F01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
19:31:49.0271 5212 ============================================================
19:31:49.0272 5212 \Device\Harddisk0\DR0:
19:31:49.0272 5212 MBR partitions:
19:31:49.0272 5212 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1400800, BlocksNum 0xB09E800
19:31:49.0272 5212 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xC49F000, BlocksNum 0xAFFF800
19:31:49.0272 5212 ============================================================
19:31:49.0303 5212 C: <-> \Device\Harddisk0\DR0\Partition1
19:31:49.0351 5212 D: <-> \Device\Harddisk0\DR0\Partition2
19:31:49.0351 5212 ============================================================
19:31:49.0351 5212 Initialize success
19:31:49.0351 5212 ============================================================
19:32:17.0427 3216 ============================================================
19:32:17.0427 3216 Scan started
19:32:17.0427 3216 Mode: Manual; SigCheck; TDLFS;
19:32:17.0427 3216 ============================================================
19:32:18.0097 3216 ================ Scan system memory ========================
19:32:18.0098 3216 System memory - ok
19:32:18.0098 3216 ================ Scan services =============================
19:32:18.0302 3216 [ FCB8C7210F0135E24C6580F7F649C73C ] ACPI C:\Windows\system32\drivers\acpi.sys
19:32:18.0505 3216 ACPI - ok
19:32:18.0593 3216 [ 8B46D5A1D3EF08232C04D0EAFB871FB2 ] Adobe LM Service C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
19:32:18.0635 3216 Adobe LM Service ( UnsignedFile.Multi.Generic ) - warning
19:32:18.0635 3216 Adobe LM Service - detected UnsignedFile.Multi.Generic (1)
19:32:18.0732 3216 [ B2B64AF436FACCFA854DD397027C5360 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
19:32:18.0751 3216 AdobeFlashPlayerUpdateSvc - ok
19:32:18.0782 3216 [ 2EDC5BBAC6C651ECE337BDE8ED97C9FB ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
19:32:18.0810 3216 adp94xx - ok
19:32:18.0832 3216 [ B84088CA3CDCA97DA44A984C6CE1CCAD ] adpahci C:\Windows\system32\drivers\adpahci.sys
19:32:18.0852 3216 adpahci - ok
19:32:18.0870 3216 [ 7880C67BCCC27C86FD05AA2AFB5EA469 ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
19:32:18.0885 3216 adpu160m - ok
19:32:18.0904 3216 [ 9AE713F8E30EFC2ABCCD84904333DF4D ] adpu320 C:\Windows\system32\drivers\adpu320.sys
19:32:18.0920 3216 adpu320 - ok
19:32:18.0957 3216 [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
19:32:19.0062 3216 AeLookupSvc - ok
19:32:19.0145 3216 [ 48EB99503533C27AC6135648E5474457 ] AFD C:\Windows\system32\drivers\afd.sys
19:32:19.0207 3216 AFD - ok
19:32:19.0230 3216 [ 39E435C90C9C4F780FA0ED05CA3C3A1B ] AgereModemAudio C:\Windows\system32\agrsmsvc.exe
19:32:19.0294 3216 AgereModemAudio - ok
19:32:19.0374 3216 [ A19871AE65A769C65034B4DC44C29023 ] AgereSoftModem C:\Windows\system32\DRIVERS\AGRSM.sys
19:32:19.0497 3216 AgereSoftModem - ok
19:32:19.0532 3216 [ EF23439CDD587F64C2C1B8825CEAD7D8 ] agp440 C:\Windows\system32\drivers\agp440.sys
19:32:19.0548 3216 agp440 - ok
19:32:19.0560 3216 [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx C:\Windows\system32\drivers\djsvs.sys
19:32:19.0578 3216 aic78xx - ok
19:32:19.0616 3216 [ A1545B731579895D8CC44FC0481C1192 ] ALG C:\Windows\System32\alg.exe
19:32:19.0670 3216 ALG - ok
19:32:19.0695 3216 [ 90395B64600EBB4552E26E178C94B2E4 ] aliide C:\Windows\system32\drivers\aliide.sys
19:32:19.0709 3216 aliide - ok
19:32:19.0724 3216 [ 2B13E304C9DFDFA5EB582F6A149FA2C7 ] amdagp C:\Windows\system32\drivers\amdagp.sys
19:32:19.0738 3216 amdagp - ok
19:32:19.0756 3216 [ 0577DF1D323FE75A739C787893D300EA ] amdide C:\Windows\system32\drivers\amdide.sys
19:32:19.0769 3216 amdide - ok
19:32:19.0790 3216 [ DC487885BCEF9F28EECE6FAC0E5DDFC5 ] AmdK7 C:\Windows\system32\drivers\amdk7.sys
19:32:19.0968 3216 AmdK7 - ok
19:32:19.0984 3216 [ 0CA0071DA4315B00FC1328CA86B425DA ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
19:32:20.0073 3216 AmdK8 - ok
19:32:20.0107 3216 [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo C:\Windows\System32\appinfo.dll
19:32:20.0166 3216 Appinfo - ok
19:32:20.0286 3216 [ 3DEBBECF665DCDDE3A95D9B902010817 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
19:32:20.0301 3216 Apple Mobile Device - ok
19:32:20.0316 3216 [ 5F673180268BB1FDB69C99B6619FE379 ] arc C:\Windows\system32\drivers\arc.sys
19:32:20.0334 3216 arc - ok
19:32:20.0370 3216 [ 957F7540B5E7F602E44648C7DE5A1C05 ] arcsas C:\Windows\system32\drivers\arcsas.sys
19:32:20.0389 3216 arcsas - ok
19:32:20.0426 3216 [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
19:32:20.0505 3216 AsyncMac - ok
19:32:20.0560 3216 [ 2D9C903DC76A66813D350A562DE40ED9 ] atapi C:\Windows\system32\drivers\atapi.sys
19:32:20.0580 3216 atapi - ok
19:32:20.0636 3216 [ B0C272DEF210B149C0BFA0D85600CE4B ] athr C:\Windows\system32\DRIVERS\athr.sys
19:32:20.0750 3216 athr - ok
19:32:20.0805 3216 [ D045C4FC41EFA6CE74D85CAB4DA75C1F ] Ati External Event Utility C:\Windows\system32\Ati2evxx.exe
19:32:20.0869 3216 Ati External Event Utility - ok
19:32:20.0989 3216 [ 5439B251AF73E7EFAE4B8771D7116159 ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys
19:32:21.0168 3216 atikmdag - ok
19:32:21.0210 3216 [ 4AA1EB65481C392955939E735D27118B ] AtiPcie C:\Windows\system32\DRIVERS\AtiPcie.sys
19:32:21.0235 3216 AtiPcie - ok
19:32:21.0272 3216 [ 42076E29AAFA0830A2C5D4E310F58DD1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
19:32:21.0324 3216 AudioEndpointBuilder - ok
19:32:21.0350 3216 [ 42076E29AAFA0830A2C5D4E310F58DD1 ] Audiosrv C:\Windows\System32\Audiosrv.dll
19:32:21.0386 3216 Audiosrv - ok
19:32:21.0445 3216 [ 7C813EB232C7AEFA627A12A104DDA221 ] Automatic LiveUpdate Scheduler C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
19:32:21.0459 3216 Automatic LiveUpdate Scheduler - ok
19:32:21.0549 3216 [ F48FEB7DA35821DA15E0B006DCB9A169 ] BBSvc C:\Program Files\Microsoft\BingBar\7.1.391.0\BBSvc.exe
19:32:21.0571 3216 BBSvc - ok
19:32:21.0591 3216 [ 8E16F7A85441986FD2B9CE6C879524E4 ] BBUpdate C:\Program Files\Microsoft\BingBar\7.1.391.0\SeaPort.exe
19:32:21.0614 3216 BBUpdate - ok
19:32:21.0648 3216 [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep C:\Windows\system32\drivers\Beep.sys
19:32:21.0735 3216 Beep - ok
19:32:21.0783 3216 [ 8582E233C346AEFE759833E8A30DD697 ] BFE C:\Windows\System32\bfe.dll
19:32:21.0844 3216 BFE - ok
19:32:21.0907 3216 [ 02ED7B4DBC2A3232A389106DA7515C3D ] BITS C:\Windows\System32\qmgr.dll
19:32:21.0959 3216 BITS - ok
19:32:21.0966 3216 blbdrive - ok
19:32:22.0056 3216 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
19:32:22.0075 3216 Bonjour Service - ok
19:32:22.0129 3216 [ 8153396D5551276227FA146900F734E6 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
19:32:22.0182 3216 bowser - ok
19:32:22.0212 3216 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
19:32:22.0261 3216 BrFiltLo - ok
19:32:22.0281 3216 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
19:32:22.0341 3216 BrFiltUp - ok
19:32:22.0376 3216 [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser C:\Windows\System32\browser.dll
19:32:22.0441 3216 Browser - ok
19:32:22.0460 3216 [ B304E75CFF293029EDDF094246747113 ] Brserid C:\Windows\system32\drivers\brserid.sys
19:32:22.0570 3216 Brserid - ok
19:32:22.0590 3216 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
19:32:22.0667 3216 BrSerWdm - ok
19:32:22.0732 3216 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
19:32:22.0796 3216 BrUsbMdm - ok
19:32:22.0828 3216 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
19:32:22.0893 3216 BrUsbSer - ok
19:32:22.0915 3216 [ 064FBC56921051DE1075495D628B815F ] BthEnum C:\Windows\system32\DRIVERS\BthEnum.sys
19:32:22.0957 3216 BthEnum - ok
19:32:22.0974 3216 [ AD07C1EC6665B8B35741AB91200C6B68 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
19:32:23.0041 3216 BTHMODEM - ok
19:32:23.0069 3216 [ B8C3D9DDF85FD197C3E5F849FEF71144 ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
19:32:23.0156 3216 BthPan - ok
19:32:23.0177 3216 [ B24757D9154CCA035E1BBD3DB92966D7 ] BTHPORT C:\Windows\system32\Drivers\BTHport.sys
19:32:23.0211 3216 BTHPORT - ok
19:32:23.0247 3216 [ 58EE7F5E68310BC8D4E7CEBD8358C12E ] BthServ C:\Windows\System32\bthserv.dll
19:32:23.0304 3216 BthServ - ok
19:32:23.0325 3216 [ D42CF5F0C7635B3F1578810FE34D9E41 ] BTHUSB C:\Windows\system32\Drivers\BTHUSB.sys
19:32:23.0351 3216 BTHUSB - ok
19:32:23.0393 3216 [ 636F45A8500C1438CFA7DEE15FC5C184 ] btwaudio C:\Windows\system32\drivers\btwaudio.sys
19:32:23.0437 3216 btwaudio - ok
19:32:23.0454 3216 [ BF9256FF01B093A5D90BB7A35EC90410 ] btwavdt C:\Windows\system32\drivers\btwavdt.sys
19:32:23.0467 3216 btwavdt - ok
19:32:23.0500 3216 [ 0AB8C1AC177AFB27309E1072FAF34A37 ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys
19:32:23.0510 3216 btwrchid - ok
19:32:23.0568 3216 [ 2F237AAB91497AAA03AF48EAE68758FC ] ccEvtMgr C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
19:32:23.0580 3216 ccEvtMgr - ok
19:32:23.0587 3216 [ 2F237AAB91497AAA03AF48EAE68758FC ] ccSetMgr C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
19:32:23.0599 3216 ccSetMgr - ok
19:32:23.0642 3216 [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
19:32:23.0696 3216 cdfs - ok
19:32:23.0736 3216 [ 1EC25CEA0DE6AC4718BF89F9E1778B57 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
19:32:23.0770 3216 cdrom - ok
19:32:23.0800 3216 [ 87C2D0377B23E2D8A41093C2F5FB1A5B ] CertPropSvc C:\Windows\System32\certprop.dll
19:32:23.0850 3216 CertPropSvc - ok
19:32:23.0877 3216 [ DA8E0AFC7BAA226C538EF53AC2F90897 ] circlass C:\Windows\system32\drivers\circlass.sys
19:32:23.0962 3216 circlass - ok
19:32:24.0041 3216 [ 465745561C832B29F7C48B488AAB3842 ] CLFS C:\Windows\system32\CLFS.sys
19:32:24.0065 3216 CLFS - ok
19:32:24.0149 3216 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:32:24.0167 3216 clr_optimization_v2.0.50727_32 - ok
19:32:24.0220 3216 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:32:24.0239 3216 clr_optimization_v4.0.30319_32 - ok
19:32:24.0257 3216 [ 2F237AAB91497AAA03AF48EAE68758FC ] CLTNetCnService C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
19:32:24.0271 3216 CLTNetCnService - ok
19:32:24.0326 3216 [ 99AFC3795B58CC478FBBBCDC658FCB56 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
19:32:24.0380 3216 CmBatt - ok
19:32:24.0407 3216 [ 45201046C776FFDAF3FC8A0029C581C8 ] cmdide C:\Windows\system32\drivers\cmdide.sys
19:32:24.0423 3216 cmdide - ok
19:32:24.0484 3216 [ 6186B6B953BDC884F0F379B84B3E3A98 ] COH_Mon C:\Windows\system32\Drivers\COH_Mon.sys
19:32:24.0496 3216 COH_Mon - ok
19:32:24.0548 3216 [ 75A69CA9998577F8B2BE8695040E5DF4 ] comHost C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
19:32:24.0560 3216 comHost - ok
19:32:24.0607 3216 [ 6AFEF0B60FA25DE07C0968983EE4F60A ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
19:32:24.0628 3216 Compbatt - ok
19:32:24.0638 3216 COMSysApp - ok
19:32:24.0681 3216 [ 73F5D6835BFA66019C03E316D99649DA ] CO_Mon C:\Windows\system32\drivers\CO_Mon.sys
19:32:24.0697 3216 CO_Mon - ok
19:32:24.0706 3216 [ 2A213AE086BBEC5E937553C7D9A2B22C ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
19:32:24.0727 3216 crcdisk - ok
19:32:24.0743 3216 [ 22A7F883508176489F559EE745B5BF5D ] Crusoe C:\Windows\system32\drivers\crusoe.sys
19:32:24.0848 3216 Crusoe - ok
19:32:24.0900 3216 [ 6DE363F9F99334514C46AEC02D3E3678 ] CryptSvc C:\Windows\system32\cryptsvc.dll
19:32:24.0976 3216 CryptSvc - ok
19:32:25.0030 3216 [ 301AE00E12408650BADDC04DBC832830 ] DcomLaunch C:\Windows\system32\rpcss.dll
19:32:25.0117 3216 DcomLaunch - ok
19:32:25.0177 3216 [ A3E9FA213F443AC77C7746119D13FEEC ] DfsC C:\Windows\system32\Drivers\dfsc.sys
19:32:25.0227 3216 DfsC - ok
19:32:25.0327 3216 [ FA3463F25F9CC9C3BCF1E7912FEFF099 ] DFSR C:\Windows\system32\DFSR.exe
19:32:25.0555 3216 DFSR - ok
19:32:25.0607 3216 [ 43A988A9C10333476CB5FB667CBD629D ] Dhcp C:\Windows\System32\dhcpcsvc.dll
19:32:25.0683 3216 Dhcp - ok
19:32:25.0748 3216 [ 64109E623ABD6955C8FB110B592E68B7 ] disk C:\Windows\system32\drivers\disk.sys
19:32:25.0762 3216 disk - ok
19:32:25.0798 3216 [ 4805D9A6D281C7A7DEFD9094DEC6AF7D ] Dnscache C:\Windows\System32\dnsrslvr.dll
19:32:25.0837 3216 Dnscache - ok
19:32:25.0870 3216 [ 5AF620A08C614E24206B79E8153CF1A8 ] dot3svc C:\Windows\System32\dot3svc.dll
19:32:25.0923 3216 dot3svc - ok
19:32:25.0965 3216 [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS C:\Windows\system32\dps.dll
19:32:26.0000 3216 DPS - ok
19:32:26.0054 3216 [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
19:32:26.0088 3216 drmkaud - ok
19:32:26.0172 3216 [ 85F33880B8CFB554BD3D9CCDB486845A ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
19:32:26.0289 3216 DXGKrnl - ok
19:32:26.0322 3216 [ F88FB26547FD2CE6D0A5AF2985892C48 ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys
19:32:26.0425 3216 E1G60 - ok
19:32:26.0461 3216 [ C0B95E40D85CD807D614E264248A45B9 ] EapHost C:\Windows\System32\eapsvc.dll
19:32:26.0512 3216 EapHost - ok
19:32:26.0568 3216 [ DD2CD259D83D8B72C02C5F2331FF9D68 ] Ecache C:\Windows\system32\drivers\ecache.sys
19:32:26.0586 3216 Ecache - ok
19:32:26.0639 3216 [ 579A6B6135D32B857FAF0E3A974535D8 ] eeCtrl C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
19:32:26.0666 3216 eeCtrl - ok
19:32:26.0725 3216 [ 9BE3744D295A7701EB425332014F0797 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
19:32:26.0761 3216 ehRecvr - ok
19:32:26.0785 3216 [ AD1870C8E5D6DD340C829E6074BF3C3F ] ehSched C:\Windows\ehome\ehsched.exe
19:32:26.0828 3216 ehSched - ok
19:32:26.0836 3216 [ C27C4EE8926E74AA72EFCAB24C5242C3 ] ehstart C:\Windows\ehome\ehstart.dll
19:32:26.0870 3216 ehstart - ok
19:32:26.0895 3216 [ E8F3F21A71720C84BCF423B80028359F ] elxstor C:\Windows\system32\drivers\elxstor.sys
19:32:26.0927 3216 elxstor - ok
19:32:26.0986 3216 [ 70B1A86DF0C8EAD17D2BC332EDAE2C7C ] EMDMgmt C:\Windows\system32\emdmgmt.dll
19:32:27.0072 3216 EMDMgmt - ok
19:32:27.0127 3216 [ 3CB3343D720168B575133A0A20DC2465 ] EventSystem C:\Windows\system32\es.dll
19:32:27.0183 3216 EventSystem - ok
19:32:27.0228 3216 [ 0D858EB20589A34EFB25695ACAA6AA2D ] exfat C:\Windows\system32\drivers\exfat.sys
19:32:27.0293 3216 exfat - ok
19:32:27.0336 3216 [ 3C489390C2E2064563727752AF8EAB9E ] fastfat C:\Windows\system32\drivers\fastfat.sys
19:32:27.0401 3216 fastfat - ok
19:32:27.0437 3216 [ 63BDADA84951B9C03E641800E176898A ] fdc C:\Windows\system32\DRIVERS\fdc.sys
19:32:27.0538 3216 fdc - ok
19:32:27.0565 3216 [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost C:\Windows\system32\fdPHost.dll
19:32:27.0634 3216 fdPHost - ok
19:32:27.0667 3216 [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub C:\Windows\system32\fdrespub.dll
19:32:27.0780 3216 FDResPub - ok
19:32:27.0828 3216 [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
19:32:27.0850 3216 FileInfo - ok
19:32:27.0886 3216 [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace C:\Windows\system32\drivers\filetrace.sys
19:32:27.0940 3216 Filetrace - ok
19:32:27.0956 3216 [ 6603957EFF5EC62D25075EA8AC27DE68 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
19:32:28.0058 3216 flpydisk - ok
19:32:28.0124 3216 [ 05EA53AFE985443011E36DAB07343B46 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
19:32:28.0152 3216 FltMgr - ok
19:32:28.0213 3216 [ C9BE08664611DDAF98E2331E9288B00B ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
19:32:28.0233 3216 FontCache3.0.0.0 - ok
19:32:28.0252 3216 [ 65EA8B77B5851854F0C55C43FA51A198 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
19:32:28.0310 3216 Fs_Rec - ok
19:32:28.0344 3216 [ 4E1CD0A45C50A8882616CAE5BF82F3C5 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
19:32:28.0365 3216 gagp30kx - ok
19:32:28.0400 3216 [ 8182FF89C65E4D38B2DE4BB0FB18564E ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
19:32:28.0416 3216 GEARAspiWDM - ok
19:32:28.0482 3216 [ D9F1113D9401185245573350712F92FC ] gpsvc C:\Windows\System32\gpsvc.dll
19:32:28.0572 3216 gpsvc - ok
19:32:28.0646 3216 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
19:32:28.0668 3216 gupdate - ok
19:32:28.0684 3216 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
19:32:28.0703 3216 gupdatem - ok
19:32:28.0738 3216 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
19:32:28.0760 3216 gusvc - ok
19:32:28.0796 3216 [ CB04C744BE0A61B1D648FAED182C3B59 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
19:32:28.0904 3216 HdAudAddService - ok
19:32:28.0951 3216 [ C87B1EE051C0464491C1A7B03FA0BC99 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
19:32:29.0022 3216 HDAudBus - ok
19:32:29.0052 3216 [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth C:\Windows\system32\drivers\hidbth.sys
19:32:29.0159 3216 HidBth - ok
19:32:29.0188 3216 [ FF3160C3A2445128C5A6D9B076DA519E ] HidIr C:\Windows\system32\drivers\hidir.sys
19:32:29.0294 3216 HidIr - ok
19:32:29.0325 3216 [ 8FA640195279ACE21BEA91396A0054FC ] hidserv C:\Windows\system32\hidserv.dll
19:32:29.0417 3216 hidserv - ok
19:32:29.0460 3216 [ 854CA287AB7FAF949617A788306D967E ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
19:32:29.0533 3216 HidUsb - ok
19:32:29.0569 3216 [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc C:\Windows\system32\kmsvc.dll
19:32:29.0637 3216 hkmsvc - ok
19:32:29.0674 3216 [ DF353B401001246853763C4B7AAA6F50 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
19:32:29.0690 3216 HpCISSs - ok
19:32:29.0736 3216 [ 96E241624C71211A79C84F50A8E71CAB ] HTTP C:\Windows\system32\drivers\HTTP.sys
19:32:29.0806 3216 HTTP - ok
19:32:29.0825 3216 [ 324C2152FF2C61ABAE92D09F3CCA4D63 ] i2omp C:\Windows\system32\drivers\i2omp.sys
19:32:29.0839 3216 i2omp - ok
19:32:29.0880 3216 [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
19:32:29.0924 3216 i8042prt - ok
19:32:29.0959 3216 [ C957BF4B5D80B46C5017BF0101E6C906 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
19:32:29.0979 3216 iaStorV - ok
19:32:30.0061 3216 [ 6F95324909B502E2651442C1548AB12F ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
19:32:30.0097 3216 IDriverT ( UnsignedFile.Multi.Generic ) - warning
19:32:30.0097 3216 IDriverT - detected UnsignedFile.Multi.Generic (1)
19:32:30.0179 3216 [ 7B630ACAED64FEF0C3E1CF255CB56686 ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
19:32:30.0257 3216 idsvc - ok
19:32:30.0490 3216 [ F85DC24DAFA76237722FE38B3196C61A ] IDSvix86 C:\PROGRA~2\Symantec\DEFINI~1\SymcData\ipsdefs\20120524.001\IDSvix86.sys
19:32:30.0521 3216 IDSvix86 - ok
19:32:30.0557 3216 [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp C:\Windows\system32\drivers\iirsp.sys
19:32:30.0582 3216 iirsp - ok
19:32:30.0628 3216 [ A3BC480A2BF8AA8E4DABD2D5DCE0AFAC ] IKEEXT C:\Windows\System32\ikeext.dll
19:32:30.0705 3216 IKEEXT - ok
19:32:30.0810 3216 [ 7BD4E0428776D11C8E8E26F9F5508690 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
19:32:30.0996 3216 IntcAzAudAddService - ok
19:32:31.0012 3216 [ 97469037714070E45194ED318D636401 ] intelide C:\Windows\system32\drivers\intelide.sys
19:32:31.0025 3216 intelide - ok
19:32:31.0095 3216 [ 224191001E78C89DFA78924C3EA595FF ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
19:32:31.0152 3216 intelppm - ok
19:32:31.0201 3216 [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
19:32:31.0253 3216 IPBusEnum - ok
19:32:31.0301 3216 [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:32:31.0352 3216 IpFilterDriver - ok
19:32:31.0459 3216 [ 6A35D233693EDC29A12742049BC5E37F ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
19:32:31.0507 3216 iphlpsvc - ok
19:32:31.0516 3216 IpInIp - ok
19:32:31.0557 3216 [ 40F34F8ABA2A015D780E4B09138B6C17 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
19:32:31.0647 3216 IPMIDRV - ok
19:32:31.0739 3216 [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
19:32:31.0822 3216 IPNAT - ok
19:32:31.0896 3216 [ 49918803B661367023BF325CF602AFDC ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
19:32:31.0932 3216 iPod Service - ok
19:32:31.0980 3216 [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
19:32:32.0021 3216 IRENUM - ok
19:32:32.0114 3216 [ 350FCA7E73CF65BCEF43FAE1E4E91293 ] isapnp C:\Windows\system32\drivers\isapnp.sys
19:32:32.0141 3216 isapnp - ok
19:32:32.0186 3216 [ F247EEC28317F6C739C16DE420097301 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
19:32:32.0213 3216 iScsiPrt - ok
19:32:32.0232 3216 [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
19:32:32.0253 3216 iteatapi - ok
19:32:32.0269 3216 [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid C:\Windows\system32\drivers\iteraid.sys
19:32:32.0286 3216 iteraid - ok
19:32:32.0335 3216 [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
19:32:32.0348 3216 kbdclass - ok
19:32:32.0363 3216 [ D2600CB17B7408B4A83F231DC9A11AC3 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
19:32:32.0436 3216 kbdhid - ok
19:32:32.0471 3216 [ A911ECAC81F94ADEAFBE8E3F7873EDB0 ] KeyIso C:\Windows\system32\lsass.exe
19:32:32.0512 3216 KeyIso - ok
19:32:32.0541 3216 [ EBC507F129DF8F0E0CA270DCFC0CF87F ] KMDFMEMIO C:\Windows\system32\DRIVERS\kmdfmemio.sys
19:32:32.0579 3216 KMDFMEMIO - ok
19:32:32.0693 3216 [ 27277A11DB52FEFAE5B01DC8FB570B28 ] Kodak AiO Network Discovery Service C:\Program Files\Kodak\AiO\Center\EKAiOHostService.exe
19:32:32.0711 3216 Kodak AiO Network Discovery Service - ok
19:32:32.0745 3216 [ 7A0CF7908B6824D6A2A1D313E5AE3DCA ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
19:32:32.0790 3216 KSecDD - ok
19:32:32.0818 3216 [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm C:\Windows\system32\msdtckrm.dll
19:32:32.0891 3216 KtmRm - ok
19:32:32.0945 3216 [ 1925E63C91CF1610AE41BFD539062079 ] LanmanServer C:\Windows\system32\srvsvc.dll
19:32:32.0995 3216 LanmanServer - ok
19:32:33.0027 3216 [ 2AE2E1628C5D3F1C0A46A67C9FA1DF15 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
19:32:33.0072 3216 LanmanWorkstation - ok
19:32:33.0207 3216 [ 63ED50A6ED61829C2DEF5B733D258A05 ] LiveUpdate C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
19:32:33.0355 3216 LiveUpdate - ok
19:32:33.0380 3216 [ 2F237AAB91497AAA03AF48EAE68758FC ] LiveUpdate Notice C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
19:32:33.0393 3216 LiveUpdate Notice - ok
19:32:33.0431 3216 [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
19:32:33.0488 3216 lltdio - ok
19:32:33.0519 3216 [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc C:\Windows\System32\lltdsvc.dll
19:32:33.0582 3216 lltdsvc - ok
19:32:33.0631 3216 [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts C:\Windows\System32\lmhsvc.dll
19:32:33.0726 3216 lmhosts - ok
19:32:33.0758 3216 [ A2262FB9F28935E862B4DB46438C80D2 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
19:32:33.0780 3216 LSI_FC - ok
19:32:33.0802 3216 [ 30D73327D390F72A62F32C103DAF1D6D ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
19:32:33.0816 3216 LSI_SAS - ok
19:32:33.0836 3216 [ E1E36FEFD45849A95F1AB81DE0159FE3 ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
19:32:33.0850 3216 LSI_SCSI - ok
19:32:33.0902 3216 [ 8F5C7426567798E62A3B3614965D62CC ] luafv C:\Windows\system32\drivers\luafv.sys
19:32:33.0936 3216 luafv - ok
19:32:33.0967 3216 [ 9FB982DE1C8DD769F8ED681DD878B12F ] lvpopflt C:\Windows\system32\DRIVERS\lvpopflt.sys
19:32:33.0981 3216 lvpopflt - ok
19:32:34.0019 3216 [ 1A7DB7A00A4B0D8DA24CD691A4547291 ] LVPr2Mon C:\Windows\system32\DRIVERS\LVPr2Mon.sys
19:32:34.0033 3216 LVPr2Mon - ok
19:32:34.0108 3216 [ 0DDFDCAA92C7F553328DB06BA599BEA9 ] LVPrcSrv C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
19:32:34.0123 3216 LVPrcSrv - ok
19:32:34.0180 3216 [ 37072EC9299E825F4335CC554B6FAC6A ] LVRS C:\Windows\system32\DRIVERS\lvrs.sys
19:32:34.0201 3216 LVRS - ok
19:32:34.0455 3216 [ A240E42A7402E927A71B6E8AA4629B13 ] LVUVC C:\Windows\system32\DRIVERS\lvuvc.sys
19:32:34.0958 3216 LVUVC - ok
19:32:35.0060 3216 [ 65E794E86468B61F2BC79ABC48BC4433 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
19:32:35.0073 3216 MBAMProtector - ok
19:32:35.0150 3216 [ 0DCF16B1449811EFA47AB52CAC84093C ] MBAMScheduler C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
19:32:35.0170 3216 MBAMScheduler - ok
19:32:35.0228 3216 [ 9EAABA4D601004BEA4DAA6E146E19A96 ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
19:32:35.0258 3216 MBAMService - ok
19:32:35.0309 3216 [ F453D1E6D881E8F8717E20CCD4199E85 ] McComponentHostService C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe
19:32:35.0325 3216 McComponentHostService - ok
19:32:35.0370 3216 [ AEF9BABB8A506BC4CE0451A64AADED46 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
19:32:35.0395 3216 Mcx2Svc - ok
19:32:35.0429 3216 [ D153B14FC6598EAE8422A2037553ADCE ] megasas C:\Windows\system32\drivers\megasas.sys
19:32:35.0442 3216 megasas - ok
19:32:35.0463 3216 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS C:\Windows\system32\mmcss.dll
19:32:35.0515 3216 MMCSS - ok
19:32:35.0546 3216 [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem C:\Windows\system32\drivers\modem.sys
19:32:35.0596 3216 Modem - ok
19:32:35.0641 3216 [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
19:32:35.0674 3216 monitor - ok
19:32:35.0685 3216 [ 5BF6A1326A335C5298477754A506D263 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
19:32:35.0699 3216 mouclass - ok
19:32:35.0746 3216 [ 93B8D4869E12CFBE663915502900876F ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
19:32:35.0817 3216 mouhid - ok
19:32:35.0854 3216 [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
19:32:35.0868 3216 MountMgr - ok
19:32:35.0888 3216 [ 583A41F26278D9E0EA548163D6139397 ] mpio C:\Windows\system32\drivers\mpio.sys
19:32:35.0902 3216 mpio - ok
19:32:35.0939 3216 [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
19:32:35.0966 3216 mpsdrv - ok
19:32:36.0007 3216 [ D1639BA315B0D79DEC49A4B0E1FB929B ] MpsSvc C:\Windows\system32\mpssvc.dll
19:32:36.0079 3216 MpsSvc - ok
19:32:36.0114 3216 [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
19:32:36.0131 3216 Mraid35x - ok
19:32:36.0146 3216 [ AE3DE84536B6799D2267443CEC8EDBB9 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
19:32:36.0187 3216 MRxDAV - ok
19:32:36.0256 3216 [ 5734A0F2BE7E495F7D3ED6EFD4B9F5A1 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
19:32:36.0299 3216 mrxsmb - ok
19:32:36.0349 3216 [ 6B5FA5ADFACAC9DBBE0991F4566D7D55 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:32:36.0389 3216 mrxsmb10 - ok
19:32:36.0414 3216 [ 5C80D8159181C7ABF1B14BA703B01E0B ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:32:36.0446 3216 mrxsmb20 - ok
19:32:36.0467 3216 [ 742AED7939E734C36B7E8D6228CE26B7 ] msahci C:\Windows\system32\drivers\msahci.sys
19:32:36.0483 3216 msahci - ok
19:32:36.0503 3216 [ 3FC82A2AE4CC149165A94699183D3028 ] msdsm C:\Windows\system32\drivers\msdsm.sys
19:32:36.0521 3216 msdsm - ok
19:32:36.0554 3216 [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC C:\Windows\System32\msdtc.exe
19:32:36.0599 3216 MSDTC - ok
19:32:36.0644 3216 [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs C:\Windows\system32\drivers\Msfs.sys
19:32:36.0697 3216 Msfs - ok
19:32:36.0752 3216 [ 0F400E306F385C56317357D6DEA56F62 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
19:32:36.0768 3216 msisadrv - ok
19:32:36.0811 3216 [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
19:32:36.0874 3216 MSiSCSI - ok
19:32:36.0894 3216 msiserver - ok
19:32:36.0925 3216 [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
19:32:36.0974 3216 MSKSSRV - ok
19:32:37.0008 3216 [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
19:32:37.0041 3216 MSPCLOCK - ok
19:32:37.0074 3216 [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
19:32:37.0122 3216 MSPQM - ok
19:32:37.0157 3216 [ B5614AECB05A9340AA0FB55BF561CC63 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
19:32:37.0172 3216 MsRPC - ok
19:32:37.0236 3216 [ E384487CB84BE41D09711C30CA79646C ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
19:32:37.0249 3216 mssmbios - ok
19:32:37.0260 3216 [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
19:32:37.0297 3216 MSTEE - ok
19:32:37.0369 3216 [ 493138C4F4119E938427DA02486F09CB ] MTOnlPktAlyX C:\PROGRA~1\T-Online\T-ONLI~1\BASIS-~1\Basis1\MTOnlPktAlyX.SYS
19:32:37.0396 3216 MTOnlPktAlyX ( UnsignedFile.Multi.Generic ) - warning
19:32:37.0396 3216 MTOnlPktAlyX - detected UnsignedFile.Multi.Generic (1)
19:32:37.0434 3216 [ 6DFD1D322DE55B0B7DB7D21B90BEC49C ] Mup C:\Windows\system32\Drivers\mup.sys
19:32:37.0451 3216 Mup - ok
19:32:37.0492 3216 [ C43B25863FBD65B6D2A142AF3AE320CA ] napagent C:\Windows\system32\qagentRT.dll
19:32:37.0560 3216 napagent - ok
19:32:37.0606 3216 [ 3C21CE48FF529BB73DADB98770B54025 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
19:32:37.0643 3216 NativeWifiP - ok
19:32:37.0767 3216 [ F11033730B38260B6892E837C457FB4B ] NAVENG C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20120524.039\NAVENG.SYS
19:32:37.0780 3216 NAVENG - ok
19:32:37.0844 3216 [ 4E4E7C0259D3BB97DE24A636C0E06ABA ] NAVEX15 C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20120524.039\NAVEX15.SYS
19:32:37.0935 3216 NAVEX15 - ok
19:32:37.0988 3216 [ 9BDC71790FA08F0A0B5F10462B1BD0B1 ] NDIS C:\Windows\system32\drivers\ndis.sys
19:32:38.0040 3216 NDIS - ok
19:32:38.0083 3216 [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
19:32:38.0140 3216 NdisTapi - ok
19:32:38.0177 3216 [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
19:32:38.0232 3216 Ndisuio - ok
19:32:38.0277 3216 [ 3D14C3B3496F88890D431E8AA022A411 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
19:32:38.0333 3216 NdisWan - ok
19:32:38.0378 3216 [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
19:32:38.0422 3216 NDProxy - ok
19:32:38.0502 3216 [ D660376BD52DF3D33390ACAE9FA1A54C ] NeroMediaHomeService.4 C:\Program Files\Nero\Nero MediaHome 4\NMMediaServerService.exe
19:32:38.0523 3216 NeroMediaHomeService.4 - ok
19:32:38.0544 3216 [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
19:32:38.0588 3216 NetBIOS - ok
19:32:38.0642 3216 [ 7C5FEE5B1C5728507CD96FB4A13E7A02 ] netbt C:\Windows\system32\DRIVERS\netbt.sys
19:32:38.0693 3216 netbt - ok
19:32:38.0716 3216 [ A911ECAC81F94ADEAFBE8E3F7873EDB0 ] Netlogon C:\Windows\system32\lsass.exe
19:32:38.0736 3216 Netlogon - ok
19:32:38.0778 3216 [ C8052711DAECC48B982434C5116CA401 ] Netman C:\Windows\System32\netman.dll
19:32:38.0826 3216 Netman - ok
19:32:38.0870 3216 [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm C:\Windows\System32\netprofm.dll
19:32:38.0914 3216 netprofm - ok
19:32:38.0947 3216 [ 0AD5876EF4E9EB77C8F93EB5B2FFF386 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
19:32:38.0965 3216 NetTcpPortSharing - ok
19:32:39.0086 3216 [ 6E9EDC1020B319E7676387B8CDF2398C ] NETw2v32 C:\Windows\system32\DRIVERS\NETw2v32.sys
19:32:39.0349 3216 NETw2v32 - ok
19:32:39.0379 3216 [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
19:32:39.0401 3216 nfrd960 - ok
19:32:39.0437 3216 [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc C:\Windows\System32\nlasvc.dll
19:32:39.0518 3216 NlaSvc - ok
19:32:39.0569 3216 [ ECB5003F484F9ED6C608D6D6C7886CBB ] Npfs C:\Windows\system32\drivers\Npfs.sys
19:32:39.0635 3216 Npfs - ok
19:32:39.0673 3216 [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi C:\Windows\system32\nsisvc.dll
19:32:39.0740 3216 nsi - ok
19:32:39.0776 3216 [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
19:32:39.0829 3216 nsiproxy - ok
19:32:39.0896 3216 [ B4EFFE29EB4F15538FD8A9681108492D ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
19:32:39.0970 3216 Ntfs - ok
19:32:40.0020 3216 [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi C:\Windows\system32\drivers\ntrigdigi.sys
19:32:40.0096 3216 ntrigdigi - ok
19:32:40.0137 3216 [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null C:\Windows\system32\drivers\Null.sys
19:32:40.0171 3216 Null - ok
19:32:40.0185 3216 [ E69E946F80C1C31C53003BFBF50CBB7C ] nvraid C:\Windows\system32\drivers\nvraid.sys
19:32:40.0200 3216 nvraid - ok
19:32:40.0220 3216 [ 9E0BA19A28C498A6D323D065DB76DFFC ] nvstor C:\Windows\system32\drivers\nvstor.sys
19:32:40.0233 3216 nvstor - ok
19:32:40.0252 3216 [ 07C186427EB8FCC3D8D7927187F260F7 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
19:32:40.0267 3216 nv_agp - ok
19:32:40.0273 3216 NwlnkFlt - ok
19:32:40.0281 3216 NwlnkFwd - ok
19:32:40.0376 3216 [ 84DE1DD996B48B05ACE31AD015FA108A ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
19:32:40.0406 3216 odserv - ok
19:32:40.0431 3216 [ BE32DA025A0BE1878F0EE8D6D9386CD5 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
19:32:40.0501 3216 ohci1394 - ok
19:32:40.0519 3216 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:32:40.0537 3216 ose - ok
19:32:40.0605 3216 [ 5DE1A3972FD3112C75EB17BDCF454169 ] p2pimsvc C:\Windows\system32\p2psvc.dll
19:32:40.0708 3216 p2pimsvc - ok
19:32:40.0773 3216 [ 5DE1A3972FD3112C75EB17BDCF454169 ] p2psvc C:\Windows\system32\p2psvc.dll
19:32:40.0822 3216 p2psvc - ok
19:32:40.0881 3216 [ 0FA9B5055484649D63C303FE404E5F4D ] Parport C:\Windows\system32\drivers\parport.sys
19:32:40.0982 3216 Parport - ok
19:32:41.0025 3216 [ 3B38467E7C3DAED009DFE359E17F139F ] partmgr C:\Windows\system32\drivers\partmgr.sys
19:32:41.0039 3216 partmgr - ok
19:32:41.0054 3216 [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm C:\Windows\system32\drivers\parvdm.sys
19:32:41.0110 3216 Parvdm - ok
19:32:41.0148 3216 [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc C:\Windows\System32\pcasvc.dll
19:32:41.0182 3216 PcaSvc - ok
19:32:41.0222 3216 [ 01B94418DEB235DFF777CC80076354B4 ] pci C:\Windows\system32\drivers\pci.sys
19:32:41.0237 3216 pci - ok
19:32:41.0253 3216 [ FC175F5DDAB666D7F4D17449A547626F ] pciide C:\Windows\system32\drivers\pciide.sys
19:32:41.0266 3216 pciide - ok
19:32:41.0283 3216 [ E6F3FB1B86AA519E7698AD05E58B04E5 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
19:32:41.0300 3216 pcmcia - ok
19:32:41.0343 3216 [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
19:32:41.0470 3216 PEAUTH - ok
19:32:41.0551 3216 [ B1689DF169143F57053F795390C99DB3 ] pla C:\Windows\system32\pla.dll
19:32:41.0714 3216 pla - ok
19:32:41.0759 3216 [ 78F975CB6D18265BE6F492EDB2D7BC7B ] PlugPlay C:\Windows\system32\umpnpmgr.dll
19:32:41.0808 3216 PlugPlay - ok
19:32:41.0849 3216 [ 5DE1A3972FD3112C75EB17BDCF454169 ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
19:32:41.0893 3216 PNRPAutoReg - ok
19:32:41.0939 3216 [ 5DE1A3972FD3112C75EB17BDCF454169 ] PNRPsvc C:\Windows\system32\p2psvc.dll
19:32:41.0988 3216 PNRPsvc - ok
19:32:42.0041 3216 [ 47B8F37AA18B74D8C2E1BC1A7A2C8F8A ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
19:32:42.0106 3216 PolicyAgent - ok
19:32:42.0133 3216 [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
19:32:42.0187 3216 PptpMiniport - ok
19:32:42.0223 3216 [ 0E3CEF5D28B40CF273281D620C50700A ] Processor C:\Windows\system32\drivers\processr.sys
19:32:42.0328 3216 Processor - ok
19:32:42.0354 3216 [ B627E4FC8585E8843C5905D4D3587A90 ] ProfSvc C:\Windows\system32\profsvc.dll
19:32:42.0433 3216 ProfSvc - ok
19:32:42.0450 3216 [ A911ECAC81F94ADEAFBE8E3F7873EDB0 ] ProtectedStorage C:\Windows\system32\lsass.exe
19:32:42.0481 3216 ProtectedStorage - ok
19:32:42.0532 3216 [ BFEF604508A0ED1EAE2A73E872555FFB ] PSched C:\Windows\system32\DRIVERS\pacer.sys
19:32:42.0576 3216 PSched - ok
19:32:42.0630 3216 [ CCDAC889326317792480C0A67156A1EC ] ql2300 C:\Windows\system32\drivers\ql2300.sys
19:32:42.0720 3216 ql2300 - ok
19:32:42.0736 3216 [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
19:32:42.0751 3216 ql40xx - ok
19:32:42.0791 3216 [ E9ECAE663F47E6CB43962D18AB18890F ] QWAVE C:\Windows\system32\qwave.dll
19:32:42.0829 3216 QWAVE - ok
19:32:42.0865 3216 [ 9F5E0E1926014D17486901C88ECA2DB7 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
19:32:42.0901 3216 QWAVEdrv - ok
19:32:43.0010 3216 [ 5439B251AF73E7EFAE4B8771D7116159 ] R300 C:\Windows\system32\DRIVERS\atikmdag.sys
19:32:43.0146 3216 R300 - ok
19:32:43.0187 3216 [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
19:32:43.0223 3216 RasAcd - ok
19:32:43.0259 3216 [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] RasAuto C:\Windows\System32\rasauto.dll
19:32:43.0386 3216 RasAuto - ok
19:32:43.0445 3216 [ A214ADBAF4CB47DD2728859EF31F26B0 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
19:32:43.0496 3216 Rasl2tp - ok
19:32:43.0519 3216 [ 6E7C284FC5C4EC07AD164D93810385A6 ] RasMan C:\Windows\System32\rasmans.dll
19:32:43.0567 3216 RasMan - ok
19:32:43.0605 3216 [ 3E9D9B048107B40D87B97DF2E48E0744 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
19:32:43.0638 3216 RasPppoe - ok
19:32:43.0670 3216 [ A7D141684E9500AC928A772ED8E6B671 ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
19:32:43.0714 3216 RasSstp - ok
19:32:43.0743 3216 [ 6E1C5D0457622F9EE35F683110E93D14 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
19:32:43.0782 3216 rdbss - ok
19:32:43.0827 3216 [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
19:32:43.0877 3216 RDPCDD - ok
19:32:43.0915 3216 [ E8BD98D46F2ED77132BA927FCCB47D8B ] rdpdr C:\Windows\system32\drivers\rdpdr.sys
19:32:43.0988 3216 rdpdr - ok
19:32:43.0996 3216 [ 9D91FE5286F748862ECFFA05F8A0710C ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
19:32:44.0064 3216 RDPENCDD - ok
19:32:44.0113 3216 [ E1C18F4097A5ABCEC941DC4B2F99DB7E ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
19:32:44.0167 3216 RDPWD - ok
19:32:44.0211 3216 [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] RemoteAccess C:\Windows\System32\mprdim.dll
19:32:44.0248 3216 RemoteAccess - ok
19:32:44.0285 3216 [ CC4E32400F3C7253400CF8F3F3A0B676 ] RemoteRegistry C:\Windows\system32\regsvc.dll
19:32:44.0337 3216 RemoteRegistry - ok
19:32:44.0379 3216 [ 7EC90C316177BA3F1BCE92005264B447 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
19:32:44.0435 3216 RFCOMM - ok
19:32:44.0529 3216 [ 2AF094B1CE4725E4551F38FDA2348637 ] RichVideo C:\Program Files\CyberLink\Shared Files\RichVideo.exe
19:32:44.0552 3216 RichVideo ( UnsignedFile.Multi.Generic ) - warning
19:32:44.0552 3216 RichVideo - detected UnsignedFile.Multi.Generic (1)
19:32:44.0559 3216 RimUsb - ok
19:32:44.0601 3216 [ D9B34325EE5DF78B8F28A3DE9F577C7D ] RimVSerPort C:\Windows\system32\DRIVERS\RimSerial.sys
19:32:44.0625 3216 RimVSerPort - ok
19:32:44.0648 3216 [ 75E8A6BFA7374ABA833AE92BF41AE4E6 ] ROOTMODEM C:\Windows\system32\Drivers\RootMdm.sys
19:32:44.0688 3216 ROOTMODEM - ok
19:32:44.0781 3216 RoxLiveShare9 - ok
19:32:44.0827 3216 [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator C:\Windows\system32\locator.exe
19:32:44.0895 3216 RpcLocator - ok
19:32:44.0930 3216 [ 301AE00E12408650BADDC04DBC832830 ] RpcSs C:\Windows\system32\rpcss.dll
19:32:44.0966 3216 RpcSs - ok
19:32:44.0995 3216 [ FCEAE318066198C162D2176EC2975ACE ] RRNetCap C:\Windows\system32\DRIVERS\rrnetcap.sys
19:32:45.0027 3216 RRNetCap - ok
19:32:45.0033 3216 [ FCEAE318066198C162D2176EC2975ACE ] RRNetCapMP C:\Windows\system32\DRIVERS\rrnetcap.sys
19:32:45.0051 3216 RRNetCapMP - ok
19:32:45.0104 3216 [ 9C508F4074A39E8B4B31D27198146FAD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
19:32:45.0145 3216 rspndr - ok
19:32:45.0182 3216 [ 959EF612D2CCFDB6D9E443F8E3655013 ] RTL8023xp C:\Windows\system32\DRIVERS\Rtnicxp.sys
19:32:45.0257 3216 RTL8023xp - ok
19:32:45.0284 3216 [ 0266151DE3F36429F6AC3C4B28085061 ] s217bus C:\Windows\system32\DRIVERS\s217bus.sys
19:32:45.0297 3216 s217bus - ok
19:32:45.0314 3216 [ A43C0AF0E46BE7EF0C7E8CCF0F058600 ] s217mdfl C:\Windows\system32\DRIVERS\s217mdfl.sys
19:32:45.0324 3216 s217mdfl - ok
19:32:45.0342 3216 [ 005F5DED1ED8F8A9D2399D765EAD20F1 ] s217mdm C:\Windows\system32\DRIVERS\s217mdm.sys
19:32:45.0355 3216 s217mdm - ok
19:32:45.0377 3216 [ DE9562AD0C91E1857D11F65A91EE1A47 ] s217mgmt C:\Windows\system32\DRIVERS\s217mgmt.sys
19:32:45.0389 3216 s217mgmt - ok
19:32:45.0406 3216 [ 11CC5D7F992799E7E75D018E9C018563 ] s217nd5 C:\Windows\system32\DRIVERS\s217nd5.sys
19:32:45.0416 3216 s217nd5 - ok
19:32:45.0437 3216 [ 0F9F4045799AFB66B85EEF999D0609EC ] s217obex C:\Windows\system32\DRIVERS\s217obex.sys
19:32:45.0450 3216 s217obex - ok
19:32:45.0465 3216 [ 1C91E1023F07B6407D84B5A43537D984 ] s217unic C:\Windows\system32\DRIVERS\s217unic.sys
19:32:45.0478 3216 s217unic - ok
19:32:45.0494 3216 [ A911ECAC81F94ADEAFBE8E3F7873EDB0 ] SamSs C:\Windows\system32\lsass.exe
19:32:45.0513 3216 SamSs - ok
19:32:45.0566 3216 [ 4BFB51CDB25D4D4B9E8FCCAB635F262E ] Samsung Update Plus C:\Program Files\Samsung\Samsung Update Plus\SLUBackgroundService.exe
19:32:45.0574 3216 Samsung Update Plus ( UnsignedFile.Multi.Generic ) - warning
19:32:45.0574 3216 Samsung Update Plus - detected UnsignedFile.Multi.Generic (1)
19:32:45.0598 3216 [ 3CE8F073A557E172B330109436984E30 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
19:32:45.0616 3216 sbp2port - ok
19:32:45.0656 3216 [ 11387E32642269C7E62E8B52C060B3C6 ] SCardSvr C:\Windows\System32\SCardSvr.dll
19:32:45.0701 3216 SCardSvr - ok
19:32:45.0780 3216 [ 7B587B8A6D4A99F79D2902D0385F29BD ] Schedule C:\Windows\system32\schedsvc.dll
19:32:45.0874 3216 Schedule - ok
19:32:45.0913 3216 [ 87C2D0377B23E2D8A41093C2F5FB1A5B ] SCPolicySvc C:\Windows\System32\certprop.dll
19:32:45.0953 3216 SCPolicySvc - ok
19:32:45.0981 3216 [ 4339A2585708C7D9B0C0CE5AAD3DD6FF ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
19:32:46.0063 3216 sdbus - ok
19:32:46.0085 3216 [ 716313D9F6B0529D03F726D5AAF6F191 ] SDRSVC C:\Windows\System32\SDRSVC.dll
19:32:46.0135 3216 SDRSVC - ok
19:32:46.0149 3216 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
19:32:46.0217 3216 secdrv - ok
19:32:46.0254 3216 [ FD5199D4D8A521005E4B5EE7FE00FA9B ] seclogon C:\Windows\system32\seclogon.dll
19:32:46.0304 3216 seclogon - ok
19:32:46.0322 3216 [ A9BBAB5759771E523F55563D6CBE140F ] SENS C:\Windows\System32\sens.dll
19:32:46.0366 3216 SENS - ok
19:32:46.0379 3216 [ 68E44E331D46F0FB38F0863A84CD1A31 ] Serenum C:\Windows\system32\drivers\serenum.sys
19:32:46.0433 3216 Serenum - ok
19:32:46.0446 3216 [ C70D69A918B178D3C3B06339B40C2E1B ] Serial C:\Windows\system32\drivers\serial.sys
19:32:46.0503 3216 Serial - ok
19:32:46.0522 3216 [ 8AF3D28A879BF75DB53A0EE7A4289624 ] sermouse C:\Windows\system32\drivers\sermouse.sys
19:32:46.0557 3216 sermouse - ok
19:32:46.0622 3216 [ D2193326F729B163125610DBF3E17D57 ] SessionEnv C:\Windows\system32\sessenv.dll
19:32:46.0659 3216 SessionEnv - ok
19:32:46.0683 3216 [ 103B79418DA647736EE95645F305F68A ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
19:32:46.0753 3216 sffdisk - ok
19:32:46.0775 3216 [ 8FD08A310645FE872EEEC6E08C6BF3EE ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
19:32:46.0832 3216 sffp_mmc - ok
19:32:46.0851 3216 [ 9CFA05FCFCB7124E69CFC812B72F9614 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
19:32:46.0919 3216 sffp_sd - ok
19:32:46.0944 3216 [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
19:32:46.0999 3216 sfloppy - ok
19:32:47.0049 3216 [ E1499BD0FF76B1B2FBBF1AF339D91165 ] SharedAccess C:\Windows\System32\ipnathlp.dll
19:32:47.0098 3216 SharedAccess - ok
19:32:47.0153 3216 [ 1E3FDB80E40A3CE645F229DFBDFB7694 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
19:32:47.0230 3216 ShellHWDetection - ok
19:32:47.0246 3216 SipIMNDI - ok
19:32:47.0268 3216 [ D2A595D6EEBEEAF4334F8E50EFBC9931 ] sisagp C:\Windows\system32\drivers\sisagp.sys
19:32:47.0285 3216 sisagp - ok
19:32:47.0318 3216 [ CEDD6F4E7D84E9F98B34B3FE988373AA ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
19:32:47.0334 3216 SiSRaid2 - ok
19:32:47.0354 3216 [ DF843C528C4F69D12CE41CE462E973A7 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
19:32:47.0371 3216 SiSRaid4 - ok
19:32:47.0530 3216 [ 753D254205E0A62100A050BD8B458D06 ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
19:32:47.0700 3216 Skype C2C Service - ok
19:32:47.0733 3216 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
19:32:47.0753 3216 SkypeUpdate - ok
19:32:47.0895 3216 [ 0BA91E1358AD25236863039BB2609A2E ] slsvc C:\Windows\system32\SLsvc.exe
19:32:48.0086 3216 slsvc - ok
19:32:48.0132 3216 [ 7C6DC44CA0BFA6291629AB764200D1D4 ] SLUINotify C:\Windows\system32\SLUINotify.dll
19:32:48.0168 3216 SLUINotify - ok
19:32:48.0182 3216 [ 031E6BCD53C9B2B9ACE111EAFEC347B6 ] Smb C:\Windows\system32\DRIVERS\smb.sys
19:32:48.0224 3216 Smb - ok
19:32:48.0261 3216 [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
19:32:48.0281 3216 SNMPTRAP - ok
19:32:48.0355 3216 [ DC4DC886D3779C446F9B0E9D6B006E72 ] SPBBCDrv C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys
19:32:48.0396 3216 SPBBCDrv - ok
19:32:48.0414 3216 [ 7AEBDEEF071FE28B0EEF2CDD69102BFF ] spldr C:\Windows\system32\drivers\spldr.sys
19:32:48.0431 3216 spldr - ok
19:32:48.0477 3216 [ 3665F79026A3F91FBCA63F2C65A09B19 ] Spooler C:\Windows\System32\spoolsv.exe
19:32:48.0521 3216 Spooler - ok
19:32:48.0566 3216 [ 9263C8898732E2B890F7E954E7729AB7 ] SQLWriter C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
19:32:48.0582 3216 SQLWriter - ok
19:32:48.0633 3216 [ 655773F2F1A3730C6CF20280A49F4EE1 ] SRTSP C:\Windows\system32\Drivers\SRTSP.SYS
19:32:48.0654 3216 SRTSP - ok
19:32:48.0675 3216 [ 2A0AAF370D4C6574A34AE2F4A0709CAE ] SRTSPL C:\Windows\system32\Drivers\SRTSPL.SYS
19:32:48.0697 3216 SRTSPL - ok
19:32:48.0714 3216 [ 3104BDCEACE2D5710776DD05E6A286C1 ] SRTSPX C:\Windows\system32\Drivers\SRTSPX.SYS
19:32:48.0727 3216 SRTSPX - ok
19:32:48.0773 3216 [ 2252AEF839B1093D16761189F45AF885 ] srv C:\Windows\system32\DRIVERS\srv.sys
19:32:48.0825 3216 srv - ok
19:32:48.0873 3216 [ B7FF59408034119476B00A81BB53D5D1 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
19:32:48.0939 3216 srv2 - ok
19:32:48.0957 3216 [ 2ACCC9B12AF02030F531E6CCA6F8B76E ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
19:32:48.0998 3216 srvnet - ok
19:32:49.0044 3216 [ 03D50B37234967433A5EA5BA72BC0B62 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
19:32:49.0111 3216 SSDPSRV - ok
19:32:49.0154 3216 [ 6F1A32E7B7B30F004D9A20AFADB14944 ] SstpSvc C:\Windows\system32\sstpsvc.dll
19:32:49.0204 3216 SstpSvc - ok
19:32:49.0235 3216 [ 7DD08A597BC56051F320DA0BAF69E389 ] stisvc C:\Windows\System32\wiaservc.dll
19:32:49.0281 3216 stisvc - ok
19:32:49.0297 3216 [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
19:32:49.0321 3216 swenum - ok
19:32:49.0386 3216 [ B36C7CDB86F7F7A8E884479219766950 ] swprv C:\Windows\System32\swprv.dll
19:32:49.0443 3216 swprv - ok
19:32:49.0552 3216 [ FA2F6A8849219B16460BF44F9D1F3AA7 ] Symantec Core LC C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe
19:32:49.0598 3216 Symantec Core LC - ok
19:32:49.0652 3216 [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
19:32:49.0665 3216 Symc8xx - ok
19:32:49.0715 3216 [ FE9F8B3A8BC22D85332B42E92308DDF9 ] SYMDNS C:\Windows\System32\Drivers\SYMDNS.SYS
19:32:49.0746 3216 SYMDNS - ok
19:32:49.0771 3216 [ 06B95820DF51502099A8A15C93E87986 ] SymEvent C:\Windows\system32\Drivers\SYMEVENT.SYS
19:32:49.0785 3216 SymEvent - ok
19:32:49.0802 3216 [ A0EA9D273889E53CFAABF2444692CCBF ] SYMFW C:\Windows\System32\Drivers\SYMFW.SYS
19:32:49.0817 3216 SYMFW - ok
19:32:49.0879 3216 [ 8EAB28DD6CD25355B951AE460FA86B48 ] SymIM C:\Windows\system32\DRIVERS\SymIMv.sys
19:32:49.0916 3216 SymIM - ok
19:32:49.0923 3216 SymIMMP - ok
19:32:49.0961 3216 [ C94EACA4B522012EE0691F1E79C42A7D ] SYMNDISV C:\Windows\System32\Drivers\SYMNDISV.SYS
19:32:49.0985 3216 SYMNDISV - ok
19:32:50.0006 3216 [ 7C6505EA598E58099D3B7E1F70426864 ] SYMREDRV C:\Windows\System32\Drivers\SYMREDRV.SYS
19:32:50.0019 3216 SYMREDRV - ok
19:32:50.0063 3216 [ E6FF7ACE71D07CA90119F2C6AB592BA4 ] SYMTDI C:\Windows\System32\Drivers\SYMTDI.SYS
19:32:50.0081 3216 SYMTDI - ok
19:32:50.0109 3216 [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
19:32:50.0132 3216 Sym_hi - ok
19:32:50.0153 3216 [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
19:32:50.0169 3216 Sym_u3 - ok
19:32:50.0195 3216 [ C1777074592BBB55B1F1A2FBC7A60498 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
19:32:50.0214 3216 SynTP - ok
19:32:50.0271 3216 [ 8710A92D0024B03B5FB9540DF1F71F1D ] SysMain C:\Windows\system32\sysmain.dll
19:32:50.0352 3216 SysMain - ok
19:32:50.0392 3216 [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll
19:32:50.0433 3216 TabletInputService - ok
19:32:50.0478 3216 [ 680916BB09EE0F3A6ACA7C274B0D633F ] TapiSrv C:\Windows\System32\tapisrv.dll
19:32:50.0538 3216 TapiSrv - ok
19:32:50.0580 3216 [ 77BD6143C6DCE0A1BF7B5571BED860DC ] tbhsd C:\Windows\system32\drivers\tbhsd.sys
19:32:50.0593 3216 tbhsd - ok
19:32:50.0633 3216 [ CB05822CD9CC6C688168E113C603DBE7 ] TBS C:\Windows\System32\tbssvc.dll
19:32:50.0682 3216 TBS - ok
19:32:50.0783 3216 [ 782568AB6A43160A159B6215B70BCCE9 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
19:32:50.0854 3216 Tcpip - ok
19:32:50.0917 3216 [ 782568AB6A43160A159B6215B70BCCE9 ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
19:32:50.0991 3216 Tcpip6 - ok
19:32:51.0010 3216 [ D4A2E4A4B011F3A883AF77315A5AE76B ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
19:32:51.0050 3216 tcpipreg - ok
19:32:51.0114 3216 [ 5DCF5E267BE67A1AE926F2DF77FBCC56 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
19:32:51.0152 3216 TDPIPE - ok
19:32:51.0205 3216 [ 389C63E32B3CEFED425B61ED92D3F021 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
19:32:51.0251 3216 TDTCP - ok
19:32:51.0292 3216 [ D09276B1FAB033CE1D40DCBDF303D10F ] tdx C:\Windows\system32\DRIVERS\tdx.sys
19:32:51.0344 3216 tdx - ok
19:32:51.0369 3216 [ A048056F5E1A96A9BF3071B91741A5AA ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
19:32:51.0384 3216 TermDD - ok
19:32:51.0501 3216 [ D605031E225AACCBCEB5B76A4F1603A6 ] TermService C:\Windows\System32\termsrv.dll
19:32:51.0614 3216 TermService - ok
19:32:51.0652 3216 [ 1E3FDB80E40A3CE645F229DFBDFB7694 ] Themes C:\Windows\system32\shsvcs.dll
19:32:51.0682 3216 Themes - ok
19:32:51.0764 3216 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] THREADORDER C:\Windows\system32\mmcss.dll
19:32:51.0815 3216 THREADORDER - ok
19:32:51.0855 3216 [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] TrkWks C:\Windows\System32\trkwks.dll
19:32:51.0917 3216 TrkWks - ok
19:32:51.0979 3216 [ 16613A1BAD034D4ECF957AF18B7C2FF5 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
19:32:52.0033 3216 TrustedInstaller - ok
19:32:52.0074 3216 [ DCF0F056A2E4F52287264F5AB29CF206 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
19:32:52.0127 3216 tssecsrv - ok
19:32:52.0160 3216 [ CAECC0120AC49E3D2F758B9169872D38 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
19:32:52.0188 3216 tunmp - ok
19:32:52.0200 3216 [ 6042505FF6FA9AC1EF7684D0E03B6940 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
19:32:52.0222 3216 tunnel - ok
19:32:52.0253 3216 [ C3ADE15414120033A36C0F293D4A4121 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
19:32:52.0270 3216 uagp35 - ok
19:32:52.0319 3216 [ 8B5088058FA1D1CD897A2113CCFF6C58 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
19:32:52.0357 3216 udfs - ok
19:32:52.0409 3216 [ ECEF404F62863755951E09C802C94AD5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
19:32:52.0444 3216 UI0Detect - ok
19:32:52.0469 3216 [ 75E6890EBFCE0841D3291B02E7A8BDB0 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
19:32:52.0483 3216 uliagpkx - ok
19:32:52.0511 3216 [ 3CD4EA35A6221B85DCC25DAA46313F8D ] uliahci C:\Windows\system32\drivers\uliahci.sys
19:32:52.0530 3216 uliahci - ok
19:32:52.0564 3216 [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata C:\Windows\system32\drivers\ulsata.sys
19:32:52.0579 3216 UlSata - ok
19:32:52.0594 3216 [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
19:32:52.0610 3216 ulsata2 - ok
19:32:52.0653 3216 [ 32CFF9F809AE9AED85464492BF3E32D2 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
19:32:52.0686 3216 umbus - ok
19:32:52.0785 3216 [ 68308183F4AE0BE7BF8ECD07CB297999 ] upnphost C:\Windows\System32\upnphost.dll
19:32:52.0846 3216 upnphost - ok
19:32:52.0896 3216 [ 83CAFCB53201BBAC04D822F32438E244 ] USBAAPL C:\Windows\system32\Drivers\usbaapl.sys
19:32:52.0925 3216 USBAAPL - ok
19:32:52.0976 3216 [ 292A25BB75A568AE2C67169BA2C6365A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
19:32:53.0018 3216 usbaudio - ok
19:32:53.0037 3216 [ CAF811AE4C147FFCD5B51750C7F09142 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
19:32:53.0073 3216 usbccgp - ok
19:32:53.0094 3216 [ E9476E6C486E76BC4898074768FB7131 ] usbcir C:\Windows\system32\drivers\usbcir.sys
19:32:53.0167 3216 usbcir - ok
19:32:53.0205 3216 [ CEBE90821810E76320155BEBA722FCF9 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
19:32:53.0260 3216 usbehci - ok
19:32:53.0289 3216 [ CC6B28E4CE39951357963119CE47B143 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
19:32:53.0327 3216 usbhub - ok
19:32:53.0349 3216 [ 7BDB7B0E7D45AC0402D78B90789EF47C ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
19:32:53.0382 3216 usbohci - ok
19:32:53.0427 3216 [ E75C4B5269091D15A2E7DC0B6D35F2F5 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
19:32:53.0474 3216 usbprint - ok
19:32:53.0518 3216 [ A508C9BD8724980512136B039BBA65E9 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
19:32:53.0567 3216 usbscan - ok
19:32:53.0618 3216 [ 87BA6B83C5D19B69160968D07D6E2982 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:32:53.0657 3216 USBSTOR - ok
19:32:53.0673 3216 [ 325DBBACB8A36AF9988CCF40EAC228CC ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
19:32:53.0746 3216 usbuhci - ok
19:32:53.0782 3216 [ 0A6B81F01BC86399482E27E6FDA7B33B ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
19:32:53.0851 3216 usbvideo - ok
19:32:53.0888 3216 [ 032A0ACC3909AE7215D524E29D536797 ] UxSms C:\Windows\System32\uxsms.dll
19:32:53.0939 3216 UxSms - ok
19:32:53.0983 3216 [ B13BC395B9D6116628F5AF47E0802AC4 ] vds C:\Windows\System32\vds.exe
19:32:54.0057 3216 vds - ok
19:32:54.0098 3216 [ 7D92BE0028ECDEDEC74617009084B5EF ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
19:32:54.0166 3216 vga - ok
19:32:54.0203 3216 [ 2E93AC0A1D8C79D019DB6C51F036636C ] VgaSave C:\Windows\System32\drivers\vga.sys
19:32:54.0256 3216 VgaSave - ok
19:32:54.0279 3216 [ 045D9961E591CF0674A920B6BA3BA5CB ] viaagp C:\Windows\system32\drivers\viaagp.sys
19:32:54.0296 3216 viaagp - ok
19:32:54.0319 3216 [ 56A4DE5F02F2E88182B0981119B4DD98 ] ViaC7 C:\Windows\system32\drivers\viac7.sys
19:32:54.0402 3216 ViaC7 - ok
19:32:54.0432 3216 [ FD2E3175FCADA350C7AB4521DCA187EC ] viaide C:\Windows\system32\drivers\viaide.sys
19:32:54.0447 3216 viaide - ok
19:32:54.0463 3216 [ 69503668AC66C77C6CD7AF86FBDF8C43 ] volmgr C:\Windows\system32\drivers\volmgr.sys
19:32:54.0480 3216 volmgr - ok
19:32:54.0534 3216 [ 98F5FFE6316BD74E9E2C97206C190196 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
19:32:54.0559 3216 volmgrx - ok
19:32:54.0589 3216 [ D8B4A53DD2769F226B3EB374374987C9 ] volsnap C:\Windows\system32\drivers\volsnap.sys
19:32:54.0620 3216 volsnap - ok
19:32:54.0670 3216 [ D984439746D42B30FC65A4C3546C6829 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
19:32:54.0694 3216 vsmraid - ok
19:32:54.0773 3216 [ D5FB73D19C46ADE183F968E13F186B23 ] VSS C:\Windows\system32\vssvc.exe
19:32:54.0932 3216 VSS - ok
19:32:54.0965 3216 [ 1CF9206966A8458CDA9A8B20DF8AB7D3 ] W32Time C:\Windows\system32\w32time.dll
19:32:55.0045 3216 W32Time - ok
19:32:55.0084 3216 [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
19:32:55.0174 3216 WacomPen - ok
19:32:55.0210 3216 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
19:32:55.0251 3216 Wanarp - ok
19:32:55.0256 3216 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
19:32:55.0284 3216 Wanarpv6 - ok
19:32:55.0315 3216 [ F3A5C2E1A6533192B070D06ECF6BE796 ] wcncsvc C:\Windows\System32\wcncsvc.dll
19:32:55.0361 3216 wcncsvc - ok
19:32:55.0384 3216 [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
19:32:55.0428 3216 WcsPlugInService - ok
19:32:55.0450 3216 [ AFC5AD65B991C1E205CF25CFDBF7A6F4 ] Wd C:\Windows\system32\drivers\wd.sys
19:32:55.0464 3216 Wd - ok
19:32:55.0494 3216 [ B6F0A7AD6D4BD325FBCD8BAC96CD8D96 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
19:32:55.0537 3216 Wdf01000 - ok
19:32:55.0579 3216 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiServiceHost C:\Windows\system32\wdi.dll
19:32:55.0638 3216 WdiServiceHost - ok
19:32:55.0645 3216 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiSystemHost C:\Windows\system32\wdi.dll
19:32:55.0689 3216 WdiSystemHost - ok
19:32:55.0710 3216 [ CF9A5F41789B642DB967021DE06A2713 ] WebClient C:\Windows\System32\webclnt.dll
19:32:55.0738 3216 WebClient - ok
19:32:55.0784 3216 [ AE3736E7E8892241C23E4EBBB7453B60 ] Wecsvc C:\Windows\system32\wecsvc.dll
19:32:55.0847 3216 Wecsvc - ok
19:32:55.0883 3216 [ 670FF720071ED741206D69BD995EA453 ] wercplsupport C:\Windows\System32\wercplsupport.dll
19:32:55.0920 3216 wercplsupport - ok
19:32:55.0958 3216 [ FD1965AAA112C6818A30AB02742D0461 ] WerSvc C:\Windows\System32\WerSvc.dll
19:32:55.0996 3216 WerSvc - ok
19:32:56.0063 3216 [ 4575AA12561C5648483403541D0D7F2B ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
19:32:56.0094 3216 WinDefend - ok
19:32:56.0104 3216 WinHttpAutoProxySvc - ok
19:32:56.0171 3216 [ 00B79A7C984678F24CF052E5BEB3A2F5 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
19:32:56.0244 3216 Winmgmt - ok
19:32:56.0328 3216 [ 7CFE68BDC065E55AA5E8421607037511 ] WinRM C:\Windows\system32\WsmSvc.dll
19:32:56.0478 3216 WinRM - ok
19:32:56.0558 3216 [ 275F4346E569DF56CFB95243BD6F6FF0 ] Wlansvc C:\Windows\System32\wlansvc.dll
19:32:56.0647 3216 Wlansvc - ok
19:32:56.0677 3216 [ 701A9F884A294327E9141D73746EE279 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
19:32:56.0766 3216 WmiAcpi - ok
19:32:56.0806 3216 [ ABA4CF9F856D9A3A25F4DDD7690A6E9D ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
19:32:56.0842 3216 wmiApSrv - ok
19:32:56.0927 3216 [ 3978704576A121A9204F8CC49A301A9B ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
19:32:57.0021 3216 WMPNetworkSvc - ok
19:32:57.0062 3216 [ 5D94CD167751294962BA238D82DD1BB8 ] WPCSvc C:\Windows\System32\wpcsvc.dll
19:32:57.0093 3216 WPCSvc - ok
19:32:57.0124 3216 [ 396D406292B0CD26E3504FFE82784702 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
19:32:57.0144 3216 WPDBusEnum - ok
19:32:57.0179 3216 [ 0CEC23084B51B8288099EB710224E955 ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys
19:32:57.0233 3216 WpdUsb - ok
19:32:57.0346 3216 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
19:32:57.0414 3216 WPFFontCache_v0400 - ok
19:32:57.0450 3216 [ E3A3CB253C0EC2494D4A61F5E43A389C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
19:32:57.0504 3216 ws2ifsl - ok
19:32:57.0543 3216 [ 683DD16B590372F2C9661D277F35E49C ] wscsvc C:\Windows\System32\wscsvc.dll
19:32:57.0593 3216 wscsvc - ok
19:32:57.0604 3216 WSearch - ok
19:32:57.0716 3216 [ 6298277B73C77FA99106B271A7525163 ] wuauserv C:\Windows\system32\wuaueng.dll
19:32:57.0822 3216 wuauserv - ok
19:32:57.0857 3216 [ AC13CB789D93412106B0FB6C7EB2BCB6 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
19:32:57.0901 3216 WUDFRd - ok
19:32:57.0938 3216 [ 575A4190D989F64732119E4114045A4F ] wudfsvc C:\Windows\System32\WUDFSvc.dll
19:32:57.0974 3216 wudfsvc - ok
19:32:58.0014 3216 [ ADE7A4943003020216952B56A6741EC7 ] yukonwlh C:\Windows\system32\DRIVERS\yk60x86.sys
19:32:58.0060 3216 yukonwlh - ok
19:32:58.0071 3216 ================ Scan global ===============================
19:32:58.0146 3216 [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\system32\basesrv.dll
19:32:58.0187 3216 [ F42F8855CB5C22E203C6672B124F17FD ] C:\Windows\system32\winsrv.dll
19:32:58.0231 3216 [ F42F8855CB5C22E203C6672B124F17FD ] C:\Windows\system32\winsrv.dll
19:32:58.0277 3216 [ 2B336AB6286D6C81FA02CBAB914E3C6C ] C:\Windows\system32\services.exe
19:32:58.0283 3216 [Global] - ok
19:32:58.0283 3216 ================ Scan MBR ==================================
19:32:58.0295 3216 [ 61A349592C4728853F4A90FF78F7628E ] \Device\Harddisk0\DR0
19:32:59.0218 3216 \Device\Harddisk0\DR0 - ok
19:32:59.0218 3216 ================ Scan VBR ==================================
19:32:59.0253 3216 [ A1E20959446CE325749A621106FA7247 ] \Device\Harddisk0\DR0\Partition1
19:32:59.0281 3216 \Device\Harddisk0\DR0\Partition1 - ok
19:32:59.0322 3216 [ 9EB5B3DF4438C02B99FED91486368398 ] \Device\Harddisk0\DR0\Partition2
19:32:59.0325 3216 \Device\Harddisk0\DR0\Partition2 - ok
19:32:59.0325 3216 ============================================================
19:32:59.0325 3216 Scan finished
19:32:59.0325 3216 ============================================================
19:32:59.0349 5900 Detected object count: 5
19:32:59.0349 5900 Actual detected object count: 5
19:33:58.0594 5900 C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe - copied to quarantine
19:33:58.0594 5900 Adobe LM Service ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
19:33:58.0673 5900 C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe - copied to quarantine
19:33:58.0673 5900 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
19:33:58.0692 5900 C:\PROGRA~1\T-Online\T-ONLI~1\BASIS-~1\Basis1\MTOnlPktAlyX.SYS - copied to quarantine
19:33:58.0692 5900 MTOnlPktAlyX ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
19:33:58.0719 5900 C:\Program Files\CyberLink\Shared Files\RichVideo.exe - copied to quarantine
19:33:58.0719 5900 RichVideo ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
19:33:58.0744 5900 C:\Program Files\Samsung\Samsung Update Plus\SLUBackgroundService.exe - copied to quarantine
19:33:58.0744 5900 Samsung Update Plus ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
19:36:16.0340 3424 Deinitialize success
Habe wie üblich mit rechter Maustaste als Administrator gestartet. Hoffe es passt so! Viele Grüße Sandi |
|
20.09.2012, 10:46
| #18 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Computer gesperrt, BundespolizeiZitat:
 Ich hab extra in fetter blauer Schrift etwas aus etwas wichtiges hingewiesen 
__________________ |
|
20.09.2012, 12:53
| #19 |
| | Computer gesperrt, Bundespolizei Hallo Cosinus, tut mir Leid die Funktion Skip habe ich nicht verstanden, und da auch bei Malewarebytes bereits Dateien in der Quarantäne sind und nicht gelöscht wurde, dachte ich hier wäre es genau so! Was kann ich nun machen? |
|
20.09.2012, 15:14
| #20 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Computer gesperrt, Bundespolizei So erstmal garnichts, beim TDSS-Killer ist mir eine Funktion bekannt, mit der man auf Knopfdruck gelöschte Elemente so in den Ursprungszustand zurückversetzen kann Ja es ist richtig, dass du bei Malwarebytes in die Q schicken sollst, aber bei sonst KEINEM anderen Tool! Deswegen wurde das extra fett und blau hervorgehoben aber die besten Anleitungen bringen nichts, wenn sie nicht gelesen werden!  Edit: Du hast offensichtlich NICHTS entfernt, sondern nur alls in die Q kopiert, dann sollte alles ok sein. Ich hab mich in deinem Fall ohne Grund aufgeregt  Dann bitte jetzt CF ausführen: ComboFix Ein Leitfaden und Tutorium zur Nutzung von ComboFix
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat! Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie Zitat:
__________________ Logfiles bitte immer in CODE-Tags posten Geändert von cosinus (20.09.2012 um 15:41 Uhr) |
|
20.09.2012, 22:10
| #21 |
| | Computer gesperrt, Bundespolizei Hallo, hier die Logdatei des ComboFix: Code:
ATTFilter Combofix Logfile: |
|
21.09.2012, 14:48
| #22 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Computer gesperrt, Bundespolizei Bitte nun Logs mit GMER und OSAM erstellen und posten. GMER stürzt häufiger ab, wenn das Tool auch beim 2. Mal nicht will, lass es einfach weg und führ nur OSAM aus - die Online-Abfrage durch OSAM bitte überspringen. Bei OSAM bitte darauf auch achten, dass Du das Log auch als *.log und nicht *.html oder so abspeicherst. Hinweis: Zum Entpacken von OSAM bitte WinRAR oder 7zip verwenden! Stell auch unbedingt den Virenscanner ab, besonders der Scanner von McAfee meldet oft einen Fehalarm in OSAM! Downloade dir bitte  aswMBR.exe und speichere die Datei auf deinem Desktop.
Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none). Noch ein Hinweis: Sollte aswMBR abstürzen und es kommt eine Meldung wie "aswMBR.exe funktioniert nicht mehr, dann mach Folgendes: Starte aswMBR neu, wähle unten links im Drop-Down-Menü (unten links im Fenster von aswMBR) bei "AV scan" (none) aus und klick nochmal auf den Scan-Button.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
22.09.2012, 12:39
| #23 |
| | Computer gesperrt, Bundespolizei Hallo, hier erst mal die GMER-Logdatei: Code:
ATTFilter GMER Logfile: Hallo, hier die OSAM Logdatei und die aswMBR.txt. Hoffe es passt so! [code] OSAM Logfile: Code:
ATTFilter Report of OSAM: Autorun Manager v5.0.11926.0 hxxp://www.online-solutions.ru/en/ Saved at 14:30:12 on 22.09.2012 OS: Windows Vista Home Premium Edition Service Pack 1 (Build 6001), 32-bit Default Browser: Google Inc. Google Chrome 21.0.1180.89 Scanner Settings [x] Rootkits detection (hidden registry) [x] Rootkits detection (hidden files) [x] Retrieve files information [x] Check Microsoft signatures Filters [ ] Trusted entries [ ] Empty entries [x] Hidden registry entries (rootkit activity) [x] Exclusively opened files [x] Not found files [x] Files without detailed information [x] Existing files [ ] Non-startable services [ ] Non-startable drivers [x] Active entries [x] Disabled entries [Common] -----( %SystemRoot%\Tasks )----- "Norton Internet Security Online - Systemprüfung ausführen - Sandra.job" - "Symantec Corporation" - C:\Program Files\Norton Internet Security\Norton AntiVirus\Navw32.exe "GoogleUpdateTaskMachineCore.job" - "Google Inc." - C:\Program Files\Google\Update\GoogleUpdate.exe "GoogleUpdateTaskMachineUA.job" - "Google Inc." - C:\Program Files\Google\Update\GoogleUpdate.exe "Adobe Flash Player Updater.job" - "Adobe Systems Incorporated" - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [Control Panel Objects] -----( %SystemRoot%\system32 )----- "DivXControlPanelApplet.cpl" - "DivX, Inc." - C:\Windows\system32\DivXControlPanelApplet.cpl "FlashPlayerCPLApp.cpl" - "Adobe Systems Incorporated" - C:\Windows\system32\FlashPlayerCPLApp.cpl "ISUSPM.cpl" - "Macrovision Corporation" - C:\Windows\system32\ISUSPM.cpl -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Control Panel\Cpls )----- "mlcfg32.cpl" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office12\MLCFG32.CPL "QuickTime" - "Apple Inc." - C:\Program Files\QuickTime\QTSystem\QuickTime.cpl [Drivers] -----( HKLM\SYSTEM\CurrentControlSet\Services )----- "BlackBerry-Smartphone" (RimUsb) - ? - C:\Windows\System32\Drivers\RimUsb.sys (File not found) "catchme" (catchme) - ? - C:\Users\Sandra\AppData\Local\Temp\catchme.sys (File not found) "IP in IP Tunnel Driver" (IpInIp) - ? - C:\Windows\System32\DRIVERS\ipinip.sys (File not found) "IPX Traffic Filter Driver" (NwlnkFlt) - ? - C:\Windows\System32\DRIVERS\nwlnkflt.sys (File not found) "IPX Traffic Forwarder Driver" (NwlnkFwd) - ? - C:\Windows\System32\DRIVERS\nwlnkfwd.sys (File not found) "kwdiqpob" (kwdiqpob) - ? - C:\Users\Sandra\AppData\Local\Temp\kwdiqpob.sys (Hidden registry entry, rootkit activity | File not found) "MBAMProtector" (MBAMProtector) - "Malwarebytes Corporation" - C:\Windows\system32\drivers\mbam.sys "MTOnlPktAlyX NDIS Protocol Driver" (MTOnlPktAlyX) - "Deutsche Telekom AG AG, Marmiko IT-Solutions GmbH" - C:\PROGRA~1\T-Online\T-ONLI~1\BASIS-~1\Basis1\MTOnlPktAlyX.SYS "NAVENG" (NAVENG) - "Symantec Corporation" - C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20120524.039\NAVENG.SYS "NAVEX15" (NAVEX15) - "Symantec Corporation" - C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20120524.039\NAVEX15.SYS "SPBBCDrv" (SPBBCDrv) - "Symantec Corporation" - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys "SRTSP" (SRTSP) - "Symantec Corporation" - C:\Windows\System32\Drivers\SRTSP.SYS "SRTSPL" (SRTSPL) - "Symantec Corporation" - C:\Windows\System32\Drivers\SRTSPL.SYS "SRTSPX" (SRTSPX) - "Symantec Corporation" - C:\Windows\System32\Drivers\SRTSPX.SYS "Symantec Eraser Control driver" (eeCtrl) - "Symantec Corporation" - C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys "Symantec Intrusion Prevention Driver" (IDSvix86) - "Symantec Corporation" - C:\PROGRA~2\Symantec\DEFINI~1\SymcData\ipsdefs\20120524.001\IDSvix86.sys "SYMDNS" (SYMDNS) - "Symantec Corporation" - C:\Windows\System32\Drivers\SYMDNS.SYS "SymEvent" (SymEvent) - "Symantec Corporation" - C:\Windows\system32\Drivers\SYMEVENT.SYS "SYMFW" (SYMFW) - "Symantec Corporation" - C:\Windows\System32\Drivers\SYMFW.SYS "SymIMMP" (SymIMMP) - ? - C:\Windows\System32\DRIVERS\SymIM.sys (File not found) "SYMNDISV" (SYMNDISV) - "Symantec Corporation" - C:\Windows\System32\Drivers\SYMNDISV.SYS "SYMREDRV" (SYMREDRV) - "Symantec Corporation" - C:\Windows\System32\Drivers\SYMREDRV.SYS "SYMTDI" (SYMTDI) - "Symantec Corporation" - C:\Windows\System32\Drivers\SYMTDI.SYS "T-Online Dialerschutz VoIP Service" (SipIMNDI) - ? - C:\Windows\System32\DRIVERS\SipIMNDI.sys (File not found) [Explorer] -----( HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components )----- {A8D647C8-65AC-409F-B7B2-3C0FEE1A32F2} "PixiePack Codec Pack 1.1.1200.0" - ? - C:\Program Files\PixiePack Codec Pack\InstallerHelper.exe -----( HKLM\Software\Classes\Folder\shellex\ColumnHandlers )----- {0561EC90-CE54-4f0c-9C55-E226110A740C} "Haali Column Provider" - ? - C:\Program Files\FreeTime\FormatFactory\FFModules\Filters\Haali\mmfinfo.dll (File found, but it contains no detailed information) {F9DB5320-233E-11D1-9F84-707F02C10627} "PDF Shell Extension" - "Adobe Systems, Inc." - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll -----( HKLM\Software\Classes\Protocols\Filter )----- {807563E5-5146-11D5-A672-00B0D022E945} "Microsoft Office InfoPath XML Mime Filter" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL -----( HKLM\Software\Classes\Protocols\Handler )----- {314111c7-a502-11d2-bbca-00c04f8ec294} "HxProtocol Class" - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} "IEProtocolHandler Class" - "Skype Technologies" - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL {91774881-D725-4E58-B298-07617B9B86A8} "Skype IE add-on Pluggable Protocol" - "Skype Technologies S.A." - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )----- {911051fa-c21c-4246-b470-070cd8df6dc4} ".cab or .zip files" - ? - (File not found | COM-object registry key not found) {1b24a030-9b20-49bc-97ac-1be4426f9e59} "ActiveDirectory Folder" - ? - (File not found | COM-object registry key not found) {34449847-FD14-4fc8-A75A-7432F5181EFB} "ActiveDirectory Folder" - ? - (File not found | COM-object registry key not found) {0F8604A5-4ECE-4DE1-BA7D-CF10F8AA4F48} "Contacts folder" - ? - (File not found | COM-object registry key not found) {2C2577C2-63A7-40e3-9B7F-586602617ECB} "Explorer Query Band" - ? - (File not found | COM-object registry key not found) {0561EC90-CE54-4f0c-9C55-E226110A740C} "Haali Column Provider" - ? - C:\Program Files\FreeTime\FormatFactory\FFModules\Filters\Haali\mmfinfo.dll (File found, but it contains no detailed information) {5574006C-28F5-4a65-A28C-74DE6BFBE0BB} "Haali Matroska Shell Property Page" - ? - C:\Program Files\FreeTime\FormatFactory\FFModules\Filters\Haali\mmfinfo.dll (File found, but it contains no detailed information) {327669A0-59A7-4be9-B99E-1C9F3A57611A} "Haali Matroska Thumbnail Extractor" - ? - C:\Program Files\FreeTime\FormatFactory\FFModules\Filters\Haali\mmfinfo.dll (File found, but it contains no detailed information) {FAC3CBF6-8697-43d0-BAB9-DCD1FCE19D75} "IE User Assist" - ? - (File not found | COM-object registry key not found) {B9E1D2CB-CCFF-4AA6-9579-D7A4754030EF} "iTunes" - "Apple Inc." - C:\Program Files\iTunes\iTunesMiniPlayer.dll {5BD933E7-F18F-4D3B-A16B-B1A40B04764E} "KodakPrintShellExtensionNative" - "Eastman Kodak Company" - C:\Program Files\Kodak\AiO\Center\Inkjet.ShellExtension.Native_Win32.dll {42042206-2D85-11D3-8CFF-005004838597} "Microsoft Office HTML Icon Handler" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\msohevi.dll {993BE281-6695-4BA5-8A2A-7AACBFAAB69E} "Microsoft Office Metadata Handler" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll {5858A72C-C2B4-4dd7-B2BF-B76DB1BD9F6C} "Microsoft Office OneNote Namespace Extension for Windows Desktop Search" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office12\ONFILTER.DLL {00020d75-0000-0000-c000-000000000046} "Microsoft Office Outlook" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office12\MLSHEXT.DLL {C41662BB-1FA0-4CE0-8DC5-9B7F8279FF97} "Microsoft Office Thumbnail Handler" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll {7842554E-6BED-11D2-8CDB-B05550C10000} "Monitor Class" - "Broadcom Corporation." - C:\Windows\system32\btncopy.dll {0006F045-0000-0000-C000-000000000046} "Outlook File Icon Extension" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office12\OLKFSTUB.DLL {C8494E42-ACDD-4739-B0FB-217361E4894F} "Sam Account Folder" - ? - (File not found | COM-object registry key not found) {E29F9716-5C08-4FCD-955A-119FDB5A522D} "Sam Account Folder" - ? - (File not found | COM-object registry key not found) {5E2121EE-0300-11D4-8D3B-444553540000} "SimpleShlExt Class" - ? - C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\atiacmxx.dll {da67b8ad-e81b-4c70-9b91b417b5e33527} "Windows Search Shell Service" - ? - (File not found | COM-object registry key not found) {B41DB860-8EE4-11D2-9906-E49FADC173CA} "WinRAR" - "Alexander Roshal" - C:\Program Files\WinRAR\rarext.dll [Internet Explorer] -----( HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser )----- <binary data> "Google Toolbar" - "Google Inc." - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll ITBar7Height "ITBar7Height" - ? - (File not found | COM-object registry key not found) <binary data> "ITBar7Layout" - ? - (File not found | COM-object registry key not found) <binary data> "Norton-Symbolleiste anzeigen" - "Symantec Corporation" - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\CoIEPlg.dll <binary data> "{855F3B16-6D32-4FE6-8A56-BBB695989046}" - ? - (File not found | COM-object registry key not found) -----( HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units )----- {8AD9C840-044E-11D1-B3E9-00805F499D93} "Java Plug-in 1.6.0_26" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} "Java Plug-in 1.6.0_26" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} "Java Plug-in 1.6.0_26" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\npjpi160_26.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab {7530BFB8-7293-4D34-9923-61A11451AFC5} "OnlineScanner Control" - "ESET" - C:\PROGRA~1\ESET\ESETON~1\ONLINE~1.OCX / hxxp://download.eset.com/special/eos/OnlineScanner.cab {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} "{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}" - ? - (File not found | COM-object registry key not found) / hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab {E2883E8F-472F-4FB0-9522-AC9BF37916A7} "{E2883E8F-472F-4FB0-9522-AC9BF37916A7}" - ? - (File not found | COM-object registry key not found) / hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab -----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions )----- "@btrez.dll,-4015" - ? - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm {48E73304-E1D6-4330-914C-F5F514E3486C} "An OneNote senden" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll "ICQ6" - "ICQ, LLC." - C:\Program Files\ICQ6.5\ICQ.exe {FF059E31-CC5A-4E2E-BF3B-96E929D65503} "Research" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL {898EA8C8-E7FF-479B-8935-AEC46303B9E5} "Skype Click to Call" - "Skype Technologies S.A." - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll -----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar )----- {8dcb7100-df86-4384-8842-8fa844297b3f} "Bing Bar" - "Microsoft Corporation." - C:\Program Files\Microsoft\BingBar\7.1.391.0\BingExt.dll <binary data> "Google Toolbar" - "Google Inc." - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} "Norton-Symbolleiste anzeigen" - "Symantec Corporation" - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\CoIEPlg.dll -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects )----- {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} "Adobe PDF Reader Link Helper" - "Adobe Systems Incorporated" - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll {d2ce3e00-f94a-4740-988e-03dc2f38c34f} "Bing Bar Helper" - "Microsoft Corporation." - C:\Program Files\Microsoft\BingBar\7.1.391.0\BingExt.dll {4E52A6BF-3F10-45E7-A6D8-93E4890ADFA9} "CouponAlerterBHO Class" - ? - C:\Program Files\GuteGutscheine\1.0.0.11\CouponAlerter.dll (File not found) {326E768D-4182-46FD-9C16-1449A49795F4} "DivX Plus Web Player HTML5 <video>" - "DivX, LLC" - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll {AA58ED58-01DD-4d91-8333-CF10577473F7} "Google Toolbar Helper" - "Google Inc." - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} "Google Toolbar Notifier BHO" - "Google Inc." - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7529.1424\swg.dll {DBC80044-A445-435b-BC74-9C25C1C588A9} "Java(tm) Plug-In 2 SSV Helper" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2ssv.dll {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} "Skype Browser Helper" - "Skype Technologies S.A." - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll {6D53EC84-6AAE-4787-AEEE-F4628F01010C} "Symantec Intrusion Prevention" - "Symantec Corporation" - C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} "{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}" - "Symantec Corporation" - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\coIEPlg.dll [Logon] -----( %APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup )----- "desktop.ini" - ? - C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini "PMB Medien-Prüfung.lnk" - "Sony Corporation" - C:\Program Files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe (Shortcut exists | File exists) -----( %AllUsersProfile%\Microsoft\Windows\Start Menu\Programs\Startup )----- "Adobe Reader - Schnellstart.lnk" - "Adobe Systems Incorporated" - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Shortcut exists | File exists) "desktop.ini" - ? - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini "McAfee Security Scan Plus.lnk" - "McAfee, Inc." - C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe (Shortcut exists | File exists) "Tevion Scanner Finder.lnk" - ? - C:\Program Files\Tevion\ScanWizard 5\ScannerFinder.exe (Shortcut exists | File exists) "BTTray.lnk" - "Broadcom Corporation." - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Shortcut exists | File exists) -----( HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run )----- "Device Detection" - ? - C:\Program Files\LIDL Fotoservice\dd.exe "InfoCockpit" - "Deutsche Telekom AG, T-Com" - C:\Program Files\T-Online\T-Online_Software_6\Info-Cockpit\IC_START.EXE /nosplash "ISUSPM" - "Macrovision Corporation" - "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler "Logitech Vid" - "Logitech Inc." - "C:\Program Files\Logitech\Logitech Vid\vid.exe" -bootmode "Nero MediaHome 4" - "Nero AG" - "C:\Program Files\Nero\Nero MediaHome 4\NeroMediaHome.exe" /AUTORUN "Skype" - "Skype Technologies S.A." - "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun "Sony PC Companion" - "Sony" - "C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe" /Background "swg" - "Google Inc." - "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" "T-Online_Software_6\WLAN-Access Finder" - "Deutsche Telekom AG, Marmiko IT-Solutions GmbH" - C:\Program Files\T-Online\WLAN-Access Finder\ToWLaAcF.exe /StartMinimized -----( HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server\Wds\rdpwd )----- "StartupPrograms" - ? - rdpclip (File not found) -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Run )----- "Adobe Photo Downloader" - "Adobe Systems Incorporated" - "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe" "APSDaemon" - "Apple Inc." - "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" "ccApp" - "Symantec Corporation" - "C:\Program Files\Common Files\Symantec Shared\ccApp.exe" "DivXUpdate" - ? - "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW "iTunesHelper" - "Apple Inc." - "C:\Program Files\iTunes\iTunesHelper.exe" "LanguageShortcut" - ? - "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe" "LogitechQuickCamRibbon" - "Logitech Inc." - "C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe" /hide "Nero MediaHome 4" - "Nero AG" - "C:\Program Files\Nero\Nero MediaHome 4\NeroMediaHome.exe" /AUTORUN "QuickTime Task" - "Apple Inc." - "C:\Program Files\QuickTime\QTTask.exe" -atboottime "RemoteControl" - "Cyberlink Corp." - "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" "StartCCC" - ? - C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (File found, but it contains no detailed information) "SunJavaUpdateSched" - "Sun Microsystems, Inc." - "C:\Program Files\Common Files\Java\Java Update\jusched.exe" [Print Monitors] -----( HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors )----- "Send To Microsoft OneNote Monitor" - "Microsoft Corporation" - C:\Windows\system32\msonpmon.dll [Services] -----( HKLM\SYSTEM\CurrentControlSet\Services )----- "@C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100" (WPFFontCache_v0400) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe "Adobe Flash Player Update Service" (AdobeFlashPlayerUpdateSvc) - "Adobe Systems Incorporated" - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe "Adobe LM Service" (Adobe LM Service) - "Adobe Systems" - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe "Apple Mobile Device" (Apple Mobile Device) - "Apple Inc." - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe "Automatisches LiveUpdate - Scheduler" (Automatic LiveUpdate Scheduler) - "Symantec Corporation" - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe "BBUpdate" (BBUpdate) - "Microsoft Corporation." - C:\Program Files\Microsoft\BingBar\7.1.391.0\SeaPort.exe "BingBar Service" (BBSvc) - "Microsoft Corporation." - C:\Program Files\Microsoft\BingBar\7.1.391.0\BBSvc.exe "COM Host" (comHost) - "Symantec Corporation" - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe "Cyberlink RichVideo Service(CRVS)" (RichVideo) - ? - C:\Program Files\CyberLink\Shared Files\RichVideo.exe "Dienst "Bonjour"" (Bonjour Service) - "Apple Inc." - C:\Program Files\Bonjour\mDNSResponder.exe "Google Software Updater" (gusvc) - "Google" - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe "Google Update Service (gupdate)" (gupdate) - "Google Inc." - C:\Program Files\Google\Update\GoogleUpdate.exe "Google Update-Dienst (gupdatem)" (gupdatem) - "Google Inc." - C:\Program Files\Google\Update\GoogleUpdate.exe "InstallDriver Table Manager" (IDriverT) - "Macrovision Corporation" - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe "iPod-Dienst" (iPod Service) - "Apple Inc." - C:\Program Files\iPod\bin\iPodService.exe "Kodak AiO Network Discovery Service" (Kodak AiO Network Discovery Service) - "Eastman Kodak Company" - C:\Program Files\Kodak\AiO\Center\EKAiOHostService.exe "LiveShare P2P Server 9" (RoxLiveShare9) - ? - "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe" (File not found) "LiveUpdate" (LiveUpdate) - "Symantec Corporation" - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE "LiveUpdate Notice" (LiveUpdate Notice) - "Symantec Corporation" - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe "MBAMScheduler" (MBAMScheduler) - "Malwarebytes Corporation" - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe "MBAMService" (MBAMService) - "Malwarebytes Corporation" - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe "McAfee Security Scan Component Host Service" (McComponentHostService) - "McAfee, Inc." - C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe "Microsoft .NET Framework NGEN v4.0.30319_X86" (clr_optimization_v4.0.30319_32) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe "Microsoft Office Diagnostics Service" (odserv) - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE "Nero MediaHome 4 Service" (NeroMediaHomeService.4) - "Nero AG" - C:\Program Files\Nero\Nero MediaHome 4\NMMediaServerService.exe "Office Source Engine" (ose) - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE "Process Monitor" (LVPrcSrv) - "Logitech Inc." - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe "Samsung Update Plus" (Samsung Update Plus) - ? - C:\Program Files\Samsung\Samsung Update Plus\SLUBackgroundService.exe (File found, but it contains no detailed information) "Skype C2C Service" (Skype C2C Service) - "Skype Technologies S.A." - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe "Skype Updater" (SkypeUpdate) - "Skype Technologies" - C:\Program Files\Skype\Updater\Updater.exe "SQL Server VSS Writer" (SQLWriter) - "Microsoft Corporation" - C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe "Symantec Core LC" (Symantec Core LC) - ? - C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe "Symantec Event Manager" (ccEvtMgr) - "Symantec Corporation" - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe "Symantec Lic NetConnect service" (CLTNetCnService) - "Symantec Corporation" - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe "Symantec Settings Manager" (ccSetMgr) - "Symantec Corporation" - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [Winsock Providers] -----( HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries )----- "mdnsNSP" - "Apple Inc." - C:\Program Files\Bonjour\mdnsNSP.dll ===[ Logfile end ]=========================================[ Logfile end ]=== Code:
ATTFilter aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-09-22 14:36:37
-----------------------------
14:36:37.837 OS Version: Windows 6.0.6001 Service Pack 1
14:36:37.837 Number of processors: 2 586 0xF0D
14:36:37.839 ComputerName: SANDRA-PC UserName: Sandra
14:36:39.185 Initialize success
14:41:21.381 AVAST engine defs: 12092100
14:43:27.362 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
14:43:27.365 Disk 0 Vendor: FUJITSU_MHY2200BH 0000000B Size: 190782MB BusType: 3
14:43:27.786 Disk 0 MBR read successfully
14:43:27.789 Disk 0 MBR scan
14:43:27.796 Disk 0 unknown MBR code
14:43:27.893 Disk 0 Partition 1 00 27 Hidden NTFS WinRE NTFS 10240 MB offset 2048
14:43:27.996 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 90429 MB offset 20973568
14:43:28.111 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 90111 MB offset 206172160
14:43:28.371 Disk 0 scanning sectors +390719488
14:43:29.083 Disk 0 scanning C:\Windows\system32\drivers
14:44:52.696 Service scanning
14:45:28.644 Modules scanning
14:46:59.998 Disk 0 trace - called modules:
14:47:00.117 ntoskrnl.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll ataport.SYS pciide.sys PCIIDEX.SYS atapi.sys
14:47:00.122 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x857dcac8]
14:47:00.127 3 CLASSPNP.SYS[8b449745] -> nt!IofCallDriver -> [0x85667a48]
14:47:00.133 5 acpi.sys[8ae336a0] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0x8566c5e8]
14:47:01.105 AVAST engine scan C:\Windows
14:48:16.665 AVAST engine scan C:\Windows\system32
14:59:08.812 AVAST engine scan C:\Windows\system32\drivers
14:59:29.763 AVAST engine scan C:\Users\Sandra
15:39:13.210 AVAST engine scan C:\ProgramData
15:53:30.814 Scan finished successfully
19:12:42.998 Disk 0 MBR has been saved successfully to "C:\Users\Sandra\Pictures\Desktop\Malwareangriff\MBR.dat"
19:12:43.005 The log file has been saved successfully to "C:\Users\Sandra\Pictures\Desktop\Malwareangriff\aswMBR.txt"
Viele Grüße Sandi |
|
24.09.2012, 12:46
| #24 |
| | Computer gesperrt, Bundespolizei Hallo Cosinus, was soll ich als nächstes tun? Bitte um Hilfe! |
|
24.09.2012, 18:49
| #25 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Computer gesperrt, Bundespolizei Wir sollten den MBR fixen, sichere für den Fall der Fälle ALLE wichtigen Daten, auch wenn meistens alles glatt geht. Hinweis: Mach bitte NICHT den MBR-Fix, wenn du noch andere Betriebssysteme wie zB Ubuntu installiert hast, ein MBR-Fix mit Windows-Tools macht ein parallel installiertes (Dualboot) Linux unbootbar. Mach den Fix auch dann nicht, wenn du zB mit TrueCrypt oder anderen Verschlüsselungsprogrammen eine Vollverschlüsselung der Windowspartition bzw. gesamten Festplatte hast Starte nach der Datensicherung aswmbr erneut und klick auf den Button FIXMBR. Hinweis: Bitte den Virenscanner abstellen bevor du aswMBR ausführst, denn v.a. Avira meldet darin oft einen Fehalalrm! Anschließend Windows neu starten und ein neues Log mit aswMBR machen.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
25.09.2012, 08:26
| #26 |
| | Computer gesperrt, Bundespolizei Hallo Cosinus, kann ich alle wichtigen Daten einfach auf eine externe Platte ziehen. Muss ich die Daten vorher säubern? Habe zur Zeit ja keinen funktionsfähigen Virenscanner? Hallo, habe in aswMBR FixMBR ausgeführt. Ich habe nicht erkennen können ob es funktioniert hat, Deswegen hier die Logdatei kurz nach dem ausführen des FixMBR: Code:
ATTFilter aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-09-25 12:24:08
-----------------------------
12:24:08.037 OS Version: Windows 6.0.6001 Service Pack 1
12:24:08.037 Number of processors: 2 586 0xF0D
12:24:08.041 ComputerName: SANDRA-PC UserName: Sandra
12:24:28.273 Initialize success
12:35:41.492 AVAST engine defs: 12092500
12:44:07.559 Verifying
12:44:17.586 Disk 0 Windows 600 MBR fixed successfully
12:46:26.182 Disk 0 MBR has been saved successfully to "C:\Users\Sandra\Pictures\Desktop\Malwareangriff\MBR.dat"
12:46:26.185 The log file has been saved successfully to "C:\Users\Sandra\Pictures\Desktop\Malwareangriff\aswMBRnachFixMBR.txt"
Code:
ATTFilter aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-09-25 12:56:12
-----------------------------
12:56:12.037 OS Version: Windows 6.0.6001 Service Pack 1
12:56:12.037 Number of processors: 2 586 0xF0D
12:56:12.040 ComputerName: SANDRA-PC UserName: Sandra
12:56:30.808 Initialize success
12:56:47.461 AVAST engine defs: 12092500
12:57:17.244 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
12:57:17.247 Disk 0 Vendor: FUJITSU_MHY2200BH 0000000B Size: 190782MB BusType: 3
12:57:17.273 Disk 0 MBR read successfully
12:57:17.277 Disk 0 MBR scan
12:57:17.285 Disk 0 Windows VISTA default MBR code
12:57:17.293 Disk 0 Partition 1 00 27 Hidden NTFS WinRE NTFS 10240 MB offset 2048
12:57:17.318 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 90429 MB offset 20973568
12:57:17.344 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 90111 MB offset 206172160
12:57:17.356 Disk 0 scanning sectors +390719488
12:57:17.440 Disk 0 scanning C:\Windows\system32\drivers
12:57:33.672 Service scanning
12:58:13.577 Modules scanning
12:58:31.899 Disk 0 trace - called modules:
12:58:31.921 ntoskrnl.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll ataport.SYS pciide.sys PCIIDEX.SYS atapi.sys
12:58:31.927 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x86476ac8]
12:58:31.932 3 CLASSPNP.SYS[8b849745] -> nt!IofCallDriver -> [0x85a67a48]
12:58:31.937 5 acpi.sys[8b2336a0] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0x85a70ba0]
12:58:32.627 AVAST engine scan C:\Windows
12:58:36.422 AVAST engine scan C:\Windows\system32
13:03:09.976 AVAST engine scan C:\Windows\system32\drivers
13:03:29.560 AVAST engine scan C:\Users\Sandra
13:29:25.464 AVAST engine scan C:\ProgramData
13:38:41.494 Scan finished successfully
13:39:33.404 Disk 0 MBR has been saved successfully to "C:\Users\Sandra\Pictures\Desktop\Malwareangriff\MBR.dat"
13:39:33.411 The log file has been saved successfully to "C:\Users\Sandra\Pictures\Desktop\Malwareangriff\aswMBR25_09_2012.txt"
Irgendetwas hat sich verstellt, den jetzt meldet sich immer die Benutzerkontensteuerung. Unter Systemsteuerung ist aber kein Haken drin! Ich müsste eine dringende Onlineüberweisung tätigen. Ist das jetzt schon wieder ohne Gefahr möglich? Viele Grüße Sandi |
|
25.09.2012, 12:53
| #27 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Computer gesperrt, Bundespolizei Ja, aber bitte nur Datendateien, keine Programme, Spiele oder Setups!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
25.09.2012, 13:25
| #28 |
| | Computer gesperrt, Bundespolizei Hallo Cosinus, habe Daten gesichert und in aswMBR FixMBR ausgeführt. Logdateien habe ich schon gepostet. |
|
25.09.2012, 14:52
| #29 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Computer gesperrt, Bundespolizei Sieht ok aus. Wir sollten fast durch sein. Mach bitte zur Kontrolle Vollscans mit Malwarebytes und SUPERAntiSpyware und poste die Logs. Denk dran beide Tools zu updaten vor dem Scan!!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
26.09.2012, 09:10
| #30 |
| | Computer gesperrt, Bundespolizei Hallo hier die Logdateien: Malewarebytes: Code:
ATTFilter Malwarebytes Anti-Malware (Test) 1.65.0.1400 www.malwarebytes.org Datenbank Version: v2012.09.25.10 Windows Vista Service Pack 1 x86 NTFS Internet Explorer 8.0.6001.19088 Sandra :: SANDRA-PC [Administrator] Schutz: Aktiviert 25.09.2012 18:41:05 mbam-log-2012-09-25 (18-41-05).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|F:\|) Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 449961 Laufzeit: 2 Stunde(n), 10 Minute(n), 30 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) Code:
ATTFilter
SUPERAntiSpyware Scan Log
hxxp://www.superantispyware.com
Generated 09/26/2012 at 01:45 AM
Application Version : 5.5.1016
Core Rules Database Version : 9290
Trace Rules Database Version: 7102
Scan type : Complete Scan
Total Scan Time : 03:14:33
Operating System Information
Windows Vista Home Premium 32-bit, Service Pack 1 (Build 6.00.6001)
UAC On - Administrator
Memory items scanned : 971
Memory threats detected : 0
Registry items scanned : 39072
Registry threats detected : 0
File items scanned : 191035
File threats detected : 383
Adware.Tracking Cookie
C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Cookies\sandra@2o7[1].txt [ /2o7 ]
C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Cookies\sandra@2o7[2].txt [ /2o7 ]
C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Cookies\sandra@a.revenuemax[1].txt [ /a.revenuemax ]
C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Cookies\sandra@accounts.google[2].txt [ /accounts.google ]
C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Cookies\sandra@accounts.youtube[1].txt [ /accounts.youtube ]
C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Cookies\sandra@accounts.youtube[2].txt [ /accounts.youtube ]
C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Cookies\sandra@accounts.youtube[3].txt [ /accounts.youtube ]
C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Cookies\sandra@ad.123-template[1].txt [ /ad.123-template ]
C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Cookies\sandra@ad.360yield[2].txt [ /ad.360yield ]
C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Cookies\sandra@ad.ad-srv[1].txt [ /ad.ad-srv ]
C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Cookies\sandra@ad.ad-srv[2].txt [ /ad.ad-srv ]
C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Cookies\sandra@ad.adc-serv[2].txt [ /ad.adc-serv ]
C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Cookies\sandra@ad.adnet[1].txt [ /ad.adnet ]
C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Cookies\sandra@ad.adnet[2].txt [ /ad.adnet ]
C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Cookies\sandra@ad.dyntracker[1].txt [ /ad.dyntracker ]
C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Cookies\sandra@ad.dyntracker[3].txt [ /ad.dyntracker ]
C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Cookies\sandra@ad.yieldmanager[1].txt [ /ad.yieldmanager ]
C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Cookies\sandra@ad.yieldmanager[3].txt [ /ad.yieldmanager ]
C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Cookies\sandra@ad.zanox[2].txt [ /ad.zanox ]
C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Cookies\sandra@ad.zanox[3].txt [ /ad.zanox ]
C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Cookies\sandra@ad.zanox[4].txt [ /ad.zanox ]
C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Cookies\sandra@ad1.adfarm1.adition[1].txt [ /ad1.adfarm1.adition ]
C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Cookies\sandra@ad2.adfarm1.adition[1].txt [ /ad2.adfarm1.adition ]
C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Cookies\sandra@ad2.adfarm1.adition[2].txt [ /ad2.adfarm1.adition ]
C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Cookies\sandra@ad2.adfarm1.adition[3].txt [ /ad2.adfarm1.adition ]
C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Cookies\sandra@ad2.adfarm1.adition[4].txt [ /ad2.adfarm1.adition ]
C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Cookies\sandra@ad3.adfarm1.adition[2].txt [ /ad3.adfarm1.adition ]
C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Cookies\sandra@ad3.adfarm1.adition[3].txt [ /ad3.adfarm1.adition ]
C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Cookies\sandra@ad4.adfarm1.adition[1].txt [ /ad4.adfarm1.adition ]
C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Cookies\sandra@ad4.adfarm1.adition[2].txt [ /ad4.adfarm1.adition ]
C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Cookies\sandra@ad4.adfarm1.adition[3].txt [ /ad4.adfarm1.adition ]
C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Cookies\sandra@ad4.adfarm1.adition[5].txt [ /ad4.adfarm1.adition ]
C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Cookies\sandra@adbrite[1].txt [ /adbrite ]
C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Cookies\sandra@adbrite[3].txt [ /adbrite ]
C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Cookies\sandra@adfarm1.adition[1].txt [ /adfarm1.adition ]
C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Cookies\sandra@adfarm1.adition[2].txt [ /adfarm1.adition ]
C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Cookies\sandra@adfarm1.adition[3].txt [ /adfarm1.adition ]
C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Cookies\sandra@adfarm1.adition[4].txt [ /adfarm1.adition ]
C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Cookies\sandra@adfarm1.adition[5].txt [ /adfarm1.adition ]
C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Cookies\sandra@adfarm1.adition[6].txt [ /adfarm1.adition ]
C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Cookies\sandra@adfarm1.adition[7].txt [ /adfarm1.adition ]
C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Cookies\sandra@adfarm1.adition[9].txt [ /adfarm1.adition ]
C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Cookies\sandra@adformdsp[1].txt [ /adformdsp ]
C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Cookies\sandra@adform[1].txt [ /adform ]
C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Cookies\sandra@adnetwork[1].txt [ /adnetwork ]
C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Cookies\sandra@ads.1a-infosysteme[1].txt [ /ads.1a-infosysteme ]
C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Cookies\sandra@ads.blackfling[1].txt [ /ads.blackfling ]
C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Cookies\sandra@ads.crakmedia[2].txt [ /ads.crakmedia ]
C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Cookies\sandra@ads.creative-serving[1].txt [ /ads.creative-serving ]
C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Cookies\sandra@ads.getyourguide[2].txt [ /ads.getyourguide ]
C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Cookies\sandra@ads.jinkads[1].txt [ /ads.jinkads ]
C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Cookies\sandra@ads.trafficjunky[1].txt [ /ads.trafficjunky ]
C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Cookies\sandra@ads.undertone[2].txt [ /ads.undertone ]
C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Cookies\sandra@ads.unister-gmbh[1].txt [ /ads.unister-gmbh ]
C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Cookies\sandra@ads2.zeusclicks[1].txt [ /ads2.zeusclicks ]
C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Cookies\sandra@adserve.f-flirts[2].txt [ /adserve.f-flirts ]
C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Cookies\sandra@adserver.mediadomain-verlag[2].txt [ /adserver.mediadomain-verlag ]
C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Cookies\sandra@adtech[1].txt [ /adtech ]
C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Cookies\sandra@adtech[2].txt [ /adtech ]
C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Cookies\sandra@adtech[3].txt [ /adtech ]
C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Cookies\sandra@adultfriendfinder[1].txt [ /adultfriendfinder ]
C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Cookies\sandra@adultfriendfinder[2].txt [ /adultfriendfinder ]
C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Cookies\sandra@adv1.rack-media[2].txt [ /adv1.rack-media ]
C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Cookies\sandra@advertising[1].txt [ /advertising ]
C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Cookies\sandra@adviva[1].txt [ /adviva ]
C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Cookies\sandra@adviva[2].txt [ /adviva ]
C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Cookies\sandra@adx.chip[2].txt [ /adx.chip ]
C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Cookies\sandra@adxpansion[2].txt [ /adxpansion ]
C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Cookies\sandra@amazon-adsystem[1].txt [ /amazon-adsystem ]
C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Cookies\sandra@apmebf[1].txt [ /apmebf ]
C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Cookies\sandra@apmebf[2].txt [ /apmebf ]
C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Cookies\sandra@at.atwola[1].txt [ /at.atwola ]
C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Cookies\sandra@atdmt[1].txt [ /atdmt ]
C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Cookies\sandra@atdmt[2].txt [ /atdmt ]
C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Cookies\sandra@atdmt[4].txt [ /atdmt ]
C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Cookies\sandra@bannerboard[1].txt [ /bannerboard ]
C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Cookies\sandra@bs.serving-sys[2].txt [ /bs.serving-sys ]
C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Cookies\sandra@burstnet[1].txt [ /burstnet ]
C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Cookies\sandra@c.atdmt[2].txt [ /c.atdmt ]
C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Cookies\sandra@c.atdmt[3].txt [ /c.atdmt ]
C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Cookies\sandra@casalemedia[2].txt [ /casalemedia ]
C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Cookies\sandra@collective-media[1].txt [ /collective-media ]
C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Cookies\sandra@doubleclick[10].txt [ /doubleclick ]
C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Cookies\sandra@doubleclick[11].txt [ /doubleclick ]
C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Cookies\sandra@doubleclick[1].txt [ /doubleclick ]
C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Cookies\sandra@doubleclick[2].txt [ /doubleclick ]
C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Cookies\sandra@doubleclick[3].txt [ /doubleclick ]
C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Cookies\sandra@doubleclick[4].txt [ /doubleclick ]
C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Cookies\sandra@doubleclick[5].txt [ /doubleclick ]
C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Cookies\sandra@doubleclick[6].txt [ /doubleclick ]
C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Cookies\sandra@doubleclick[7].txt [ /doubleclick ]
C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Cookies\sandra@doubleclick[8].txt [ /doubleclick ]
C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Cookies\sandra@doubleclick[9].txt [ /doubleclick ]
C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Cookies\sandra@eaeacom.112.2o7[2].txt [ /eaeacom.112.2o7 ]
C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Cookies\sandra@eas.apm.emediate[1].txt [ /eas.apm.emediate ]
C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Cookies\sandra@eas.apm.emediate[2].txt [ /eas.apm.emediate ]
C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Cookies\sandra@eas.apm.emediate[3].txt [ /eas.apm.emediate ]
C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Cookies\sandra@ehg-foxsports.hitbox[1].txt [ /ehg-foxsports.hitbox ]
C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Cookies\sandra@ehg-foxsports.hitbox[2].txt [ /ehg-foxsports.hitbox ]
C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Cookies\sandra@ehg-foxsports.hitbox[3].txt [ /ehg-foxsports.hitbox ]
C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Cookies\sandra@ehg-foxsports.hitbox[4].txt [ /ehg-foxsports.hitbox ]
C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Cookies\sandra@ehg-foxsports.hitbox[5].txt [ /ehg-foxsports.hitbox ]
C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Cookies\sandra@ehg-foxsports.hitbox[6].txt [ /ehg-foxsports.hitbox ]
C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Cookies\sandra@ero-advertising[1].txt [ /ero-advertising ]
C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Cookies\sandra@ero-advertising[3].txt [ /ero-advertising ]
C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Cookies\sandra@etargetnet[2].txt [ /etargetnet ]
C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Cookies\sandra@exoclick[2].txt [ /exoclick ]
C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Cookies\sandra@fastclick[1].txt [ /fastclick ]
C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Cookies\sandra@fastclick[3].txt [ /fastclick ]
C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Cookies\sandra@hertz.122.2o7[1].txt [ /hertz.122.2o7 ]
C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Cookies\sandra@histats[1].txt [ /histats ]
C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Cookies\sandra@histats[2].txt [ /histats ]
C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Cookies\sandra@hitbox[1].txt [ /hitbox ]
C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Cookies\sandra@im.banner.t-online[2].txt [ /im.banner.t-online ]
C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Cookies\sandra@im.banner.t-online[3].txt [ /im.banner.t-online ]
C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Cookies\sandra@imrworldwide[2].txt [ /imrworldwide ]
C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Cookies\sandra@insightexpressai[1].txt [ /insightexpressai ]
C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Cookies\sandra@invitemedia[1].txt [ /invitemedia ]
C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Cookies\sandra@invitemedia[2].txt [ /invitemedia ]
C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Cookies\sandra@kursnet-finden.arbeitsagentur[1].txt [ /kursnet-finden.arbeitsagentur ]
C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Cookies\sandra@lfstmedia[1].txt [ /lfstmedia ]
C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Cookies\sandra@liveperson[1].txt [ /liveperson ]
C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Cookies\sandra@liveperson[3].txt [ /liveperson ]
C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Cookies\sandra@lucidmedia[1].txt [ /lucidmedia ]
C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Cookies\sandra@media.photobucket[2].txt [ /media.photobucket ]
C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Cookies\sandra@media6degrees[2].txt [ /media6degrees ]
C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Cookies\sandra@mediaplex[1].txt [ /mediaplex ]
C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Cookies\sandra@mediaplex[3].txt [ /mediaplex ]
C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Cookies\sandra@ox-d.adnetxchange[2].txt [ /ox-d.adnetxchange ]
C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Cookies\sandra@ox-d.secure-clicks[2].txt [ /ox-d.secure-clicks ]
C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Cookies\sandra@partners.webmasterplan[2].txt [ /partners.webmasterplan ]
C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Cookies\sandra@quartermedia[2].txt [ /quartermedia ]
C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Cookies\sandra@questionmarket[1].txt [ /questionmarket ]
C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Cookies\sandra@revsci[1].txt [ /revsci ]
C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Cookies\sandra@revsci[3].txt [ /revsci ]
C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Cookies\sandra@ru4[2].txt [ /ru4 ]
C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Cookies\sandra@server.adformdsp[1].txt [ /server.adformdsp ]
C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Cookies\sandra@server.iad.liveperson[1].txt [ /server.iad.liveperson ]
C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Cookies\sandra@serving-sys[1].txt [ /serving-sys ]
C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Cookies\sandra@serving-sys[3].txt [ /serving-sys ]
C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Cookies\sandra@sk.search.etargetnet[2].txt [ /sk.search.etargetnet ]
C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Cookies\sandra@smartadserver[1].txt [ /smartadserver ]
C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Cookies\sandra@smartadserver[2].txt [ /smartadserver ]
C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Cookies\sandra@smartadserver[3].txt [ /smartadserver ]
C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Cookies\sandra@sonyeurope.112.2o7[1].txt [ /sonyeurope.112.2o7 ]
C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Cookies\sandra@statcounter[1].txt [ /statcounter ]
C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Cookies\sandra@stats.goomradio[2].txt [ /stats.goomradio ]
C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Cookies\sandra@statse.webtrendslive[2].txt [ /statse.webtrendslive ]
C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Cookies\sandra@syndication.traffichaus[1].txt [ /syndication.traffichaus ]
C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Cookies\sandra@tomtailor.dyntracker[2].txt [ /tomtailor.dyntracker ]
C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Cookies\sandra@toplist[1].txt [ /toplist ]
C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Cookies\sandra@toplist[2].txt [ /toplist ]
C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Cookies\sandra@track.adform[2].txt [ /track.adform ]
C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Cookies\sandra@track.zalando[1].txt [ /track.zalando ]
C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Cookies\sandra@tracker.vinsight[2].txt [ /tracker.vinsight ]
C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Cookies\sandra@tracking.quisma[1].txt [ /tracking.quisma ]
C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Cookies\sandra@tracking.quisma[2].txt [ /tracking.quisma ]
C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Cookies\sandra@tradedoubler[2].txt [ /tradedoubler ]
C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Cookies\sandra@tradedoubler[3].txt [ /tradedoubler ]
C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Cookies\sandra@traffictrack[2].txt [ /traffictrack ]
C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Cookies\sandra@tribalfusion[1].txt [ /tribalfusion ]
C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Cookies\sandra@unister-adservices[1].txt [ /unister-adservices ]
C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Cookies\sandra@unitymediaforum[1].txt [ /unitymediaforum ]
C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Cookies\sandra@unitymedia[2].txt [ /unitymedia ]
C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Cookies\sandra@webmasterplan[1].txt [ /webmasterplan ]
C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Cookies\sandra@webmasterplan[2].txt [ /webmasterplan ]
C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Cookies\sandra@webmasterplan[3].txt [ /webmasterplan ]
C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Cookies\sandra@ww251.smartadserver[1].txt [ /ww251.smartadserver ]
C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Cookies\sandra@ww251.smartadserver[2].txt [ /ww251.smartadserver ]
C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Cookies\sandra@www.active-tracking[2].txt [ /www.active-tracking ]
C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Cookies\sandra@www.etracker[1].txt [ /www.etracker ]
C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Cookies\sandra@www.fpctraffic2[1].txt [ /www.fpctraffic2 ]
C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Cookies\sandra@www.googleadservices[1].txt [ /www.googleadservices ]
C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Cookies\sandra@www.googleadservices[2].txt [ /www.googleadservices ]
C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Cookies\sandra@www.googleadservices[3].txt [ /www.googleadservices ]
C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Cookies\sandra@www.googleadservices[4].txt [ /www.googleadservices ]
C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Cookies\sandra@www.googleadservices[7].txt [ /www.googleadservices ]
C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Cookies\sandra@www.zanox-affiliate[2].txt [ /www.zanox-affiliate ]
C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Cookies\sandra@www4.smartadserver[2].txt [ /www4.smartadserver ]
C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Cookies\sandra@xiti[2].txt [ /xiti ]
C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Cookies\sandra@yadro[2].txt [ /yadro ]
C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Cookies\sandra@yieldmanager[1].txt [ /yieldmanager ]
C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Cookies\sandra@zanox-affiliate[1].txt [ /zanox-affiliate ]
C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Cookies\sandra@zanox-affiliate[2].txt [ /zanox-affiliate ]
C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Cookies\sandra@zanox-affiliate[3].txt [ /zanox-affiliate ]
C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Cookies\sandra@zanox[1].txt [ /zanox ]
C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Cookies\sandra@zanox[2].txt [ /zanox ]
C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Cookies\sandra@uk.sitestat[1].txt [ /uk.sitestat.com ]
C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Cookies\sandra@de.sitestat[1].txt [ /de.sitestat.com ]
C:\USERS\NEROMEDIAHOMEUSER.4\AppData\Roaming\Microsoft\Windows\Cookies\neromediahomeuser.4@zdf[4].txt [ Cookie:neromediahomeuser.4@zdf.de/ ]
C:\USERS\NEROMEDIAHOMEUSER.4\Cookies\neromediahomeuser.4@zdf[4].txt [ Cookie:neromediahomeuser.4@zdf.de/ ]
C:\USERS\SANDRA\AppData\Roaming\Microsoft\Windows\Cookies\sandra@clkads[1].txt [ Cookie:sandra@clkads.com/adServe/banners ]
C:\USERS\SANDRA\AppData\Roaming\Microsoft\Windows\Cookies\sandra@gallys.gfrevenge[2].txt [ Cookie:sandra@gallys.gfrevenge.com/vbanners/ ]
C:\USERS\SANDRA\AppData\Roaming\Microsoft\Windows\Cookies\sandra@www.google[3].txt [ Cookie:sandra@www.google.com/insights/search ]
C:\USERS\SANDRA\AppData\Roaming\Microsoft\Windows\Cookies\sandra@google[6].txt [ Cookie:sandra@google.com/accounts/ ]
C:\USERS\SANDRA\AppData\Roaming\Microsoft\Windows\Cookies\sandra@www.google[2].txt [ Cookie:sandra@www.google.de/accounts ]
C:\USERS\SANDRA\AppData\Roaming\Microsoft\Windows\Cookies\sandra@www.google[1].txt [ Cookie:sandra@www.google.com/accounts ]
C:\USERS\SANDRA\AppData\Roaming\Microsoft\Windows\Cookies\Low\sandra@mediaplex[1].txt [ Cookie:sandra@mediaplex.com/ ]
C:\USERS\SANDRA\AppData\Roaming\Microsoft\Windows\Cookies\Low\sandra@apmebf[1].txt [ Cookie:sandra@apmebf.com/ ]
C:\USERS\SANDRA\AppData\Roaming\Microsoft\Windows\Cookies\Low\sandra@atdmt[2].txt [ Cookie:sandra@atdmt.com/ ]
C:\USERS\SANDRA\Cookies\sandra@clkads[1].txt [ Cookie:sandra@clkads.com/adServe/banners ]
C:\USERS\SANDRA\Cookies\sandra@imrworldwide[2].txt [ Cookie:sandra@imrworldwide.com/cgi-bin ]
C:\USERS\SANDRA\Cookies\sandra@mediaplex[3].txt [ Cookie:sandra@mediaplex.com/ ]
C:\USERS\SANDRA\Cookies\sandra@liveperson[3].txt [ Cookie:sandra@liveperson.net/hc/11042824 ]
C:\USERS\SANDRA\Cookies\sandra@www.googleadservices[2].txt [ Cookie:sandra@www.googleadservices.com/pagead/conversion/1030004439/ ]
C:\USERS\SANDRA\Cookies\sandra@xiti[2].txt [ Cookie:sandra@xiti.com/ ]
C:\USERS\SANDRA\Cookies\sandra@lucidmedia[1].txt [ Cookie:sandra@lucidmedia.com/ ]
C:\USERS\SANDRA\Cookies\sandra@gallys.gfrevenge[2].txt [ Cookie:sandra@gallys.gfrevenge.com/vbanners/ ]
C:\USERS\SANDRA\Cookies\sandra@www.zanox-affiliate[2].txt [ Cookie:sandra@www.zanox-affiliate.de/ ]
C:\USERS\SANDRA\Cookies\sandra@casalemedia[2].txt [ Cookie:sandra@casalemedia.com/ ]
C:\USERS\SANDRA\Cookies\sandra@tradedoubler[3].txt [ Cookie:sandra@tradedoubler.com/ ]
C:\USERS\SANDRA\Cookies\sandra@ad2.adfarm1.adition[1].txt [ Cookie:sandra@ad2.adfarm1.adition.com/ ]
C:\USERS\SANDRA\Cookies\sandra@ehg-foxsports.hitbox[2].txt [ Cookie:sandra@ehg-foxsports.hitbox.com/ ]
C:\USERS\SANDRA\Cookies\sandra@collective-media[1].txt [ Cookie:sandra@collective-media.net/ ]
C:\USERS\SANDRA\Cookies\sandra@amazon-adsystem[1].txt [ Cookie:sandra@amazon-adsystem.com/ ]
C:\USERS\SANDRA\Cookies\sandra@hitbox[1].txt [ Cookie:sandra@hitbox.com/ ]
C:\USERS\SANDRA\Cookies\sandra@unister-adservices[1].txt [ Cookie:sandra@unister-adservices.com/ ]
C:\USERS\SANDRA\Cookies\sandra@ad.yieldmanager[3].txt [ Cookie:sandra@ad.yieldmanager.com/ ]
C:\USERS\SANDRA\Cookies\sandra@kursnet-finden.arbeitsagentur[1].txt [ Cookie:sandra@kursnet-finden.arbeitsagentur.de/kurs/ ]
C:\USERS\SANDRA\Cookies\sandra@apmebf[2].txt [ Cookie:sandra@apmebf.com/ ]
C:\USERS\SANDRA\Cookies\sandra@advertising[1].txt [ Cookie:sandra@advertising.com/ ]
C:\USERS\SANDRA\Cookies\sandra@server.iad.liveperson[1].txt [ Cookie:sandra@server.iad.liveperson.net/ ]
C:\USERS\SANDRA\Cookies\sandra@adserve.f-flirts[2].txt [ Cookie:sandra@adserve.f-flirts.com/ ]
C:\USERS\SANDRA\Cookies\sandra@traffictrack[2].txt [ Cookie:sandra@traffictrack.de/ ]
C:\USERS\SANDRA\Cookies\sandra@ox-d.secure-clicks[2].txt [ Cookie:sandra@ox-d.secure-clicks.org/ ]
C:\USERS\SANDRA\Cookies\sandra@atdmt[4].txt [ Cookie:sandra@atdmt.com/ ]
C:\USERS\SANDRA\Cookies\sandra@uk.sitestat[1].txt [ Cookie:sandra@uk.sitestat.com/isango/isango/ ]
C:\USERS\SANDRA\Cookies\sandra@doubleclick[9].txt [ Cookie:sandra@doubleclick.net/ ]
C:\USERS\SANDRA\Cookies\sandra@www.usenext[2].txt [ Cookie:sandra@www.usenext.de/ ]
C:\USERS\SANDRA\Cookies\sandra@im.banner.t-online[3].txt [ Cookie:sandra@im.banner.t-online.de/ ]
C:\USERS\SANDRA\Cookies\sandra@ad3.adfarm1.adition[3].txt [ Cookie:sandra@ad3.adfarm1.adition.com/ ]
C:\USERS\SANDRA\Cookies\sandra@2o7[1].txt [ Cookie:sandra@2o7.net/ ]
C:\USERS\SANDRA\Cookies\sandra@webmasterplan[1].txt [ Cookie:sandra@webmasterplan.com/ ]
C:\USERS\SANDRA\Cookies\sandra@revsci[3].txt [ Cookie:sandra@revsci.net/ ]
C:\USERS\SANDRA\Cookies\sandra@tribalfusion[1].txt [ Cookie:sandra@tribalfusion.com/ ]
C:\USERS\SANDRA\Cookies\sandra@questionmarket[1].txt [ Cookie:sandra@questionmarket.com/ ]
C:\USERS\SANDRA\Cookies\sandra@www.google[3].txt [ Cookie:sandra@www.google.com/insights/search ]
C:\USERS\SANDRA\Cookies\sandra@www.googleadservices[3].txt [ Cookie:sandra@www.googleadservices.com/pagead/conversion/1069787306/ ]
C:\USERS\SANDRA\Cookies\sandra@invitemedia[2].txt [ Cookie:sandra@invitemedia.com/ ]
C:\USERS\SANDRA\Cookies\sandra@adform[1].txt [ Cookie:sandra@adform.net/ ]
C:\USERS\SANDRA\Cookies\sandra@ad.adnet[1].txt [ Cookie:sandra@ad.adnet.de/ ]
C:\USERS\SANDRA\Cookies\sandra@track.adform[2].txt [ Cookie:sandra@track.adform.net/ ]
C:\USERS\SANDRA\Cookies\sandra@a.revenuemax[1].txt [ Cookie:sandra@a.revenuemax.de/ ]
C:\USERS\SANDRA\Cookies\sandra@tracking.quisma[2].txt [ Cookie:sandra@tracking.quisma.com/ ]
C:\USERS\SANDRA\Cookies\sandra@ads.trafficjunky[1].txt [ Cookie:sandra@ads.trafficjunky.net/ ]
C:\USERS\SANDRA\Cookies\sandra@de.sitestat[1].txt [ Cookie:sandra@de.sitestat.com/is24-community/is24-community/ ]
C:\USERS\SANDRA\Cookies\sandra@eaeacom.112.2o7[2].txt [ Cookie:sandra@eaeacom.112.2o7.net/ ]
C:\USERS\SANDRA\Cookies\sandra@adviva[2].txt [ Cookie:sandra@adviva.net/ ]
C:\USERS\SANDRA\Cookies\sandra@sonyeurope.112.2o7[1].txt [ Cookie:sandra@sonyeurope.112.2o7.net/ ]
C:\USERS\SANDRA\Cookies\sandra@ru4[2].txt [ Cookie:sandra@ru4.com/ ]
C:\USERS\SANDRA\Cookies\sandra@adformdsp[1].txt [ Cookie:sandra@adformdsp.net/ ]
C:\USERS\SANDRA\Cookies\sandra@server.adformdsp[1].txt [ Cookie:sandra@server.adformdsp.net/ ]
C:\USERS\SANDRA\Cookies\sandra@adultfriendfinder[1].txt [ Cookie:sandra@adultfriendfinder.com/ ]
C:\USERS\SANDRA\Cookies\sandra@ox-d.adnetxchange[2].txt [ Cookie:sandra@ox-d.adnetxchange.com/ ]
C:\USERS\SANDRA\Cookies\sandra@sk.search.etargetnet[2].txt [ Cookie:sandra@sk.search.etargetnet.com/ ]
C:\USERS\SANDRA\Cookies\sandra@adbrite[3].txt [ Cookie:sandra@adbrite.com/ ]
C:\USERS\SANDRA\Cookies\sandra@histats[2].txt [ Cookie:sandra@histats.com/stats/ ]
C:\USERS\SANDRA\Cookies\sandra@ads2.zeusclicks[1].txt [ Cookie:sandra@ads2.zeusclicks.com/ ]
C:\USERS\SANDRA\Cookies\sandra@serving-sys[3].txt [ Cookie:sandra@serving-sys.com/ ]
C:\USERS\SANDRA\Cookies\sandra@quartermedia[2].txt [ Cookie:sandra@quartermedia.de/ ]
C:\USERS\SANDRA\Cookies\sandra@liveperson[1].txt [ Cookie:sandra@liveperson.net/ ]
C:\USERS\SANDRA\Cookies\sandra@burstnet[1].txt [ Cookie:sandra@burstnet.com/ ]
C:\USERS\SANDRA\Cookies\sandra@hertz.122.2o7[1].txt [ Cookie:sandra@hertz.122.2o7.net/ ]
C:\USERS\SANDRA\Cookies\sandra@www.googleadservices[1].txt [ Cookie:sandra@www.googleadservices.com/pagead/conversion/1068627716/ ]
C:\USERS\SANDRA\Cookies\sandra@statse.webtrendslive[2].txt [ Cookie:sandra@statse.webtrendslive.com/ ]
C:\USERS\SANDRA\Cookies\sandra@statcounter[1].txt [ Cookie:sandra@statcounter.com/ ]
C:\USERS\SANDRA\Cookies\sandra@media.photobucket[2].txt [ Cookie:sandra@media.photobucket.com/ ]
C:\USERS\SANDRA\Cookies\sandra@histats[1].txt [ Cookie:sandra@histats.com/ ]
C:\USERS\SANDRA\Cookies\sandra@ad.dyntracker[3].txt [ Cookie:sandra@ad.dyntracker.de/ ]
C:\USERS\SANDRA\Cookies\sandra@www.googleadservices[7].txt [ Cookie:sandra@www.googleadservices.com/pagead/conversion/995553404/ ]
C:\USERS\SANDRA\Cookies\sandra@adxpansion[2].txt [ Cookie:sandra@adxpansion.com/ ]
C:\USERS\SANDRA\Cookies\sandra@invitemedia[1].txt [ Cookie:sandra@invitemedia.com/ ]
C:\USERS\SANDRA\Cookies\sandra@tracker.vinsight[2].txt [ Cookie:sandra@tracker.vinsight.de/ ]
C:\USERS\SANDRA\Cookies\sandra@adtech[3].txt [ Cookie:sandra@adtech.de/ ]
C:\USERS\SANDRA\Cookies\sandra@www.googleadservices[4].txt [ Cookie:sandra@www.googleadservices.com/pagead/conversion/1064217298/ ]
C:\USERS\SANDRA\Cookies\sandra@google[6].txt [ Cookie:sandra@google.com/accounts/ ]
C:\USERS\SANDRA\Cookies\sandra@www.google[2].txt [ Cookie:sandra@www.google.de/accounts ]
C:\USERS\SANDRA\Cookies\sandra@www.google[1].txt [ Cookie:sandra@www.google.com/accounts ]
C:\USERS\SANDRA\Cookies\sandra@stats.goomradio[2].txt [ Cookie:sandra@stats.goomradio.com/player/ ]
.doubleclick.net [ C:\USERS\SANDRA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
accounts.google.com [ C:\USERS\SANDRA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
accounts.google.com [ C:\USERS\SANDRA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.zanox.com [ C:\USERS\SANDRA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.aok.122.2o7.net [ C:\USERS\SANDRA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.smartadserver.com [ C:\USERS\SANDRA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.xiti.com [ C:\USERS\SANDRA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.im.banner.t-online.de [ C:\USERS\SANDRA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\SANDRA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\SANDRA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\SANDRA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zanox-affiliate.de [ C:\USERS\SANDRA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tradetracker.net [ C:\USERS\SANDRA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.webmasterplan.com [ C:\USERS\SANDRA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
track.adform.net [ C:\USERS\SANDRA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\SANDRA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.apmebf.com [ C:\USERS\SANDRA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mediaplex.com [ C:\USERS\SANDRA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adbrite.com [ C:\USERS\SANDRA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adbrite.com [ C:\USERS\SANDRA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\USERS\SANDRA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\USERS\SANDRA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\USERS\SANDRA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\USERS\SANDRA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\USERS\SANDRA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\USERS\SANDRA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ec-track.com [ C:\USERS\SANDRA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.smartadserver.com [ C:\USERS\SANDRA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.webmasterplan.com [ C:\USERS\SANDRA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.zanox.com [ C:\USERS\SANDRA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.webmasterplan.com [ C:\USERS\SANDRA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\USERS\SANDRA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\USERS\SANDRA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tracking.quisma.com [ C:\USERS\SANDRA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tracking.mindshare.de [ C:\USERS\SANDRA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\SANDRA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\SANDRA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\SANDRA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tradedoubler.com [ C:\USERS\SANDRA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tradedoubler.com [ C:\USERS\SANDRA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tradedoubler.com [ C:\USERS\SANDRA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.webmasterplan.com [ C:\USERS\SANDRA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.imrworldwide.com [ C:\USERS\SANDRA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.imrworldwide.com [ C:\USERS\SANDRA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\SANDRA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\SANDRA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\SANDRA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
www.googleadservices.com [ C:\USERS\SANDRA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.atdmt.com [ C:\USERS\SANDRA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.atdmt.com [ C:\USERS\SANDRA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.kaspersky.122.2o7.net [ C:\USERS\SANDRA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.bs.serving-sys.com [ C:\USERS\SANDRA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.smartadserver.com [ C:\USERS\SANDRA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.smartadserver.com [ C:\USERS\SANDRA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad4.adfarm1.adition.com [ C:\USERS\SANDRA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.webmasterplan.com [ C:\USERS\SANDRA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zanox-affiliate.de [ C:\USERS\SANDRA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zanox.com [ C:\USERS\SANDRA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
tomtailor.dyntracker.com [ C:\USERS\SANDRA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adfarm1.adition.com [ C:\USERS\SANDRA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad3.adfarm1.adition.com [ C:\USERS\SANDRA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
www.googleadservices.com [ C:\USERS\SANDRA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.kontera.com [ C:\USERS\SANDRA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\SANDRA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.im.banner.t-online.de [ C:\USERS\SANDRA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\SANDRA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\SANDRA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\SANDRA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
server.adformdsp.net [ C:\USERS\SANDRA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adformdsp.net [ C:\USERS\SANDRA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adform.net [ C:\USERS\SANDRA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
adx2.chip.de [ C:\USERS\SANDRA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\USERS\SANDRA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\USERS\SANDRA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\USERS\SANDRA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mediaplex.com [ C:\USERS\SANDRA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
adx.chip.de [ C:\USERS\SANDRA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tracker.vinsight.de [ C:\USERS\SANDRA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\SANDRA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\SANDRA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\SANDRA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adform.net [ C:\USERS\SANDRA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.smartadserver.com [ C:\USERS\SANDRA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
track.adform.net [ C:\USERS\SANDRA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adform.net [ C:\USERS\SANDRA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
adx.chip.de [ C:\USERS\SANDRA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\SANDRA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
adx.chip.de [ C:\USERS\SANDRA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\SANDRA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
adx.chip.de [ C:\USERS\SANDRA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
adx.chip.de [ C:\USERS\SANDRA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
adx.chip.de [ C:\USERS\SANDRA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.im.banner.t-online.de [ C:\USERS\SANDRA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\SANDRA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tribalfusion.com [ C:\USERS\SANDRA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ad.adnet.de [ C:\USERS\SANDRA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ad.adnet.de [ C:\USERS\SANDRA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adfarm1.adition.com [ C:\USERS\SANDRA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad2.adfarm1.adition.com [ C:\USERS\SANDRA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
eas.apm.emediate.eu [ C:\USERS\SANDRA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
eas.apm.emediate.eu [ C:\USERS\SANDRA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.doubleclick.net [ C:\USERS\SANDRA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
C:\USERS\SANDRA\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\SANDRA@C.ATDMT[2].TXT [ /C.ATDMT ]
C:\USERS\SANDRA\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\SANDRA@SERVING-SYS[1].TXT [ /SERVING-SYS ]
|
|
| Themen zu Computer gesperrt, Bundespolizei |
| abgesicherten, aktualisierung, andere, anderen, antimalware, befallen, bundespolizei, computer, computer gesperrt, dateien, forum, funktioniert, gesperrt, infiziert, interne, internetverbindung, kaspersky, locker, logdateien, modus, problem, programme, rescue, rescue cd, samsung, sperren, verbindung, versucht, vista 32bit, windows |
Linear-Darstellung
