| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: GVU Trojaner (mit Webcam?) unter Windows 7Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
17.07.2012, 10:59
| #16 |
| /// Winkelfunktion /// TB-Süch-Tiger™   |  GVU Trojaner (mit Webcam?) unter Windows 7 Mach einen OTL-Fix, beende alle evtl. geöffneten Programme, auch Virenscanner deaktivieren (!), starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!) Hinweis: Falls Du Deinen Benutzernamen unkenntlich gemacht hast, musst Du das Ausgesternte in Deinen richtigen Benutzernamen wieder verwandeln, sonst funktioniert das Script nicht!! Code:
ATTFilter :OTL
FF - user.js - File not found
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [Setwallpaper] c:\programdata\SetWallpaper.cmd File not found
O4 - HKU\S-1-5-21-1516755417-3234397197-3308580895-1000..\Run: [] File not found
O4 - HKU\S-1-5-21-1516755417-3234397197-3308580895-1001..\Run: [] File not found
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-21-1516755417-3234397197-3308580895-1000..\RunOnce: [FlashPlayerUpdate] C:\Windows\system32\Macromed\Flash\NPSWF32_FlashUtil.exe -p File not found
O4 - HKU\S-1-5-21-1516755417-3234397197-3308580895-1000..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\Versuch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Überwachungstool für die Intel® Turbo-Boost-Technik 2.0.lnk = File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\S-1-5-21-1516755417-3234397197-3308580895-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1516755417-3234397197-3308580895-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 0
O7 - HKU\S-1-5-21-1516755417-3234397197-3308580895-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 0
:Files
C:\ProgramData\*.pad
C:\Users\xxx\AppData\LocalLow\Sun\Java\Deployment\cache
C:\Users\xxx\Downloads\vlc-1.1.9-win32.exe
:Commands
[purity]
[resethosts]
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet. Die mit diesem Script gefixten Einträge, Dateien und Ordner werden zur Sicherheit nicht vollständig gelöscht, es wird eine Sicherheitskopie auf der Systempartition im Ordner "_OTL" erstellt. Hinweis: Das obige Script ist nur für diesen einen User in dieser Situtation erstellt worden. Es ist auf keinen anderen Rechner portierbar und darf nicht anderweitig verwandt werden, da es das System nachhaltig schädigen kann!
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
17.07.2012, 20:27
| #17 |
 | GVU Trojaner (mit Webcam?) unter Windows 7 Nabend
__________________Hab das Fix entsprechend den Anweisungen durchgeführt. PC wurde nicht neu gestartet. Hier das entsprechende Log dazu Code:
ATTFilter ========== OTL ==========
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Setwallpaper deleted successfully.
Registry value HKEY_USERS\S-1-5-21-1516755417-3234397197-3308580895-1000\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
Registry value HKEY_USERS\S-1-5-21-1516755417-3234397197-3308580895-1001\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
Registry value HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_USERS\S-1-5-21-1516755417-3234397197-3308580895-1000\Software\Microsoft\Windows\CurrentVersion\RunOnce\\FlashPlayerUpdate deleted successfully.
Registry value HKEY_USERS\S-1-5-21-1516755417-3234397197-3308580895-1000\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
C:\Users\Versuch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Überwachungstool für die Intel® Turbo-Boost-Technik 2.0.lnk moved successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktop deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktopChanges deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\ConsentPromptBehaviorAdmin deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\ConsentPromptBehaviorUser deleted successfully.
Registry value HKEY_USERS\S-1-5-21-1516755417-3234397197-3308580895-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun deleted successfully.
Registry value HKEY_USERS\S-1-5-21-1516755417-3234397197-3308580895-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveAutoRun deleted successfully.
Registry value HKEY_USERS\S-1-5-21-1516755417-3234397197-3308580895-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveAutoRun deleted successfully.
========== FILES ==========
C:\ProgramData\go_0molg.pad moved successfully.
C:\Users\Asus\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\tmp folder moved successfully.
C:\Users\Asus\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\muffin folder moved successfully.
C:\Users\Asus\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\host folder moved successfully.
C:\Users\Asus\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\9 folder moved successfully.
C:\Users\Asus\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\8 folder moved successfully.
C:\Users\Asus\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\7 folder moved successfully.
C:\Users\Asus\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\63 folder moved successfully.
C:\Users\Asus\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\62 folder moved successfully.
C:\Users\Asus\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\61 folder moved successfully.
C:\Users\Asus\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\60 folder moved successfully.
C:\Users\Asus\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\6 folder moved successfully.
C:\Users\Asus\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\59 folder moved successfully.
C:\Users\Asus\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\58 folder moved successfully.
C:\Users\Asus\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\57 folder moved successfully.
C:\Users\Asus\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\56 folder moved successfully.
C:\Users\Asus\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\55 folder moved successfully.
C:\Users\Asus\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\54 folder moved successfully.
C:\Users\Asus\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\53 folder moved successfully.
C:\Users\Asus\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\52 folder moved successfully.
C:\Users\Asus\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\51 folder moved successfully.
C:\Users\Asus\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\50 folder moved successfully.
C:\Users\Asus\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\5 folder moved successfully.
C:\Users\Asus\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\49 folder moved successfully.
C:\Users\Asus\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\48 folder moved successfully.
C:\Users\Asus\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\47 folder moved successfully.
C:\Users\Asus\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\46 folder moved successfully.
C:\Users\Asus\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\45 folder moved successfully.
C:\Users\Asus\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\44 folder moved successfully.
C:\Users\Asus\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\43 folder moved successfully.
C:\Users\Asus\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\42 folder moved successfully.
C:\Users\Asus\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\41 folder moved successfully.
C:\Users\Asus\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\40 folder moved successfully.
C:\Users\Asus\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\4 folder moved successfully.
C:\Users\Asus\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\39 folder moved successfully.
C:\Users\Asus\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\38 folder moved successfully.
C:\Users\Asus\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\37 folder moved successfully.
C:\Users\Asus\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\36 folder moved successfully.
C:\Users\Asus\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\35 folder moved successfully.
C:\Users\Asus\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\34 folder moved successfully.
C:\Users\Asus\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\33 folder moved successfully.
C:\Users\Asus\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\32 folder moved successfully.
C:\Users\Asus\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\31 folder moved successfully.
C:\Users\Asus\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\30 folder moved successfully.
C:\Users\Asus\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\3 folder moved successfully.
C:\Users\Asus\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\29 folder moved successfully.
C:\Users\Asus\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\28 folder moved successfully.
C:\Users\Asus\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\27 folder moved successfully.
C:\Users\Asus\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\26 folder moved successfully.
C:\Users\Asus\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\25 folder moved successfully.
C:\Users\Asus\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\24 folder moved successfully.
C:\Users\Asus\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\23 folder moved successfully.
C:\Users\Asus\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\22 folder moved successfully.
C:\Users\Asus\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\21 folder moved successfully.
C:\Users\Asus\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\20 folder moved successfully.
C:\Users\Asus\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\2 folder moved successfully.
C:\Users\Asus\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\19 folder moved successfully.
C:\Users\Asus\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\18 folder moved successfully.
C:\Users\Asus\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17 folder moved successfully.
C:\Users\Asus\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\16 folder moved successfully.
C:\Users\Asus\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\15 folder moved successfully.
C:\Users\Asus\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\14 folder moved successfully.
C:\Users\Asus\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\13 folder moved successfully.
C:\Users\Asus\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\12 folder moved successfully.
C:\Users\Asus\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\11 folder moved successfully.
C:\Users\Asus\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\10 folder moved successfully.
C:\Users\Asus\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\1 folder moved successfully.
C:\Users\Asus\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\0 folder moved successfully.
C:\Users\Asus\AppData\LocalLow\Sun\Java\Deployment\cache\6.0 folder moved successfully.
C:\Users\Asus\AppData\LocalLow\Sun\Java\Deployment\cache folder moved successfully.
C:\Users\Asus\Downloads\vlc-1.1.9-win32.exe moved successfully.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
OTL by OldTimer - Version 3.2.54.0 log created on 07172012_212503
|
|
18.07.2012, 15:59
| #18 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | GVU Trojaner (mit Webcam?) unter Windows 7 Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten Anleitung und Downloadlink hier => http://www.trojaner-board.de/82358-t...entfernen.html
__________________Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm! Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet, Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten. Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition (meistens Laufwerk C nach, da speichert der TDSS-Killer seine Logs.Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten! 
__________________ |
|
18.07.2012, 19:35
| #19 |
| | GVU Trojaner (mit Webcam?) unter Windows 7 so scan ist gemacht. den fund hab ich in quaratäne verschoben. hab zu spät gelesen, dass ich das skippen soll :-( hier der bericht Code:
ATTFilter 20:17:37.0397 5972 TDSS rootkit removing tool 2.7.46.0 Jul 16 2012 22:10:11
20:17:37.0594 5972 ============================================================
20:17:37.0594 5972 Current date / time: 2012/07/18 20:17:37.0594
20:17:37.0594 5972 SystemInfo:
20:17:37.0594 5972
20:17:37.0595 5972 OS Version: 6.1.7601 ServicePack: 1.0
20:17:37.0595 5972 Product type: Workstation
20:17:37.0595 5972 ComputerName: ASUS-PC
20:17:37.0595 5972 UserName: Asus
20:17:37.0595 5972 Windows directory: C:\Windows
20:17:37.0595 5972 System windows directory: C:\Windows
20:17:37.0595 5972 Running under WOW64
20:17:37.0595 5972 Processor architecture: Intel x64
20:17:37.0595 5972 Number of processors: 8
20:17:37.0595 5972 Page size: 0x1000
20:17:37.0595 5972 Boot type: Normal boot
20:17:37.0595 5972 ============================================================
20:17:38.0246 5972 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
20:17:38.0247 5972 Drive \Device\Harddisk1\DR1 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
20:17:38.0252 5972 ============================================================
20:17:38.0252 5972 \Device\Harddisk0\DR0:
20:17:38.0252 5972 MBR partitions:
20:17:38.0252 5972 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3200800, BlocksNum 0x18B19800
20:17:38.0272 5972 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1BD1A800, BlocksNum 0x1E66B800
20:17:38.0272 5972 \Device\Harddisk1\DR1:
20:17:38.0273 5972 MBR partitions:
20:17:38.0622 5972 \Device\Harddisk1\DR1\Partition0: MBR, Type 0x7, StartLBA 0x3F00, BlocksNum 0x1D1C4542
20:17:38.0644 5972 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x1D1C8481, BlocksNum 0x1D1BC7C0
20:17:38.0644 5972 ============================================================
20:17:38.0722 5972 C: <-> \Device\Harddisk0\DR0\Partition0
20:17:38.0752 5972 D: <-> \Device\Harddisk0\DR0\Partition1
20:17:38.0793 5972 E: <-> \Device\Harddisk1\DR1\Partition0
20:17:38.0826 5972 F: <-> \Device\Harddisk1\DR1\Partition1
20:17:38.0826 5972 ============================================================
20:17:38.0826 5972 Initialize success
20:17:38.0826 5972 ============================================================
20:20:19.0237 5972 ============================================================
20:20:19.0237 5972 Scan started
20:20:19.0237 5972 Mode: Manual; SigCheck; TDLFS;
20:20:19.0237 5972 ============================================================
20:20:19.0954 5972 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
20:20:20.0063 5972 1394ohci - ok
20:20:20.0126 5972 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
20:20:20.0141 5972 ACPI - ok
20:20:20.0157 5972 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
20:20:20.0266 5972 AcpiPmi - ok
20:20:20.0344 5972 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
20:20:20.0360 5972 adp94xx - ok
20:20:20.0422 5972 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
20:20:20.0438 5972 adpahci - ok
20:20:20.0469 5972 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
20:20:20.0485 5972 adpu320 - ok
20:20:20.0531 5972 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
20:20:20.0656 5972 AeLookupSvc - ok
20:20:20.0734 5972 AFBAgent (6e79a119b0ce418fe44e0c824bf3f039) C:\Windows\system32\FBAgent.exe
20:20:20.0750 5972 AFBAgent - ok
20:20:20.0828 5972 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
20:20:20.0890 5972 AFD - ok
20:20:20.0937 5972 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
20:20:20.0937 5972 agp440 - ok
20:20:20.0984 5972 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
20:20:21.0046 5972 ALG - ok
20:20:21.0062 5972 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
20:20:21.0077 5972 aliide - ok
20:20:21.0093 5972 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
20:20:21.0093 5972 amdide - ok
20:20:21.0140 5972 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
20:20:21.0187 5972 AmdK8 - ok
20:20:21.0187 5972 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
20:20:21.0218 5972 AmdPPM - ok
20:20:21.0249 5972 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
20:20:21.0249 5972 amdsata - ok
20:20:21.0280 5972 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
20:20:21.0296 5972 amdsbs - ok
20:20:21.0311 5972 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
20:20:21.0311 5972 amdxata - ok
20:20:21.0374 5972 AmUStor (9c7f164b49cadc658d1b3c575782f346) C:\Windows\system32\drivers\AmUStor.SYS
20:20:21.0405 5972 AmUStor - ok
20:20:21.0514 5972 AntiVirSchedulerService (466a0d95960dad3222c896d2cea99993) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
20:20:21.0514 5972 AntiVirSchedulerService - ok
20:20:21.0577 5972 AntiVirService (a489be6bb0aa1ff406b488b60542314b) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
20:20:21.0577 5972 AntiVirService - ok
20:20:21.0639 5972 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
20:20:21.0826 5972 AppID - ok
20:20:21.0857 5972 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
20:20:21.0904 5972 AppIDSvc - ok
20:20:21.0967 5972 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
20:20:22.0013 5972 Appinfo - ok
20:20:22.0060 5972 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
20:20:22.0060 5972 arc - ok
20:20:22.0076 5972 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
20:20:22.0091 5972 arcsas - ok
20:20:22.0201 5972 ASLDRService (a3626c6d3f2dc95497f3f61842d7fd89) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
20:20:22.0216 5972 ASLDRService - ok
20:20:22.0232 5972 ASMMAP64 (4c016fd76ed5c05e84ca8cab77993961) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys
20:20:22.0247 5972 ASMMAP64 - ok
20:20:22.0263 5972 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
20:20:22.0310 5972 AsyncMac - ok
20:20:22.0341 5972 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
20:20:22.0357 5972 atapi - ok
20:20:22.0435 5972 athr (e857eee6b92aaa473ebb3465add8f7e7) C:\Windows\system32\DRIVERS\athrx.sys
20:20:22.0559 5972 athr - ok
20:20:22.0637 5972 ATKGFNEXSrv (dbc598e47e7a382e60e2a4745d41fef9) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
20:20:22.0653 5972 ATKGFNEXSrv - ok
20:20:22.0700 5972 ATKWMIACPIIO (41ceaffcf3550785e59e3ec9bee8d97a) C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys
20:20:22.0715 5972 ATKWMIACPIIO - ok
20:20:22.0840 5972 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
20:20:22.0918 5972 AudioEndpointBuilder - ok
20:20:22.0918 5972 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
20:20:22.0949 5972 AudioSrv - ok
20:20:23.0074 5972 avgntflt (26e38b5a58c6c55fafbc563eeddb0867) C:\Windows\system32\DRIVERS\avgntflt.sys
20:20:23.0074 5972 avgntflt - ok
20:20:23.0121 5972 avipbb (9d1f00beff84cbbf46d7f052bc7e0565) C:\Windows\system32\DRIVERS\avipbb.sys
20:20:23.0121 5972 avipbb - ok
20:20:23.0137 5972 avkmgr (248db59fc86de44d2779f4c7fb1a567d) C:\Windows\system32\DRIVERS\avkmgr.sys
20:20:23.0137 5972 avkmgr - ok
20:20:23.0230 5972 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
20:20:23.0308 5972 AxInstSV - ok
20:20:23.0371 5972 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
20:20:23.0417 5972 b06bdrv - ok
20:20:23.0464 5972 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
20:20:23.0511 5972 b57nd60a - ok
20:20:23.0542 5972 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
20:20:23.0589 5972 BDESVC - ok
20:20:23.0605 5972 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
20:20:23.0651 5972 Beep - ok
20:20:23.0729 5972 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
20:20:23.0792 5972 BFE - ok
20:20:23.0854 5972 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
20:20:23.0932 5972 BITS - ok
20:20:23.0979 5972 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
20:20:24.0010 5972 blbdrive - ok
20:20:24.0057 5972 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
20:20:24.0088 5972 bowser - ok
20:20:24.0119 5972 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
20:20:24.0151 5972 BrFiltLo - ok
20:20:24.0151 5972 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
20:20:24.0166 5972 BrFiltUp - ok
20:20:24.0197 5972 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
20:20:24.0244 5972 Browser - ok
20:20:24.0307 5972 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
20:20:24.0353 5972 Brserid - ok
20:20:24.0369 5972 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
20:20:24.0385 5972 BrSerWdm - ok
20:20:24.0400 5972 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
20:20:24.0416 5972 BrUsbMdm - ok
20:20:24.0416 5972 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
20:20:24.0431 5972 BrUsbSer - ok
20:20:24.0525 5972 BrYNSvc (ea7e57f87d6fee5fd6c5f813c04e8cd2) C:\Program Files (x86)\Browny02\BrYNSvc.exe
20:20:24.0556 5972 BrYNSvc ( UnsignedFile.Multi.Generic ) - warning
20:20:24.0556 5972 BrYNSvc - detected UnsignedFile.Multi.Generic (1)
20:20:24.0619 5972 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys
20:20:24.0650 5972 BthEnum - ok
20:20:24.0681 5972 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
20:20:24.0712 5972 BTHMODEM - ok
20:20:24.0743 5972 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
20:20:24.0759 5972 BthPan - ok
20:20:24.0853 5972 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\Windows\System32\Drivers\BTHport.sys
20:20:24.0899 5972 BTHPORT - ok
20:20:24.0946 5972 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
20:20:24.0977 5972 bthserv - ok
20:20:25.0024 5972 BTHUSB (f188b7394d81010767b6df3178519a37) C:\Windows\System32\Drivers\BTHUSB.sys
20:20:25.0040 5972 BTHUSB - ok
20:20:25.0087 5972 btusbflt (6e04458e98daf28826482e41a7a62df5) C:\Windows\system32\drivers\btusbflt.sys
20:20:25.0087 5972 btusbflt - ok
20:20:25.0133 5972 btwaudio (6bcfdc2b5b7f66d484486d4bd4b39a6b) C:\Windows\system32\drivers\btwaudio.sys
20:20:25.0149 5972 btwaudio - ok
20:20:25.0165 5972 btwavdt (82dc8b7c626e526681c1bebed2bc3ff9) C:\Windows\system32\DRIVERS\btwavdt.sys
20:20:25.0165 5972 btwavdt - ok
20:20:25.0305 5972 btwdins (1e08dc82525282e34ad66ffba0782565) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
20:20:25.0352 5972 btwdins - ok
20:20:25.0352 5972 btwl2cap (6149301dc3f81d6f9667a3fbac410975) C:\Windows\system32\DRIVERS\btwl2cap.sys
20:20:25.0367 5972 btwl2cap - ok
20:20:25.0383 5972 btwrchid (28e105ad3b79f440bf94780f507bf66a) C:\Windows\system32\DRIVERS\btwrchid.sys
20:20:25.0399 5972 btwrchid - ok
20:20:25.0445 5972 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
20:20:25.0477 5972 cdfs - ok
20:20:25.0523 5972 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
20:20:25.0555 5972 cdrom - ok
20:20:25.0601 5972 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
20:20:25.0648 5972 CertPropSvc - ok
20:20:25.0695 5972 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
20:20:25.0711 5972 circlass - ok
20:20:25.0757 5972 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
20:20:25.0773 5972 CLFS - ok
20:20:25.0945 5972 CLKMSVC10_38F51D56 (524dc3807cb1746225f9d26add19c319) C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe
20:20:25.0960 5972 CLKMSVC10_38F51D56 - ok
20:20:26.0007 5972 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:20:26.0023 5972 clr_optimization_v2.0.50727_32 - ok
20:20:26.0054 5972 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
20:20:26.0054 5972 clr_optimization_v2.0.50727_64 - ok
20:20:26.0116 5972 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:20:26.0132 5972 clr_optimization_v4.0.30319_32 - ok
20:20:26.0163 5972 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
20:20:26.0179 5972 clr_optimization_v4.0.30319_64 - ok
20:20:26.0288 5972 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
20:20:26.0303 5972 CmBatt - ok
20:20:26.0335 5972 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
20:20:26.0350 5972 cmdide - ok
20:20:26.0397 5972 CNG (9ac4f97c2d3e93367e2148ea940cd2cd) C:\Windows\system32\Drivers\cng.sys
20:20:26.0428 5972 CNG - ok
20:20:26.0491 5972 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
20:20:26.0491 5972 Compbatt - ok
20:20:26.0522 5972 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
20:20:26.0553 5972 CompositeBus - ok
20:20:26.0584 5972 COMSysApp - ok
20:20:26.0678 5972 cpuz135 - ok
20:20:26.0709 5972 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
20:20:26.0709 5972 crcdisk - ok
20:20:26.0771 5972 CryptSvc (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll
20:20:26.0803 5972 CryptSvc - ok
20:20:26.0849 5972 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
20:20:26.0896 5972 DcomLaunch - ok
20:20:26.0943 5972 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
20:20:26.0990 5972 defragsvc - ok
20:20:27.0037 5972 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
20:20:27.0083 5972 DfsC - ok
20:20:27.0130 5972 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
20:20:27.0177 5972 Dhcp - ok
20:20:27.0208 5972 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
20:20:27.0255 5972 discache - ok
20:20:27.0286 5972 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
20:20:27.0302 5972 Disk - ok
20:20:27.0333 5972 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
20:20:27.0380 5972 Dnscache - ok
20:20:27.0411 5972 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
20:20:27.0473 5972 dot3svc - ok
20:20:27.0505 5972 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
20:20:27.0551 5972 DPS - ok
20:20:27.0583 5972 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
20:20:27.0614 5972 drmkaud - ok
20:20:27.0676 5972 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
20:20:27.0707 5972 DXGKrnl - ok
20:20:27.0754 5972 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
20:20:27.0785 5972 EapHost - ok
20:20:27.0941 5972 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
20:20:28.0051 5972 ebdrv - ok
20:20:28.0160 5972 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
20:20:28.0175 5972 EFS - ok
20:20:28.0238 5972 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
20:20:28.0300 5972 ehRecvr - ok
20:20:28.0331 5972 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
20:20:28.0363 5972 ehSched - ok
20:20:28.0472 5972 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
20:20:28.0487 5972 elxstor - ok
20:20:28.0519 5972 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
20:20:28.0534 5972 ErrDev - ok
20:20:28.0612 5972 ETD (05b0dcda418e297a1b4cd8d7b8ade403) C:\Windows\system32\DRIVERS\ETD.sys
20:20:28.0643 5972 ETD - ok
20:20:28.0675 5972 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
20:20:28.0737 5972 EventSystem - ok
20:20:28.0940 5972 EvtEng (bdfcb7e8c108d042b213957d2b044e7e) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
20:20:28.0955 5972 EvtEng - ok
20:20:29.0096 5972 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
20:20:29.0127 5972 exfat - ok
20:20:29.0158 5972 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
20:20:29.0205 5972 fastfat - ok
20:20:29.0283 5972 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
20:20:29.0330 5972 Fax - ok
20:20:29.0361 5972 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
20:20:29.0392 5972 fdc - ok
20:20:29.0408 5972 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
20:20:29.0439 5972 fdPHost - ok
20:20:29.0455 5972 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
20:20:29.0486 5972 FDResPub - ok
20:20:29.0517 5972 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
20:20:29.0533 5972 FileInfo - ok
20:20:29.0564 5972 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
20:20:29.0611 5972 Filetrace - ok
20:20:29.0642 5972 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
20:20:29.0657 5972 flpydisk - ok
20:20:29.0689 5972 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
20:20:29.0720 5972 FltMgr - ok
20:20:29.0782 5972 FLxHCIc (72893dc6f72eabaef5aa1013fd189050) C:\Windows\system32\DRIVERS\FLxHCIc.sys
20:20:29.0813 5972 FLxHCIc - ok
20:20:29.0845 5972 FLxHCIh (a2156628a86450d490a387b9b06fb17d) C:\Windows\system32\DRIVERS\FLxHCIh.sys
20:20:29.0891 5972 FLxHCIh - ok
20:20:29.0954 5972 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
20:20:30.0016 5972 FontCache - ok
20:20:30.0063 5972 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
20:20:30.0079 5972 FontCache3.0.0.0 - ok
20:20:30.0125 5972 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
20:20:30.0125 5972 FsDepends - ok
20:20:30.0172 5972 fssfltr (6c06701bf1db05405804d7eb610991ce) C:\Windows\system32\DRIVERS\fssfltr.sys
20:20:30.0188 5972 fssfltr - ok
20:20:30.0313 5972 fsssvc (4ce9dac1518ff7e77bd213e6394b9d77) C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
20:20:30.0359 5972 fsssvc - ok
20:20:30.0500 5972 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
20:20:30.0515 5972 Fs_Rec - ok
20:20:30.0593 5972 Futuremark SystemInfo Service (0d015d3584704ec814a58276232f143b) C:\Program Files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe
20:20:30.0609 5972 Futuremark SystemInfo Service - ok
20:20:30.0671 5972 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
20:20:30.0671 5972 fvevol - ok
20:20:30.0703 5972 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
20:20:30.0718 5972 gagp30kx - ok
20:20:30.0781 5972 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
20:20:30.0859 5972 gpsvc - ok
20:20:30.0968 5972 gupdate (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:20:30.0983 5972 gupdate - ok
20:20:30.0999 5972 gupdatem (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:20:30.0999 5972 gupdatem - ok
20:20:31.0061 5972 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
20:20:31.0061 5972 gusvc - ok
20:20:31.0124 5972 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
20:20:31.0155 5972 hcw85cir - ok
20:20:31.0202 5972 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
20:20:31.0233 5972 HdAudAddService - ok
20:20:31.0280 5972 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
20:20:31.0311 5972 HDAudBus - ok
20:20:31.0327 5972 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
20:20:31.0358 5972 HidBatt - ok
20:20:31.0373 5972 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
20:20:31.0389 5972 HidBth - ok
20:20:31.0436 5972 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
20:20:31.0451 5972 HidIr - ok
20:20:31.0483 5972 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
20:20:31.0529 5972 hidserv - ok
20:20:31.0576 5972 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
20:20:31.0576 5972 HidUsb - ok
20:20:31.0623 5972 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
20:20:31.0670 5972 hkmsvc - ok
20:20:31.0717 5972 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
20:20:31.0763 5972 HomeGroupListener - ok
20:20:31.0795 5972 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
20:20:31.0810 5972 HomeGroupProvider - ok
20:20:31.0857 5972 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
20:20:31.0857 5972 HpSAMD - ok
20:20:31.0919 5972 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
20:20:31.0966 5972 HTTP - ok
20:20:31.0997 5972 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
20:20:32.0013 5972 hwpolicy - ok
20:20:32.0044 5972 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
20:20:32.0060 5972 i8042prt - ok
20:20:32.0122 5972 iaStor (f7ce9be72edac499b713eca6dae5d26f) C:\Windows\system32\DRIVERS\iaStor.sys
20:20:32.0138 5972 iaStor - ok
20:20:32.0185 5972 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
20:20:32.0216 5972 iaStorV - ok
20:20:32.0325 5972 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
20:20:32.0356 5972 idsvc - ok
20:20:32.0918 5972 igfx (0089b53f1befd34b7d8ca4ab021335fa) C:\Windows\system32\DRIVERS\igdkmd64.sys
20:20:33.0245 5972 igfx - ok
20:20:33.0370 5972 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
20:20:33.0386 5972 iirsp - ok
20:20:33.0448 5972 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
20:20:33.0526 5972 IKEEXT - ok
20:20:33.0698 5972 IntcAzAudAddService (e22397fb13975ff21be8e6897d7dc584) C:\Windows\system32\drivers\RTKVHD64.sys
20:20:33.0729 5972 IntcAzAudAddService - ok
20:20:33.0916 5972 IntcDAud (fc727061c0f47c8059e88e05d5c8e381) C:\Windows\system32\DRIVERS\IntcDAud.sys
20:20:33.0963 5972 IntcDAud - ok
20:20:33.0979 5972 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
20:20:33.0994 5972 intelide - ok
20:20:34.0041 5972 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
20:20:34.0057 5972 intelppm - ok
20:20:34.0103 5972 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
20:20:34.0150 5972 IPBusEnum - ok
20:20:34.0197 5972 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:20:34.0244 5972 IpFilterDriver - ok
20:20:34.0275 5972 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
20:20:34.0322 5972 iphlpsvc - ok
20:20:34.0369 5972 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
20:20:34.0400 5972 IPMIDRV - ok
20:20:34.0431 5972 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
20:20:34.0462 5972 IPNAT - ok
20:20:34.0493 5972 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
20:20:34.0571 5972 IRENUM - ok
20:20:34.0618 5972 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
20:20:34.0618 5972 isapnp - ok
20:20:34.0649 5972 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
20:20:34.0665 5972 iScsiPrt - ok
20:20:34.0696 5972 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
20:20:34.0696 5972 kbdclass - ok
20:20:34.0727 5972 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
20:20:34.0743 5972 kbdhid - ok
20:20:34.0774 5972 kbfiltr (e63ef8c3271d014f14e2469ce75fecb4) C:\Windows\system32\DRIVERS\kbfiltr.sys
20:20:34.0790 5972 kbfiltr - ok
20:20:34.0821 5972 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
20:20:34.0837 5972 KeyIso - ok
20:20:34.0868 5972 KSecDD (97a7070aea4c058b6418519e869a63b4) C:\Windows\system32\Drivers\ksecdd.sys
20:20:34.0883 5972 KSecDD - ok
20:20:34.0915 5972 KSecPkg (26c43a7c2862447ec59deda188d1da07) C:\Windows\system32\Drivers\ksecpkg.sys
20:20:34.0915 5972 KSecPkg - ok
20:20:34.0946 5972 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
20:20:34.0993 5972 ksthunk - ok
20:20:35.0024 5972 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
20:20:35.0086 5972 KtmRm - ok
20:20:35.0149 5972 L1C (a4a9ca24e54e81c6c3e469eaeb4b3f42) C:\Windows\system32\DRIVERS\L1C62x64.sys
20:20:35.0164 5972 L1C - ok
20:20:35.0195 5972 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
20:20:35.0227 5972 LanmanServer - ok
20:20:35.0258 5972 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
20:20:35.0305 5972 LanmanWorkstation - ok
20:20:35.0336 5972 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
20:20:35.0367 5972 lltdio - ok
20:20:35.0414 5972 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
20:20:35.0476 5972 lltdsvc - ok
20:20:35.0492 5972 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
20:20:35.0539 5972 lmhosts - ok
20:20:35.0585 5972 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
20:20:35.0601 5972 LSI_FC - ok
20:20:35.0601 5972 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
20:20:35.0617 5972 LSI_SAS - ok
20:20:35.0632 5972 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
20:20:35.0632 5972 LSI_SAS2 - ok
20:20:35.0663 5972 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
20:20:35.0679 5972 LSI_SCSI - ok
20:20:35.0710 5972 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
20:20:35.0757 5972 luafv - ok
20:20:35.0819 5972 massfilter (23488767cb18fc3ff39e3af1db3fb02c) C:\Windows\system32\drivers\massfilter.sys
20:20:35.0851 5972 massfilter - ok
20:20:35.0913 5972 MBAMProtector (dc8490812a3b72811ae534f423b4c206) C:\Windows\system32\drivers\mbam.sys
20:20:35.0929 5972 MBAMProtector - ok
20:20:36.0022 5972 MBAMService (43683e970f008c93c9429ef428147a54) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
20:20:36.0038 5972 MBAMService - ok
20:20:36.0069 5972 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
20:20:36.0100 5972 Mcx2Svc - ok
20:20:36.0116 5972 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
20:20:36.0116 5972 megasas - ok
20:20:36.0147 5972 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
20:20:36.0163 5972 MegaSR - ok
20:20:36.0209 5972 MEIx64 (a6518dcc42f7a6e999bb3bea8fd87567) C:\Windows\system32\DRIVERS\HECIx64.sys
20:20:36.0225 5972 MEIx64 - ok
20:20:36.0256 5972 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
20:20:36.0303 5972 MMCSS - ok
20:20:36.0319 5972 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
20:20:36.0365 5972 Modem - ok
20:20:36.0381 5972 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
20:20:36.0412 5972 monitor - ok
20:20:36.0443 5972 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
20:20:36.0459 5972 mouclass - ok
20:20:36.0490 5972 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
20:20:36.0521 5972 mouhid - ok
20:20:36.0568 5972 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
20:20:36.0568 5972 mountmgr - ok
20:20:36.0631 5972 MozillaMaintenance (96aa8ba23142cc8e2b30f3cae0c80254) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
20:20:36.0646 5972 MozillaMaintenance - ok
20:20:36.0677 5972 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
20:20:36.0677 5972 mpio - ok
20:20:36.0709 5972 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
20:20:36.0740 5972 mpsdrv - ok
20:20:36.0802 5972 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
20:20:36.0865 5972 MpsSvc - ok
20:20:36.0896 5972 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
20:20:36.0943 5972 MRxDAV - ok
20:20:36.0974 5972 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
20:20:37.0005 5972 mrxsmb - ok
20:20:37.0052 5972 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:20:37.0083 5972 mrxsmb10 - ok
20:20:37.0099 5972 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:20:37.0114 5972 mrxsmb20 - ok
20:20:37.0145 5972 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
20:20:37.0145 5972 msahci - ok
20:20:37.0177 5972 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
20:20:37.0192 5972 msdsm - ok
20:20:37.0223 5972 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
20:20:37.0255 5972 MSDTC - ok
20:20:37.0301 5972 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
20:20:37.0333 5972 Msfs - ok
20:20:37.0348 5972 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
20:20:37.0395 5972 mshidkmdf - ok
20:20:37.0411 5972 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
20:20:37.0426 5972 msisadrv - ok
20:20:37.0473 5972 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
20:20:37.0520 5972 MSiSCSI - ok
20:20:37.0520 5972 msiserver - ok
20:20:37.0551 5972 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
20:20:37.0582 5972 MSKSSRV - ok
20:20:37.0598 5972 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
20:20:37.0629 5972 MSPCLOCK - ok
20:20:37.0645 5972 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
20:20:37.0676 5972 MSPQM - ok
20:20:37.0723 5972 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
20:20:37.0738 5972 MsRPC - ok
20:20:37.0769 5972 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
20:20:37.0785 5972 mssmbios - ok
20:20:37.0816 5972 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
20:20:37.0847 5972 MSTEE - ok
20:20:37.0863 5972 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
20:20:37.0863 5972 MTConfig - ok
20:20:37.0894 5972 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
20:20:37.0894 5972 Mup - ok
20:20:38.0035 5972 MyWiFiDHCPDNS (93cd1c4ecb8658a35e5e6eba02d43e4f) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
20:20:38.0066 5972 MyWiFiDHCPDNS - ok
20:20:38.0113 5972 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
20:20:38.0175 5972 napagent - ok
20:20:38.0222 5972 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
20:20:38.0269 5972 NativeWifiP - ok
20:20:38.0347 5972 NDIS (c38b8ae57f78915905064a9a24dc1586) C:\Windows\system32\drivers\ndis.sys
20:20:38.0378 5972 NDIS - ok
20:20:38.0409 5972 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
20:20:38.0440 5972 NdisCap - ok
20:20:38.0471 5972 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
20:20:38.0503 5972 NdisTapi - ok
20:20:38.0534 5972 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
20:20:38.0565 5972 Ndisuio - ok
20:20:38.0612 5972 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
20:20:38.0659 5972 NdisWan - ok
20:20:38.0690 5972 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
20:20:38.0737 5972 NDProxy - ok
20:20:38.0752 5972 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
20:20:38.0799 5972 NetBIOS - ok
20:20:38.0830 5972 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
20:20:38.0893 5972 NetBT - ok
20:20:38.0924 5972 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
20:20:38.0939 5972 Netlogon - ok
20:20:38.0986 5972 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
20:20:39.0033 5972 Netman - ok
20:20:39.0064 5972 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
20:20:39.0127 5972 netprofm - ok
20:20:39.0189 5972 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
20:20:39.0205 5972 NetTcpPortSharing - ok
20:20:39.0563 5972 NETwNs64 (eb43840babf5589e33186d094de7381d) C:\Windows\system32\DRIVERS\NETwNs64.sys
20:20:39.0766 5972 NETwNs64 - ok
20:20:39.0907 5972 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
20:20:39.0922 5972 nfrd960 - ok
20:20:39.0969 5972 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
20:20:40.0016 5972 NlaSvc - ok
20:20:40.0063 5972 nmwcd (5fe6f8c05f0769bbb74afac11453b182) C:\Windows\system32\drivers\ccdcmbx64.sys
20:20:40.0094 5972 nmwcd - ok
20:20:40.0141 5972 nmwcdc (73c929945c0850b8d1fe2fea05fdf05d) C:\Windows\system32\drivers\ccdcmbox64.sys
20:20:40.0156 5972 nmwcdc - ok
20:20:40.0187 5972 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
20:20:40.0219 5972 Npfs - ok
20:20:40.0234 5972 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
20:20:40.0281 5972 nsi - ok
20:20:40.0297 5972 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
20:20:40.0343 5972 nsiproxy - ok
20:20:40.0421 5972 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
20:20:40.0484 5972 Ntfs - ok
20:20:40.0609 5972 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
20:20:40.0655 5972 Null - ok
20:20:41.0295 5972 nvlddmkm (db4f01aba1ff1379e64e997d9fc5c08b) C:\Windows\system32\DRIVERS\nvlddmkm.sys
20:20:41.0451 5972 nvlddmkm - ok
20:20:41.0576 5972 nvpciflt (6fcf6d9b3c149c7cee6fef8b622765c5) C:\Windows\system32\DRIVERS\nvpciflt.sys
20:20:41.0591 5972 nvpciflt - ok
20:20:41.0623 5972 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
20:20:41.0638 5972 nvraid - ok
20:20:41.0669 5972 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
20:20:41.0685 5972 nvstor - ok
20:20:41.0763 5972 NVSvc (529153d4c83e6631b303ae183a34fbdb) C:\Windows\system32\nvvsvc.exe
20:20:41.0810 5972 NVSvc - ok
20:20:41.0935 5972 nvUpdatusService (e06dbb528ebb66c10bdda799af2cab37) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
20:20:41.0966 5972 nvUpdatusService - ok
20:20:42.0106 5972 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
20:20:42.0106 5972 nv_agp - ok
20:20:42.0137 5972 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
20:20:42.0153 5972 ohci1394 - ok
20:20:42.0200 5972 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
20:20:42.0247 5972 p2pimsvc - ok
20:20:42.0293 5972 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
20:20:42.0325 5972 p2psvc - ok
20:20:42.0356 5972 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
20:20:42.0371 5972 Parport - ok
20:20:42.0403 5972 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
20:20:42.0418 5972 partmgr - ok
20:20:42.0449 5972 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
20:20:42.0465 5972 PcaSvc - ok
20:20:42.0512 5972 pccsmcfd (bc0018c2d29f655188a0ed3fa94fdb24) C:\Windows\system32\DRIVERS\pccsmcfdx64.sys
20:20:42.0543 5972 pccsmcfd - ok
20:20:42.0590 5972 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
20:20:42.0605 5972 pci - ok
20:20:42.0621 5972 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
20:20:42.0621 5972 pciide - ok
20:20:42.0668 5972 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
20:20:42.0683 5972 pcmcia - ok
20:20:42.0699 5972 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
20:20:42.0715 5972 pcw - ok
20:20:42.0746 5972 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
20:20:42.0808 5972 PEAUTH - ok
20:20:42.0902 5972 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
20:20:42.0917 5972 PerfHost - ok
20:20:43.0073 5972 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
20:20:43.0183 5972 pla - ok
20:20:43.0354 5972 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
20:20:43.0417 5972 PlugPlay - ok
20:20:43.0448 5972 PnkBstrA - ok
20:20:43.0463 5972 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
20:20:43.0495 5972 PNRPAutoReg - ok
20:20:43.0526 5972 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
20:20:43.0541 5972 PNRPsvc - ok
20:20:43.0588 5972 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
20:20:43.0635 5972 PolicyAgent - ok
20:20:43.0682 5972 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
20:20:43.0713 5972 Power - ok
20:20:43.0791 5972 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
20:20:43.0838 5972 PptpMiniport - ok
20:20:43.0869 5972 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
20:20:43.0885 5972 Processor - ok
20:20:43.0916 5972 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll
20:20:43.0947 5972 ProfSvc - ok
20:20:43.0978 5972 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
20:20:43.0978 5972 ProtectedStorage - ok
20:20:44.0009 5972 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
20:20:44.0041 5972 Psched - ok
20:20:44.0134 5972 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
20:20:44.0197 5972 ql2300 - ok
20:20:44.0337 5972 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
20:20:44.0337 5972 ql40xx - ok
20:20:44.0384 5972 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
20:20:44.0415 5972 QWAVE - ok
20:20:44.0431 5972 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
20:20:44.0446 5972 QWAVEdrv - ok
20:20:44.0462 5972 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
20:20:44.0493 5972 RasAcd - ok
20:20:44.0524 5972 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
20:20:44.0571 5972 RasAgileVpn - ok
20:20:44.0618 5972 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
20:20:44.0649 5972 RasAuto - ok
20:20:44.0680 5972 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
20:20:44.0727 5972 Rasl2tp - ok
20:20:44.0774 5972 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
20:20:44.0821 5972 RasMan - ok
20:20:44.0867 5972 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
20:20:44.0899 5972 RasPppoe - ok
20:20:44.0930 5972 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
20:20:44.0977 5972 RasSstp - ok
20:20:45.0023 5972 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
20:20:45.0055 5972 rdbss - ok
20:20:45.0070 5972 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
20:20:45.0101 5972 rdpbus - ok
20:20:45.0133 5972 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
20:20:45.0164 5972 RDPCDD - ok
20:20:45.0195 5972 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
20:20:45.0242 5972 RDPENCDD - ok
20:20:45.0273 5972 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
20:20:45.0320 5972 RDPREFMP - ok
20:20:45.0351 5972 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys
20:20:45.0382 5972 RDPWD - ok
20:20:45.0445 5972 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
20:20:45.0445 5972 rdyboost - ok
20:20:45.0601 5972 RegSrvc (a6baea839cc888d4961ab5fe16bb8c4a) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
20:20:45.0632 5972 RegSrvc - ok
20:20:45.0663 5972 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
20:20:45.0710 5972 RemoteAccess - ok
20:20:45.0741 5972 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
20:20:45.0772 5972 RemoteRegistry - ok
20:20:45.0835 5972 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
20:20:45.0866 5972 RFCOMM - ok
20:20:45.0991 5972 RichVideo (616f6e52cae254727a886ba8eda1beea) C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
20:20:45.0991 5972 RichVideo - ok
20:20:46.0022 5972 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
20:20:46.0053 5972 RpcEptMapper - ok
20:20:46.0084 5972 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
20:20:46.0100 5972 RpcLocator - ok
20:20:46.0147 5972 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
20:20:46.0178 5972 RpcSs - ok
20:20:46.0225 5972 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
20:20:46.0271 5972 rspndr - ok
20:20:46.0287 5972 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
20:20:46.0287 5972 SamSs - ok
20:20:46.0318 5972 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
20:20:46.0334 5972 sbp2port - ok
20:20:46.0381 5972 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
20:20:46.0427 5972 SCardSvr - ok
20:20:46.0474 5972 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
20:20:46.0505 5972 scfilter - ok
20:20:46.0599 5972 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
20:20:46.0646 5972 Schedule - ok
20:20:46.0693 5972 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
20:20:46.0708 5972 SCPolicySvc - ok
20:20:46.0739 5972 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
20:20:46.0771 5972 SDRSVC - ok
20:20:46.0833 5972 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
20:20:46.0880 5972 secdrv - ok
20:20:46.0911 5972 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
20:20:46.0942 5972 seclogon - ok
20:20:46.0989 5972 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
20:20:47.0036 5972 SENS - ok
20:20:47.0051 5972 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
20:20:47.0083 5972 SensrSvc - ok
20:20:47.0114 5972 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
20:20:47.0129 5972 Serenum - ok
20:20:47.0176 5972 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
20:20:47.0207 5972 Serial - ok
20:20:47.0254 5972 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
20:20:47.0285 5972 sermouse - ok
20:20:47.0395 5972 ServiceLayer (f31e9531af225ca25350d5e87e999b31) C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
20:20:47.0426 5972 ServiceLayer - ok
20:20:47.0473 5972 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
20:20:47.0504 5972 SessionEnv - ok
20:20:47.0551 5972 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
20:20:47.0566 5972 sffdisk - ok
20:20:47.0582 5972 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
20:20:47.0613 5972 sffp_mmc - ok
20:20:47.0629 5972 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
20:20:47.0644 5972 sffp_sd - ok
20:20:47.0675 5972 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
20:20:47.0691 5972 sfloppy - ok
20:20:47.0753 5972 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
20:20:47.0816 5972 SharedAccess - ok
20:20:47.0863 5972 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
20:20:47.0909 5972 ShellHWDetection - ok
20:20:47.0956 5972 SiSGbeLH (1bc348cf6baa90ec8e533ef6e6a69933) C:\Windows\system32\DRIVERS\SiSG664.sys
20:20:47.0972 5972 SiSGbeLH - ok
20:20:47.0987 5972 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
20:20:48.0003 5972 SiSRaid2 - ok
20:20:48.0019 5972 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
20:20:48.0034 5972 SiSRaid4 - ok
20:20:48.0128 5972 SkypeUpdate (ea396139541706b4b433641d62ea53ce) C:\Program Files (x86)\Skype\Updater\Updater.exe
20:20:48.0128 5972 SkypeUpdate - ok
20:20:48.0159 5972 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
20:20:48.0190 5972 Smb - ok
20:20:48.0221 5972 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
20:20:48.0237 5972 SNMPTRAP - ok
20:20:48.0362 5972 SNP2UVC (c98375d19f9e9966f6201bae65fb3728) C:\Windows\system32\DRIVERS\snp2uvc.sys
20:20:48.0424 5972 SNP2UVC - ok
20:20:48.0549 5972 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
20:20:48.0549 5972 spldr - ok
20:20:48.0596 5972 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
20:20:48.0627 5972 Spooler - ok
20:20:48.0814 5972 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
20:20:48.0939 5972 sppsvc - ok
20:20:49.0048 5972 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
20:20:49.0079 5972 sppuinotify - ok
20:20:49.0142 5972 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
20:20:49.0189 5972 srv - ok
20:20:49.0220 5972 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
20:20:49.0267 5972 srv2 - ok
20:20:49.0298 5972 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
20:20:49.0298 5972 srvnet - ok
20:20:49.0345 5972 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
20:20:49.0391 5972 SSDPSRV - ok
20:20:49.0407 5972 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
20:20:49.0454 5972 SstpSvc - ok
20:20:49.0485 5972 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
20:20:49.0501 5972 stexstor - ok
20:20:49.0547 5972 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
20:20:49.0594 5972 stisvc - ok
20:20:49.0610 5972 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
20:20:49.0610 5972 swenum - ok
20:20:49.0657 5972 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
20:20:49.0703 5972 swprv - ok
20:20:49.0797 5972 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
20:20:49.0859 5972 SysMain - ok
20:20:49.0969 5972 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
20:20:50.0000 5972 TabletInputService - ok
20:20:50.0047 5972 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
20:20:50.0078 5972 TapiSrv - ok
20:20:50.0109 5972 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
20:20:50.0125 5972 TBS - ok
20:20:50.0265 5972 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
20:20:50.0343 5972 Tcpip - ok
20:20:50.0515 5972 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
20:20:50.0546 5972 TCPIP6 - ok
20:20:50.0671 5972 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
20:20:50.0702 5972 tcpipreg - ok
20:20:50.0717 5972 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
20:20:50.0749 5972 TDPIPE - ok
20:20:50.0780 5972 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
20:20:50.0780 5972 TDTCP - ok
20:20:50.0827 5972 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
20:20:50.0858 5972 tdx - ok
20:20:50.0889 5972 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
20:20:50.0905 5972 TermDD - ok
20:20:50.0951 5972 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
20:20:51.0014 5972 TermService - ok
20:20:51.0061 5972 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
20:20:51.0076 5972 Themes - ok
20:20:51.0107 5972 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
20:20:51.0123 5972 THREADORDER - ok
20:20:51.0154 5972 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
20:20:51.0185 5972 TrkWks - ok
20:20:51.0248 5972 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
20:20:51.0295 5972 TrustedInstaller - ok
20:20:51.0341 5972 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
20:20:51.0373 5972 tssecsrv - ok
20:20:51.0404 5972 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
20:20:51.0435 5972 TsUsbFlt - ok
20:20:51.0482 5972 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
20:20:51.0513 5972 tunnel - ok
20:20:51.0560 5972 TurboB (fd24f98d2898be093fe926604be7db99) C:\Windows\system32\DRIVERS\TurboB.sys
20:20:51.0575 5972 TurboB - ok
20:20:51.0638 5972 TurboBoost (600b406a04d90f577fea8a88d7379f08) C:\Program Files\Intel\TurboBoost\TurboBoost.exe
20:20:51.0638 5972 TurboBoost - ok
20:20:51.0669 5972 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
20:20:51.0685 5972 uagp35 - ok
20:20:51.0731 5972 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
20:20:51.0794 5972 udfs - ok
20:20:51.0872 5972 UI Assistant Service (13bff97e926bf8d9c1230cecc371a0c0) C:\Program Files (x86)\1&1 Surf-Stick\AssistantServices.exe
20:20:51.0887 5972 UI Assistant Service - ok
20:20:51.0919 5972 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
20:20:51.0934 5972 UI0Detect - ok
20:20:51.0981 5972 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
20:20:51.0997 5972 uliagpkx - ok
20:20:52.0012 5972 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
20:20:52.0028 5972 umbus - ok
20:20:52.0059 5972 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
20:20:52.0075 5972 UmPass - ok
20:20:52.0121 5972 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
20:20:52.0184 5972 upnphost - ok
20:20:52.0215 5972 upperdev (34afb83c7bba370e404e52cc2290350c) C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys
20:20:52.0231 5972 upperdev - ok
20:20:52.0277 5972 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
20:20:52.0293 5972 usbccgp - ok
20:20:52.0340 5972 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
20:20:52.0371 5972 usbcir - ok
20:20:52.0387 5972 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
20:20:52.0418 5972 usbehci - ok
20:20:52.0465 5972 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
20:20:52.0496 5972 usbhub - ok
20:20:52.0543 5972 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
20:20:52.0558 5972 usbohci - ok
20:20:52.0605 5972 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
20:20:52.0636 5972 usbprint - ok
20:20:52.0667 5972 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
20:20:52.0683 5972 usbscan - ok
20:20:52.0730 5972 usbser (4acee387fa8fd39f83564fcd2fc234f2) C:\Windows\system32\drivers\usbser.sys
20:20:52.0761 5972 usbser - ok
20:20:52.0808 5972 UsbserFilt (aa75e1efbee7186b4cbaaacf1f15e6ca) C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys
20:20:52.0839 5972 UsbserFilt - ok
20:20:52.0855 5972 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
20:20:52.0886 5972 USBSTOR - ok
20:20:52.0901 5972 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
20:20:52.0917 5972 usbuhci - ok
20:20:52.0948 5972 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys
20:20:52.0964 5972 usbvideo - ok
20:20:53.0042 5972 usb_rndisx (70d05ee263568a742d14e1876df80532) C:\Windows\system32\DRIVERS\usb8023x.sys
20:20:53.0057 5972 usb_rndisx - ok
20:20:53.0089 5972 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
20:20:53.0135 5972 UxSms - ok
20:20:53.0151 5972 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
20:20:53.0167 5972 VaultSvc - ok
20:20:53.0198 5972 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
20:20:53.0198 5972 vdrvroot - ok
20:20:53.0245 5972 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
20:20:53.0307 5972 vds - ok
20:20:53.0338 5972 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
20:20:53.0354 5972 vga - ok
20:20:53.0369 5972 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
20:20:53.0401 5972 VgaSave - ok
20:20:53.0447 5972 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
20:20:53.0463 5972 vhdmp - ok
20:20:53.0494 5972 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
20:20:53.0510 5972 viaide - ok
20:20:53.0572 5972 VideAceWindowsService (c37ce43fb54066ffb540729c6e6e194e) C:\ExpressGateUtil\VAWinService.exe
20:20:53.0572 5972 VideAceWindowsService - ok
20:20:53.0603 5972 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
20:20:53.0603 5972 volmgr - ok
20:20:53.0650 5972 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
20:20:53.0666 5972 volmgrx - ok
20:20:53.0697 5972 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
20:20:53.0713 5972 volsnap - ok
20:20:53.0759 5972 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
20:20:53.0775 5972 vsmraid - ok
20:20:53.0869 5972 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
20:20:53.0947 5972 VSS - ok
20:20:54.0071 5972 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
20:20:54.0103 5972 vwifibus - ok
20:20:54.0118 5972 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
20:20:54.0134 5972 vwififlt - ok
20:20:54.0165 5972 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
20:20:54.0165 5972 vwifimp - ok
20:20:54.0212 5972 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
20:20:54.0259 5972 W32Time - ok
20:20:54.0290 5972 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
20:20:54.0321 5972 WacomPen - ok
20:20:54.0352 5972 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
20:20:54.0383 5972 WANARP - ok
20:20:54.0383 5972 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
20:20:54.0415 5972 Wanarpv6 - ok
20:20:54.0508 5972 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
20:20:54.0555 5972 WatAdminSvc - ok
20:20:54.0633 5972 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
20:20:54.0711 5972 wbengine - ok
20:20:54.0867 5972 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
20:20:54.0883 5972 WbioSrvc - ok
20:20:54.0945 5972 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
20:20:54.0976 5972 wcncsvc - ok
20:20:55.0007 5972 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
20:20:55.0039 5972 WcsPlugInService - ok
20:20:55.0085 5972 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
20:20:55.0101 5972 Wd - ok
20:20:55.0148 5972 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
20:20:55.0179 5972 Wdf01000 - ok
20:20:55.0210 5972 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
20:20:55.0304 5972 WdiServiceHost - ok
20:20:55.0304 5972 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
20:20:55.0319 5972 WdiSystemHost - ok
20:20:55.0366 5972 wdkmd (fe31110e39a0b11abae1ba43a2dc94f9) C:\Windows\system32\DRIVERS\WDKMD.sys
20:20:55.0382 5972 wdkmd - ok
20:20:55.0429 5972 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
20:20:55.0460 5972 WebClient - ok
20:20:55.0507 5972 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
20:20:55.0553 5972 Wecsvc - ok
20:20:55.0585 5972 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
20:20:55.0616 5972 wercplsupport - ok
20:20:55.0631 5972 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
20:20:55.0678 5972 WerSvc - ok
20:20:55.0709 5972 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
20:20:55.0725 5972 WfpLwf - ok
20:20:55.0803 5972 WimFltr (52ded146e4797e6ccf94799e8e22bb2a) C:\Windows\system32\DRIVERS\wimfltr.sys
20:20:55.0803 5972 WimFltr - ok
20:20:55.0834 5972 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
20:20:55.0834 5972 WIMMount - ok
20:20:55.0865 5972 WinDefend - ok
20:20:55.0881 5972 WinHttpAutoProxySvc - ok
20:20:55.0943 5972 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
20:20:55.0990 5972 Winmgmt - ok
20:20:56.0099 5972 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
20:20:56.0193 5972 WinRM - ok
20:20:56.0349 5972 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
20:20:56.0365 5972 WinUsb - ok
20:20:56.0427 5972 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
20:20:56.0474 5972 Wlansvc - ok
20:20:56.0536 5972 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
20:20:56.0552 5972 wlcrasvc - ok
20:20:56.0692 5972 wlidsvc (7e47c328fc4768cb8beafbcfafa70362) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
20:20:56.0723 5972 wlidsvc - ok
20:20:56.0848 5972 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
20:20:56.0864 5972 WmiAcpi - ok
20:20:56.0926 5972 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
20:20:56.0942 5972 wmiApSrv - ok
20:20:56.0989 5972 WMPNetworkSvc - ok
20:20:57.0020 5972 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
20:20:57.0035 5972 WPCSvc - ok
20:20:57.0082 5972 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
20:20:57.0082 5972 WPDBusEnum - ok
20:20:57.0129 5972 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
20:20:57.0145 5972 ws2ifsl - ok
20:20:57.0176 5972 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll
20:20:57.0191 5972 wscsvc - ok
20:20:57.0191 5972 WSearch - ok
20:20:57.0316 5972 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll
20:20:57.0394 5972 wuauserv - ok
20:20:57.0519 5972 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
20:20:57.0550 5972 WudfPf - ok
20:20:57.0597 5972 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
20:20:57.0628 5972 WUDFRd - ok
20:20:57.0644 5972 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
20:20:57.0675 5972 wudfsvc - ok
20:20:57.0737 5972 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
20:20:57.0769 5972 WwanSvc - ok
20:20:57.0831 5972 ZTEusbmdm6k (ff5a03a65b68db7e02a12880399d40d4) C:\Windows\system32\DRIVERS\ZTEusbmdm6k.sys
20:20:57.0862 5972 ZTEusbmdm6k - ok
20:20:57.0878 5972 ZTEusbnmea (ff5a03a65b68db7e02a12880399d40d4) C:\Windows\system32\DRIVERS\ZTEusbnmea.sys
20:20:57.0893 5972 ZTEusbnmea - ok
20:20:57.0925 5972 ZTEusbser6k (ff5a03a65b68db7e02a12880399d40d4) C:\Windows\system32\DRIVERS\ZTEusbser6k.sys
20:20:57.0940 5972 ZTEusbser6k - ok
20:20:57.0971 5972 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
20:20:58.0361 5972 \Device\Harddisk0\DR0 - ok
20:20:58.0720 5972 MBR (0x1B8) (5fb38429d5d77768867c76dcbdb35194) \Device\Harddisk1\DR1
20:20:58.0907 5972 \Device\Harddisk1\DR1 - ok
20:20:58.0907 5972 Boot (0x1200) (5695c82d7e0431652ea16f8eb48b01da) \Device\Harddisk0\DR0\Partition0
20:20:58.0907 5972 \Device\Harddisk0\DR0\Partition0 - ok
20:20:58.0970 5972 Boot (0x1200) (95d652eb7997ac6494c4e7ef7c26e849) \Device\Harddisk0\DR0\Partition1
20:20:58.0985 5972 \Device\Harddisk0\DR0\Partition1 - ok
20:20:58.0985 5972 Boot (0x1200) (3f9678c86d5bf609e63b0b92d06f0b3b) \Device\Harddisk1\DR1\Partition0
20:20:58.0985 5972 \Device\Harddisk1\DR1\Partition0 - ok
20:20:58.0985 5972 Boot (0x1200) (4f8cd3a84a039820e000897ff574ac79) \Device\Harddisk1\DR1\Partition1
20:20:58.0985 5972 \Device\Harddisk1\DR1\Partition1 - ok
20:20:58.0985 5972 ============================================================
20:20:58.0985 5972 Scan finished
20:20:58.0985 5972 ============================================================
20:20:59.0001 4844 Detected object count: 1
20:20:59.0001 4844 Actual detected object count: 1
20:21:24.0944 4844 C:\Program Files (x86)\Browny02\BrYNSvc.exe - copied to quarantine
20:21:24.0944 4844 BrYNSvc ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
|
|
19.07.2012, 11:08
| #20 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | GVU Trojaner (mit Webcam?) unter Windows 7 Dann bitte jetzt CF ausführen: ComboFix Ein Leitfaden und Tutorium zur Nutzung von ComboFix
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat! Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie Zitat:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
19.07.2012, 18:56
| #21 |
| | GVU Trojaner (mit Webcam?) unter Windows 7 So Combofix ist durchgelaufen. Musste zwischendurch mal kurz die Maus bewegen, weil mein Bildschirmschoner angesprungen ist: Hier das Log dazu Code:
ATTFilter ComboFix 12-07-19.02 - Asus 19.07.2012 19:44:14.1.8 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.8103.6136 [GMT 2:00]
ausgeführt von:: c:\users\Asus\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Neuer Wiederherstellungspunkt wurde erstellt
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\FullRemove.exe
c:\windows\msvcr71.dll
.
.
((((((((((((((((((((((( Dateien erstellt von 2012-06-19 bis 2012-07-19 ))))))))))))))))))))))))))))))
.
.
2012-07-19 17:51 . 2012-07-19 17:51 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2012-07-19 17:51 . 2012-07-19 17:51 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-07-18 18:21 . 2012-07-18 18:21 -------- d-----w- C:\TDSSKiller_Quarantine
2012-07-17 19:25 . 2012-07-17 19:25 -------- d-----w- C:\_OTL
2012-07-12 01:06 . 2012-06-12 03:08 3148800 ----a-w- c:\windows\system32\win32k.sys
2012-07-11 20:21 . 2012-07-11 20:21 -------- d-----w- c:\program files (x86)\ESET
2012-07-08 15:52 . 2012-07-08 15:52 -------- d-----w- c:\users\Versuch
2012-07-07 20:19 . 2012-07-07 20:19 -------- d-----w- c:\users\Asus\AppData\Roaming\Malwarebytes
2012-07-07 20:19 . 2012-07-07 20:19 -------- d-----w- c:\programdata\Malwarebytes
2012-07-07 20:19 . 2012-07-14 05:23 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-07-07 20:19 . 2012-07-03 11:46 24904 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-07-05 19:25 . 2012-07-12 15:13 405144 ----a-w- c:\windows\SysWow64\Newtonsoft.Json.Net20.dll
2012-06-25 14:04 . 2012-06-25 14:04 1394248 ----a-w- c:\windows\SysWow64\msxml4.dll
2012-06-21 16:16 . 2012-06-02 22:19 2428952 ----a-w- c:\windows\system32\wuaueng.dll
2012-06-21 16:16 . 2012-06-02 22:19 57880 ----a-w- c:\windows\system32\wuauclt.exe
2012-06-21 16:16 . 2012-06-02 22:19 44056 ----a-w- c:\windows\system32\wups2.dll
2012-06-21 16:16 . 2012-06-02 22:15 2622464 ----a-w- c:\windows\system32\wucltux.dll
2012-06-21 16:16 . 2012-06-02 22:19 38424 ----a-w- c:\windows\system32\wups.dll
2012-06-21 16:16 . 2012-06-02 22:19 701976 ----a-w- c:\windows\system32\wuapi.dll
2012-06-21 16:16 . 2012-06-02 22:15 99840 ----a-w- c:\windows\system32\wudriver.dll
2012-06-21 16:16 . 2012-06-02 13:19 186752 ----a-w- c:\windows\system32\wuwebv.dll
2012-06-21 16:16 . 2012-06-02 13:15 36864 ----a-w- c:\windows\system32\wuapp.exe
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-07-18 05:35 . 2011-04-03 18:13 45056 ----a-w- c:\windows\system32\acovcnt.exe
2012-07-12 01:01 . 2011-04-30 17:49 59701280 ----a-w- c:\windows\system32\MRT.exe
2012-05-04 11:06 . 2012-06-13 06:05 5559664 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-05-04 10:03 . 2012-06-13 06:05 3968368 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2012-05-04 10:03 . 2012-06-13 06:05 3913072 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2012-05-02 13:24 . 2012-05-25 05:27 27760 ----a-w- c:\windows\system32\drivers\avkmgr.sys
2012-05-01 05:40 . 2012-06-13 06:05 209920 ----a-w- c:\windows\system32\profsvc.dll
2012-04-28 03:55 . 2012-06-13 06:05 210944 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-04-27 08:20 . 2012-05-25 05:27 132832 ----a-w- c:\windows\system32\drivers\avipbb.sys
2012-04-26 05:41 . 2012-06-13 06:05 77312 ----a-w- c:\windows\system32\rdpwsx.dll
2012-04-26 05:41 . 2012-06-13 06:05 149504 ----a-w- c:\windows\system32\rdpcorekmts.dll
2012-04-26 05:34 . 2012-06-13 06:05 9216 ----a-w- c:\windows\system32\rdrmemptylst.exe
2012-04-24 22:32 . 2012-05-25 05:27 98848 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2012-04-24 05:37 . 2012-06-13 06:04 184320 ----a-w- c:\windows\system32\cryptsvc.dll
2012-04-24 05:37 . 2012-06-13 06:04 140288 ----a-w- c:\windows\system32\cryptnet.dll
2012-04-24 05:37 . 2012-06-13 06:04 1462272 ----a-w- c:\windows\system32\crypt32.dll
2012-04-24 04:36 . 2012-06-13 06:04 1158656 ----a-w- c:\windows\SysWow64\crypt32.dll
2012-04-24 04:36 . 2012-06-13 06:04 140288 ----a-w- c:\windows\SysWow64\cryptsvc.dll
2012-04-24 04:36 . 2012-06-13 06:04 103936 ----a-w- c:\windows\SysWow64\cryptnet.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ICQ"="c:\program files (x86)\ICQ7.5\ICQ.exe" [2011-08-01 124480]
"swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2011-01-12 39408]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"UpdateLBPShortCut"="c:\program files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
"UpdateP2GoShortCut"="c:\program files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
"Nuance PDF Reader-reminder"="c:\program files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe" [2008-11-03 328992]
"SonicMasterTray"="c:\program files (x86)\ASUS\SonicMaster\SonicMasterTray.exe" [2010-07-10 984400]
"FLxHCIm"="c:\program files\Fresco Logic Inc\Fresco Logic USB3.0 Host Controller\host\FLxHCIm.exe" [2011-01-21 40448]
"Wireless Console 3"="c:\program files (x86)\ASUS\Wireless Console 3\wcourier.exe" [2010-09-23 1601536]
"VAWinAgent"="c:\expressgateutil\VAWinAgent.exe" [2011-01-17 191304]
"RemoteControl10"="c:\program files (x86)\Cyberlink\PowerDVD10\PDVD10Serv.exe" [2010-02-03 87336]
"BDRegion"="c:\program files (x86)\Cyberlink\Shared files\brs.exe" [2010-11-12 75048]
"UpdatePSTShortCut"="c:\program files (x86)\Cyberlink\DVD Suite\MUITransfer\MUIStartMenu.exe" [2010-11-24 222504]
"UIExec"="c:\program files (x86)\1&1 Surf-Stick\UIExec.exe" [2010-09-30 139088]
"BrStsMon00"="c:\program files (x86)\Browny02\Brother\BrStMonW.exe" [2010-02-09 2621440]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2012-05-01 348624]
"ATKOSD2"="c:\program files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe" [2012-02-16 322176]
"ATKMEDIA"="c:\program files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe" [2011-10-24 174720]
"HControlUser"="c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe" [2009-06-19 105016]
"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-07-03 462920]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
AsusVibeLauncher.lnk - c:\program files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe [2011-1-12 548528]
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2009-8-3 1080608]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer2"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R2 CLKMSVC10_38F51D56;CyberLink Product - 2011/04/03 11:10;c:\program files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe [2010-11-12 241648]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-07-07 135664]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-07-03 160944]
R3 AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\AmUStor.SYS [2010-05-03 44032]
R3 cpuz135;cpuz135;c:\windows\TEMP\cpuz135\cpuz135_x64.sys [x]
R3 Futuremark SystemInfo Service;Futuremark SystemInfo Service;c:\program files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe [2011-12-09 135584]
R3 gupdatem;Google Update-Dienst (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-07-07 135664]
R3 massfilter;ZTE Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter.sys [2009-10-29 11776]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-05-06 129976]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [2010-07-20 340240]
R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys [2009-06-10 56832]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 TurboBoost;Intel(R) Turbo Boost Technology Monitor 2.0;c:\program files\Intel\TurboBoost\TurboBoost.exe [2010-11-29 149504]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe [2012-03-11 1255736]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys [2011-03-10 25576]
S1 ATKWMIACPIIO;ATKWMIACPI Driver;c:\program files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2011-09-07 17536]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [2012-05-02 27760]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
S2 AFBAgent;AFBAgent;c:\windows\system32\FBAgent.exe [2011-01-25 379520]
S2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2012-05-01 86224]
S2 ASMMAP64;ASMMAP64;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-02 15416]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-07-03 655944]
S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-03-10 1997416]
S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys [2010-11-29 16120]
S2 UI Assistant Service;UI Assistant Service;c:\program files (x86)\1&1 Surf-Stick\AssistantServices.exe [2010-09-30 253264]
S2 VideAceWindowsService;VideAceWindowsService;c:\expressgateutil\VAWinService.exe [2011-01-17 91464]
S3 BrYNSvc;BrYNSvc;c:\program files (x86)\Browny02\BrYNSvc.exe [2010-01-25 245760]
S3 btusbflt;Bluetooth USB Filter;c:\windows\system32\drivers\btusbflt.sys [2009-07-01 52264]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2009-04-07 35104]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [2010-09-08 129024]
S3 FLxHCIc;Fresco Logic xHCI (USB3) Device Driver;c:\windows\system32\DRIVERS\FLxHCIc.sys [2011-01-21 161280]
S3 FLxHCIh;Fresco Logic xHCI (USB3) Hub Device Driver;c:\windows\system32\DRIVERS\FLxHCIh.sys [2011-01-21 50176]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2010-10-14 317440]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys [2010-08-24 76912]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-07-03 24904]
S3 MEIx64;Intel(R) Management Engine Interface ;c:\windows\system32\DRIVERS\HECIx64.sys [2010-10-19 56344]
S3 NETwNs64;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;c:\windows\system32\DRIVERS\NETwNs64.sys [2010-07-14 7821312]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 wdkmd;Intel WiDi KMD;c:\windows\system32\DRIVERS\WDKMD.sys [2010-06-18 39832]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*Deregistered* - CLKMDRV10_38F51D56
.
Inhalt des "geplante Tasks" Ordners
.
2012-07-19 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-07-07 09:13]
.
2012-07-19 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-07-07 09:13]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_B]
@="{6D4133E5-0742-4ADC-8A8C-9303440F7190}"
[HKEY_CLASSES_ROOT\CLSID\{6D4133E5-0742-4ADC-8A8C-9303440F7190}]
2009-11-26 05:49 70656 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_O]
@="{64174815-8D98-4CE6-8646-4C039977D808}"
[HKEY_CLASSES_ROOT\CLSID\{64174815-8D98-4CE6-8646-4C039977D808}]
2009-11-26 05:49 70656 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2010-10-13 2168424]
"IntelWireless"="c:\program files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" [2010-07-20 1931024]
"AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2010-05-03 324096]
"snp2uvc"="c:\windows\vsnp2uvc.exe" [2010-01-21 909824]
"IntelTBRunOnce"="wscript.exe" [2009-07-14 168960]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-10-21 167704]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-10-21 392472]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-10-21 416024]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x1
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://asus.msn.com
mStart Page = hxxp://asus.msn.com
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Free YouTube Download - c:\users\Asus\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm
IE: Free YouTube to MP3 Converter - c:\users\Asus\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: {{7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - c:\program files (x86)\ICQ7.5\ICQ.exe
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\Asus\AppData\Roaming\Mozilla\Firefox\Profiles\iskpx8ki.default\
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
HKLM-Run-ETDWare - c:\program files (x86)\Elantech\ETDCtrl.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-1516755417-3234397197-3308580895-1001\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
@Allowed: (Read) (RestrictedCode)
"??"=hex:f0,05,9a,ba,88,30,d1,be,ff,ea,d5,02,66,4a,89,ac,29,3d,50,35,de,7c,0f,
8b,7a,3e,5c,51,b7,bb,4a,7a,ee,c6,ac,9a,27,18,ec,47,2c,df,f7,c4,e7,70,bf,29,\
"??"=hex:03,19,76,33,70,8c,2e,19,d1,71,a8,71,bc,15,cf,05
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2012-07-19 19:54:06
ComboFix-quarantined-files.txt 2012-07-19 17:54
.
Vor Suchlauf: 12 Verzeichnis(se), 13.204.955.136 Bytes frei
Nach Suchlauf: 18 Verzeichnis(se), 15.202.340.864 Bytes frei
.
- - End Of File - - 6E08974703EDD894B4B8E4F9A34A9335
|
|
19.07.2012, 20:12
| #22 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | GVU Trojaner (mit Webcam?) unter Windows 7 Bitte nun Logs mit GMER und OSAM erstellen und posten. GMER stürzt häufiger ab, wenn das Tool auch beim 2. Mal nicht will, lass es einfach weg und führ nur OSAM aus - die Online-Abfrage durch OSAM bitte überspringen. Bei OSAM bitte darauf auch achten, dass Du das Log auch als *.log und nicht *.html oder so abspeicherst. Hinweis: Zum Entpacken von OSAM bitte WinRAR oder 7zip verwenden! Stell auch unbedingt den Virenscanner ab, besonders der Scanner von McAfee meldet oft einen Fehalarm in OSAM! Downloade dir bitte  aswMBR.exe und speichere die Datei auf deinem Desktop.
Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none). Noch ein Hinweis: Sollte aswMBR abstürzen und es kommt eine Meldung wie "aswMBR.exe funktioniert nicht mehr, dann mach Folgendes: Starte aswMBR neu, wähle unten links im Drop-Down-Menü (unten links im Fenster von aswMBR) bei "AV scan" (none) aus und klick nochmal auf den Scan-Button.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
20.07.2012, 19:25
| #23 |
| | GVU Trojaner (mit Webcam?) unter Windows 7 So alles erfolgreich geschafft. Probleme gabs keine. Hier die Logs von Gmer: Code:
ATTFilter GMER 1.0.15.15641 - hxxp://www.gmer.net
Rootkit scan 2012-07-20 08:41:07
Windows 6.1.7601 Service Pack 1
Running: 8y9np4vh.exe
---- Registry - GMER 1.0.15 ----
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\0015007a2bc2
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\74f06dd1dd25
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\74f06dd1dd25@d4cbaf233ebb 0xF6 0x89 0x07 0xEB ...
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\74f06dd1dd25@000704ce0b97 0xC9 0xBC 0x6F 0x0F ...
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\0015007a2bc2 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\74f06dd1dd25 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\74f06dd1dd25@d4cbaf233ebb 0xF6 0x89 0x07 0xEB ...
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\74f06dd1dd25@000704ce0b97 0xC9 0xBC 0x6F 0x0F ...
---- EOF - GMER 1.0.15 ----
Code:
ATTFilter Report of OSAM: Autorun Manager v5.0.11926.0 hxxp://www.online-solutions.ru/en/ Saved at 19:50:14 on 20.07.2012 OS: Windows 7 Home Premium Edition Service Pack 1 (Build 7601), 64-bit Default Browser: Mozilla Corporation Firefox 12.0 Scanner Settings [x] Rootkits detection (hidden registry) [x] Rootkits detection (hidden files) [x] Retrieve files information [x] Check Microsoft signatures Filters [ ] Trusted entries [ ] Empty entries [x] Hidden registry entries (rootkit activity) [x] Exclusively opened files [x] Not found files [x] Files without detailed information [x] Existing files [ ] Non-startable services [ ] Non-startable drivers [x] Active entries [x] Disabled entries [Common] -----( %SystemRoot%\Tasks )----- "GoogleUpdateTaskMachineCore.job" - "Google Inc." - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe "GoogleUpdateTaskMachineUA.job" - "Google Inc." - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [Drivers] -----( HKLM\SYSTEM\CurrentControlSet\Services )----- "ASMMAP64" (ASMMAP64) - "ASUS" - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys "ATKWMIACPI Driver" (ATKWMIACPIIO) - "ASUS" - C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys "avgntflt" (avgntflt) - "Avira GmbH" - C:\Windows\System32\DRIVERS\avgntflt.sys "avipbb" (avipbb) - "Avira GmbH" - C:\Windows\System32\DRIVERS\avipbb.sys "avkmgr" (avkmgr) - "Avira GmbH" - C:\Windows\System32\DRIVERS\avkmgr.sys "catchme" (catchme) - ? - C:\ComboFix\catchme.sys (File not found) "cpuz135" (cpuz135) - ? - C:\Windows\TEMP\cpuz135\cpuz135_x64.sys (File not found) "FssFltr" (fssfltr) - "Microsoft Corporation" - C:\Windows\System32\DRIVERS\fssfltr.sys "MBAMProtector" (MBAMProtector) - "Malwarebytes Corporation" - C:\Windows\system32\drivers\mbam.sys "WimFltr" (WimFltr) - "Microsoft Corporation" - C:\Windows\System32\DRIVERS\wimfltr.sys [Explorer] -----( HKLM\Software\Classes\Folder\shellex\ColumnHandlers )----- {C52AF81D-F7A0-4AAB-8E87-F80A60CCD396} "{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}" - ? - C:\Program Files (x86)\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll -----( HKLM\Software\Classes\Protocols\Handler )----- {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} "Album Download IE Asynchronous Pluggable Protocol Interface" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} "IEProtocolHandler Class" - "Skype Technologies" - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL {828030A1-22C1-4009-854F-8E305202313F} "livecall" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll {828030A1-22C1-4009-854F-8E305202313F} "msnim" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll {91774881-D725-4E58-B298-07617B9B86A8} "Skype IE add-on Pluggable Protocol" - "Skype Technologies S.A." - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll {03C514A3-1EFB-4856-9F99-10D7BE1653C0} "Windows Live Mail HTML Asynchronous Pluggable Protocol Handler" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )----- {C52AF81D-F7A0-4AAB-8E87-F80A60CCD396} "OpenOffice.org Column Handler" - ? - C:\Program Files (x86)\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll {087B3AE3-E237-4467-B8DB-5A38AB959AC9} "OpenOffice.org Infotip Handler" - ? - C:\Program Files (x86)\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll {AE424E85-F6DF-4910-A6A9-438797986431} "OpenOffice.org Property Handler" - ? - C:\Program Files (x86)\OpenOffice.org 3\Basis\program\shlxthdl\propertyhdl.dll {63542C48-9552-494A-84F7-73AA6A7C99C1} "OpenOffice.org Property Sheet Handler" - ? - C:\Program Files (x86)\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll {3B092F0C-7696-40E3-A80F-68D74DA84210} "OpenOffice.org Thumbnail Viewer" - ? - C:\Program Files (x86)\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll {2BE99FD4-A181-4996-BFA9-58C5FFD11F6C} "Windows Live Photo Gallery Autoplay Drop Target" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe {00F30F64-AC33-42F5-8FD1-5DC2D3FDE06C} "Windows Live Photo Gallery Editor Drop Target" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe {00F3712A-CA79-45B4-9E4D-D7891E7F8B9D} "Windows Live Photo Gallery Editor Shim" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\PhotoViewerShim.dll {00F30F90-3E96-453B-AFCD-D71989ECC2C7} "Windows Live Photo Gallery Viewer Autoplay Shim" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\PhotoViewerShim.dll {00F33137-EE26-412F-8D71-F84E4C2C6625} "Windows Live Photo Gallery Viewer Autoplay Shim" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\PhotoViewerShim.dll {00F374B7-B390-4884-B372-2FC349F2172B} "Windows Live Photo Gallery Viewer Drop Target" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe {00F346CB-35A4-465B-8B8F-65A29DBAB1F6} "Windows Live Photo Gallery Viewer Shim" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\PhotoViewerShim.dll {B41DB860-8EE4-11D2-9906-E49FADC173CA} "WinRAR" - "Alexander Roshal" - C:\Program Files (x86)\WinRAR\rarext.dll {B41DB860-64E4-11D2-9906-E49FADC173CA} "WinRAR shell extension" - ? - (File not found | COM-object registry key not found) {0563DB41-F538-4B37-A92D-4659049B7766} "WLMD Message Handler" - ? - (File not found | COM-object registry key not found) {06A2568A-CED6-4187-BB20-400B8C02BE5A} "{06A2568A-CED6-4187-BB20-400B8C02BE5A}" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoAcquireWizard.exe [Internet Explorer] -----( HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser )----- <binary data> "Google Toolbar" - "Google Inc." - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll ITBar7Height "ITBar7Height" - ? - (File not found | COM-object registry key not found) <binary data> "ITBar7Layout" - ? - (File not found | COM-object registry key not found) -----( HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units )----- {8AD9C840-044E-11D1-B3E9-00805F499D93} "Java Plug-in 1.6.0_31" - "Sun Microsystems, Inc." - C:\Program Files (x86)\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} "Java Plug-in 1.6.0_31" - "Sun Microsystems, Inc." - C:\Program Files (x86)\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} "Java Plug-in 1.6.0_31" - "Sun Microsystems, Inc." - C:\Program Files (x86)\Java\jre6\bin\npjpi160_31.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab -----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions )----- {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} "@C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll {5F7B1267-94A9-47F5-98DB-E99415F33AEC} "@C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll "ICQ7.5" - "ICQ, LLC." - C:\Program Files (x86)\ICQ7.5\ICQ.exe {898EA8C8-E7FF-479B-8935-AEC46303B9E5} "Skype Plug-In" - "Skype Technologies S.A." - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll -----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar )----- <binary data> "Google Toolbar" - "Google Inc." - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects )----- {AA58ED58-01DD-4d91-8333-CF10577473F7} "Google Toolbar Helper" - "Google Inc." - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll {DBC80044-A445-435b-BC74-9C25C1C588A9} "Java(tm) Plug-In 2 SSV Helper" - "Sun Microsystems, Inc." - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} "Java(tm) Plug-In SSV Helper" - "Sun Microsystems, Inc." - C:\Program Files (x86)\Java\jre6\bin\ssv.dll {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} "Skype Plug-In" - "Skype Technologies S.A." - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll {9030D464-4C02-4ABF-8ECC-5164760863C6} "Windows Live ID Sign-in Helper" - "Microsoft Corp." - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll {9FDDE16B-836F-4806-AB1F-1455CBEFF289} "Windows Live Messenger Companion Helper" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [LSA Providers] -----( HKLM\SYSTEM\CurrentControlSet\Control\Lsa )----- "Security Packages" - "Microsoft Corp." - C:\Windows\system32\livessp.dll [Logon] -----( %APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup )----- "desktop.ini" - ? - C:\Users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini -----( %AllUsersProfile%\Microsoft\Windows\Start Menu\Programs\Startup )----- "AsusVibeLauncher.lnk" - ? - C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe (Shortcut exists | File exists) "desktop.ini" - ? - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini "Bluetooth.lnk" - ? - C:\Program Files (x86)\WIDCOMM\Bluetooth Software\BTTray.exe (Shortcut exists | File not found) -----( HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run )----- "ICQ" - "ICQ, LLC." - "C:\Program Files (x86)\ICQ7.5\ICQ.exe" silent loginmode=4 "swg" - "Google Inc." - "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" -----( HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server\Wds\rdpwd )----- "StartupPrograms" - ? - rdpclip (File not found) -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Run )----- "ATKMEDIA" - "ASUS" - C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe "ATKOSD2" - "ASUSTek Computer Inc." - C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe "avgnt" - "Avira Operations GmbH & Co. KG" - "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min "BDRegion" - "cyberlink" - C:\Program Files (x86)\Cyberlink\Shared files\brs.exe "BrStsMon00" - "Brother Industries, Ltd." - C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN "FLxHCIm" - "Windows (R) Win 7 DDK provider" - "C:\Program Files\Fresco Logic Inc\Fresco Logic USB3.0 Host Controller\host\FLxHCIm.exe" "HControlUser" - "ASUS" - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe "Malwarebytes' Anti-Malware" - "Malwarebytes Corporation" - "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray "Nuance PDF Reader-reminder" - "Nuance Communications, Inc." - "C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe" -r "C:\ProgramData\Nuance\PDF Reader\Ereg\Ereg.ini" "RemoteControl10" - "CyberLink Corp." - "C:\Program Files (x86)\Cyberlink\PowerDVD10\PDVD10Serv.exe" "SonicMasterTray" - "Virage Logic Corporation / Sonic Focus" - C:\Program Files (x86)\ASUS\SonicMaster\SonicMasterTray.exe "SunJavaUpdateSched" - "Sun Microsystems, Inc." - "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" "UIExec" - ? - "C:\Program Files (x86)\1&1 Surf-Stick\UIExec.exe" (File found, but it contains no detailed information) "UpdateLBPShortCut" - "CyberLink Corp." - "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5" "UpdateP2GoShortCut" - "CyberLink Corp." - "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0" "UpdatePSTShortCut" - "CyberLink Corp." - "C:\Program Files (x86)\Cyberlink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Cyberlink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter" "VAWinAgent" - ? - C:\ExpressGateUtil\VAWinAgent.exe (File found, but it contains no detailed information) "Wireless Console 3" - ? - C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [Print Monitors] -----( HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors )----- "EPSON BX320FW Series 64MonitorBE" - "SEIKO EPSON CORPORATION" - C:\Windows\system32\E_ILMGIE.DLL "EpsonNet Print Port" - "SEIKO EPSON CORPORATION" - C:\Windows\system32\enppmon.dll "PDFCreator" - ? - C:\Windows\system32\pdfcmnnt.dll (File found, but it contains no detailed information) [Services] -----( HKLM\SYSTEM\CurrentControlSet\Services )----- "@%ProgramFiles%\Windows Defender\MsMpRes.dll,-103" (WinDefend) - ? - C:\Program Files (x86)\Windows Defender\mpsvc.dll (File not found) "@%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101" (WMPNetworkSvc) - ? - "C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe" (File not found) "AFBAgent" (AFBAgent) - "ASUSTeK Computer Inc." - C:\Windows\system32\FBAgent.exe "ASLDR Service" (ASLDRService) - "ASUS" - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe "ATKGFNEX Service" (ATKGFNEXSrv) - "ASUS" - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe "Avira Echtzeit Scanner" (AntiVirService) - "Avira Operations GmbH & Co. KG" - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe "Avira Planer" (AntiVirSchedulerService) - "Avira Operations GmbH & Co. KG" - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe "Bluetooth Service" (btwdins) - "Broadcom Corporation." - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe "BrYNSvc" (BrYNSvc) - "Brother Industries, Ltd." - C:\Program Files (x86)\Browny02\BrYNSvc.exe "CyberLink Product - 2011/04/03 11:10:19" (CLKMSVC10_38F51D56) - "CyberLink" - C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe "Cyberlink RichVideo Service(CRVS)" (RichVideo) - ? - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe "Futuremark SystemInfo Service" (Futuremark SystemInfo Service) - "Futuremark Corporation" - C:\Program Files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe "Google Software Updater" (gusvc) - "Google" - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe "Google Update Service (gupdate)" (gupdate) - "Google Inc." - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe "Google Update-Dienst (gupdatem)" (gupdatem) - "Google Inc." - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe "Intel(R) PROSet/Wireless Event Log" (EvtEng) - "Intel(R) Corporation" - C:\Program Files\Intel\WiFi\bin\EvtEng.exe "Intel(R) PROSet/Wireless Registry Service" (RegSrvc) - "Intel(R) Corporation" - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe "Intel(R) Turbo Boost Technology Monitor 2.0" (TurboBoost) - "Intel(R) Corporation" - C:\Program Files\Intel\TurboBoost\TurboBoost.exe "MBAMService" (MBAMService) - "Malwarebytes Corporation" - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe "Microsoft .NET Framework NGEN v4.0.30319_X64" (clr_optimization_v4.0.30319_64) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe "Microsoft .NET Framework NGEN v4.0.30319_X86" (clr_optimization_v4.0.30319_32) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe "Mozilla Maintenance Service" (MozillaMaintenance) - "Mozilla Foundation" - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe "NVIDIA Driver Helper Service" (NVSvc) - "NVIDIA Corporation" - C:\Windows\system32\nvvsvc.exe "NVIDIA Update Service Daemon" (nvUpdatusService) - "NVIDIA Corporation" - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe "PnkBstrA" (PnkBstrA) - ? - C:\Windows\system32\PnkBstrA.exe (File not found) "ServiceLayer" (ServiceLayer) - "Nokia" - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe "Skype Updater" (SkypeUpdate) - "Skype Technologies" - C:\Program Files (x86)\Skype\Updater\Updater.exe "UI Assistant Service" (UI Assistant Service) - ? - C:\Program Files (x86)\1&1 Surf-Stick\AssistantServices.exe (File found, but it contains no detailed information) "VideAceWindowsService" (VideAceWindowsService) - ? - C:\ExpressGateUtil\VAWinService.exe (File found, but it contains no detailed information) "Windows Live Family Safety Service" (fsssvc) - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe "Windows Live ID Sign-in Assistant" (wlidsvc) - "Microsoft Corp." - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE "Wireless PAN DHCP Server" (MyWiFiDHCPDNS) - ? - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [Winlogon] -----( HKCU\Control Panel\Desktop )----- "SCRNSAVE.EXE" - "Microsoft Corporation" - C:\Windows\WLXPGSS.SCR [Winsock Providers] -----( HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries )----- "WindowsLive Local NSP" - "Microsoft Corp." - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL "WindowsLive NSP" - "Microsoft Corp." - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL ===[ Logfile end ]=========================================[ Logfile end ]=== If You have questions or want to get some help, You can visit hxxp://forum.online-solutions.ru Code:
ATTFilter aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-07-20 19:51:14
-----------------------------
19:51:14.132 OS Version: Windows x64 6.1.7601 Service Pack 1
19:51:14.132 Number of processors: 8 586 0x2A07
19:51:14.132 ComputerName: ASUS-PC UserName: Asus
19:51:15.162 Initialize success
19:52:12.462 AVAST engine defs: 12072000
19:52:26.939 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
19:52:26.939 Disk 0 Vendor: ST950032 0003 Size: 476940MB BusType: 3
19:52:26.939 Disk 1 \Device\Harddisk1\DR1 -> \Device\Ide\IAAStorageDevice-2
19:52:26.939 Disk 1 Vendor: ST950032 0003 Size: 476940MB BusType: 3
19:52:26.954 Disk 0 MBR read successfully
19:52:26.954 Disk 0 MBR scan
19:52:26.954 Disk 0 Windows 7 default MBR code
19:52:26.970 Disk 0 Partition 1 00 1C Hidd FAT32 LBA MSDOS5.0 25600 MB offset 2048
19:52:26.986 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 202291 MB offset 52430848
19:52:26.986 Disk 0 Partition - 00 0F Extended LBA 249048 MB offset 466722816
19:52:27.017 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 249047 MB offset 466724864
19:52:27.032 Disk 0 scanning C:\Windows\system32\drivers
19:52:40.027 Service scanning
19:53:06.157 Modules scanning
19:53:06.157 Disk 0 trace - called modules:
19:53:06.189 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys iaStor.sys hal.dll
19:53:06.189 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80080e0790]
19:53:06.189 3 CLASSPNP.SYS[fffff8800185143f] -> nt!IofCallDriver -> [0xfffffa8007e1dbf0]
19:53:06.189 5 ACPI.sys[fffff88000f917a1] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8007e1c050]
19:53:07.203 AVAST engine scan C:\Windows
19:53:10.541 AVAST engine scan C:\Windows\system32
19:55:59.988 AVAST engine scan C:\Windows\system32\drivers
19:56:13.186 AVAST engine scan C:\Users\Asus
19:56:56.383 Disk 0 MBR has been saved successfully to "C:\Users\Asus\Desktop\MBR.dat"
19:56:56.398 The log file has been saved successfully to "C:\Users\Asus\Desktop\aswMBR.txt"
aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-07-20 19:58:10
-----------------------------
19:58:10.139 OS Version: Windows x64 6.1.7601 Service Pack 1
19:58:10.139 Number of processors: 8 586 0x2A07
19:58:10.139 ComputerName: ASUS-PC UserName: Asus
19:58:11.481 Initialize success
19:58:15.053 AVAST engine defs: 12072000
19:58:20.685 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
19:58:20.685 Disk 0 Vendor: ST950032 0003 Size: 476940MB BusType: 3
19:58:20.685 Disk 1 \Device\Harddisk1\DR1 -> \Device\Ide\IAAStorageDevice-2
19:58:20.685 Disk 1 Vendor: ST950032 0003 Size: 476940MB BusType: 3
19:58:20.731 Disk 0 MBR read successfully
19:58:20.747 Disk 0 MBR scan
19:58:20.747 Disk 0 Windows 7 default MBR code
19:58:20.763 Disk 0 Partition 1 00 1C Hidd FAT32 LBA MSDOS5.0 25600 MB offset 2048
19:58:20.778 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 202291 MB offset 52430848
19:58:20.778 Disk 0 Partition - 00 0F Extended LBA 249048 MB offset 466722816
19:58:20.809 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 249047 MB offset 466724864
19:58:20.841 Disk 0 scanning C:\Windows\system32\drivers
19:58:34.834 Service scanning
19:59:01.167 Modules scanning
19:59:01.167 Disk 0 trace - called modules:
19:59:01.229 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys iaStor.sys hal.dll
19:59:01.229 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80080e0790]
19:59:01.229 3 CLASSPNP.SYS[fffff8800185143f] -> nt!IofCallDriver -> [0xfffffa8007e1dbf0]
19:59:01.229 5 ACPI.sys[fffff88000f917a1] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8007e1c050]
19:59:02.352 AVAST engine scan C:\Windows
19:59:06.471 AVAST engine scan C:\Windows\system32
20:02:50.035 AVAST engine scan C:\Windows\system32\drivers
20:03:04.668 AVAST engine scan C:\Users\Asus
20:16:04.486 AVAST engine scan C:\ProgramData
20:18:11.485 Scan finished successfully
20:19:00.891 Disk 0 MBR has been saved successfully to "C:\Users\Asus\Desktop\MBR.dat"
20:19:00.891 The log file has been saved successfully to "C:\Users\Asus\Desktop\aswMBR.txt"
Und noch ne Frage für neugierige: Wenn ich Text als Code Einfüge steht dann über der Codebox was von Larusso Mode. Was ist das? Und als letztes: Kann ich meinen Rechner wieder normal nutzen? Oder solte ich noch vorsichtig sein, wegen eventuellen Resten von dem Trojaner??? Grüße und ein Dickes Danke für die Hilfe Sebastian So jetzt wird es richtig unlustig. Ich hatte mir ja einen 2. Benutzer erstellt. Der funktionierte die ganze Zeit fehlerlos. Heute mache ich meinen PC an melde mich am 2. Benutzer an und zack PC ist durch den GVU Trojaner gesperrt. Ich dreh gleich durch. Hoffe es war kein Fehler aber den Benutzer habe ich gelöscht. Sebastian |
|
21.07.2012, 15:35
| #24 | ||
| /// Winkelfunktion /// TB-Süch-Tiger™ | GVU Trojaner (mit Webcam?) unter Windows 7Zitat:
Das sind nicht alles AV-Programme! Außerdme stören die deinen installierten Virenscanner nicht! Zitat:
Mach bitte zur Kontrolle Vollscans mit Malwarebytes und SUPERAntiSpyware und poste die Logs. Denk dran beide Tools zu updaten vor dem Scan!!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
22.07.2012, 05:32
| #25 |
| | GVU Trojaner (mit Webcam?) unter Windows 7 Guten Morgen Also der Reihe nach. Hab auf das Feld mit Larusso Modus gedrückt ... nix passiert ^^ Danach n Vollscan mit Malwarebytes Code:
ATTFilter Malwarebytes Anti-Malware (Test) 1.62.0.1300 www.malwarebytes.org Datenbank Version: v2012.07.21.09 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 Asus :: ASUS-PC [Administrator] Schutz: Aktiviert 21.07.2012 20:03:33 mbam-log-2012-07-21 (20-03-33).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|E:\|F:\|) Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 420921 Laufzeit: 1 Stunde(n), 23 Minute(n), 30 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) Code:
ATTFilter SUPERAntiSpyware Scan Log
hxxp://www.superantispyware.com
Generated 07/22/2012 at 00:26 AM
Application Version : 5.5.1006
Core Rules Database Version : 8939
Trace Rules Database Version: 6751
Scan type : Complete Scan
Total Scan Time : 02:51:31
Operating System Information
Windows 7 Home Premium 64-bit, Service Pack 1 (Build 6.01.7601)
UAC On - Administrator
Memory items scanned : 716
Memory threats detected : 0
Registry items scanned : 70486
Registry threats detected : 0
File items scanned : 209721
File threats detected : 555
Adware.Tracking Cookie
C:\Users\Asus\AppData\Roaming\Microsoft\Windows\Cookies\asus@ad2.adfarm1.adition[1].txt [ /ad2.adfarm1.adition ]
C:\Users\Asus\AppData\Roaming\Microsoft\Windows\Cookies\asus@ad2.adfarm1.adition[3].txt [ /ad2.adfarm1.adition ]
C:\Users\Asus\AppData\Roaming\Microsoft\Windows\Cookies\asus@ad4.adfarm1.adition[2].txt [ /ad4.adfarm1.adition ]
C:\Users\Asus\AppData\Roaming\Microsoft\Windows\Cookies\asus@adx.chip[1].txt [ /adx.chip ]
C:\Users\Asus\AppData\Roaming\Microsoft\Windows\Cookies\asus@atdmt[2].txt [ /atdmt ]
C:\Users\Asus\AppData\Roaming\Microsoft\Windows\Cookies\asus@atwola[1].txt [ /atwola ]
C:\Users\Asus\AppData\Roaming\Microsoft\Windows\Cookies\asus@msnportal.112.2o7[1].txt [ /msnportal.112.2o7 ]
C:\Users\Asus\AppData\Roaming\Microsoft\Windows\Cookies\asus@sevenoneintermedia.112.2o7[1].txt [ /sevenoneintermedia.112.2o7 ]
C:\Users\Asus\AppData\Roaming\Microsoft\Windows\Cookies\asus@zbox.zanox[1].txt [ /zbox.zanox ]
C:\Users\Asus\AppData\Roaming\Microsoft\Windows\Cookies\BE92Y1RP.txt [ /www.zanox-affiliate.de ]
C:\Users\Asus\AppData\Roaming\Microsoft\Windows\Cookies\MC1NNCHT.txt [ /imrworldwide.com ]
C:\Users\Asus\AppData\Roaming\Microsoft\Windows\Cookies\TMOPRNUF.txt [ /ad.adserver01.de ]
C:\Users\Asus\AppData\Roaming\Microsoft\Windows\Cookies\L9P15RJQ.txt [ /eas.apm.emediate.eu ]
C:\Users\Asus\AppData\Roaming\Microsoft\Windows\Cookies\1XB4P3EE.txt [ /track.adform.net ]
C:\Users\Asus\AppData\Roaming\Microsoft\Windows\Cookies\E8I8TADG.txt [ /fastclick.net ]
C:\Users\Asus\AppData\Roaming\Microsoft\Windows\Cookies\EA127O43.txt [ /ad.ad-srv.net ]
C:\Users\Asus\AppData\Roaming\Microsoft\Windows\Cookies\XLH7WR2T.txt [ /tracking.quisma.com ]
C:\Users\Asus\AppData\Roaming\Microsoft\Windows\Cookies\TPIER6XF.txt [ /adtech.de ]
C:\Users\Asus\AppData\Roaming\Microsoft\Windows\Cookies\C1465JJL.txt [ /ad2.adfarm1.adition.com ]
C:\Users\Asus\AppData\Roaming\Microsoft\Windows\Cookies\V176WDU2.txt [ /adviva.net ]
C:\Users\Asus\AppData\Roaming\Microsoft\Windows\Cookies\SYTX7D0A.txt [ /doubleclick.net ]
C:\Users\Asus\AppData\Roaming\Microsoft\Windows\Cookies\3DBMIX9B.txt [ /unister-adservices.com ]
C:\Users\Asus\AppData\Roaming\Microsoft\Windows\Cookies\XAPTBOZI.txt [ /revsci.net ]
C:\Users\Asus\AppData\Roaming\Microsoft\Windows\Cookies\GU3FJGFK.txt [ /ad4.adfarm1.adition.com ]
C:\Users\Asus\AppData\Roaming\Microsoft\Windows\Cookies\JGUW525W.txt [ /adform.net ]
C:\Users\Asus\AppData\Roaming\Microsoft\Windows\Cookies\E259M06X.txt [ /webmasterplan.com ]
C:\Users\Asus\AppData\Roaming\Microsoft\Windows\Cookies\4UI41HYC.txt [ /questionmarket.com ]
C:\Users\Asus\AppData\Roaming\Microsoft\Windows\Cookies\QOSTSNFA.txt [ /ad3.adfarm1.adition.com ]
C:\Users\Asus\AppData\Roaming\Microsoft\Windows\Cookies\0QAFPFPW.txt [ /ad.adc-serv.net ]
C:\Users\Asus\AppData\Roaming\Microsoft\Windows\Cookies\LBNVO19W.txt [ /zanox-affiliate.de ]
C:\Users\Asus\AppData\Roaming\Microsoft\Windows\Cookies\MEF7484Q.txt [ /ads.creative-serving.com ]
C:\Users\Asus\AppData\Roaming\Microsoft\Windows\Cookies\XOKWSEQN.txt [ /server.adform.net ]
C:\Users\Asus\AppData\Roaming\Microsoft\Windows\Cookies\X2PEFSGM.txt [ /smartadserver.com ]
C:\Users\Asus\AppData\Roaming\Microsoft\Windows\Cookies\A1RNXLT2.txt [ /unitymedia.de ]
C:\Users\Asus\AppData\Roaming\Microsoft\Windows\Cookies\9MMITPC8.txt [ /ad.yieldmanager.com ]
C:\Users\Asus\AppData\Roaming\Microsoft\Windows\Cookies\VTC0G77V.txt [ /apmebf.com ]
C:\Users\Asus\AppData\Roaming\Microsoft\Windows\Cookies\JS2UKJR6.txt [ /tradedoubler.com ]
C:\Users\Asus\AppData\Roaming\Microsoft\Windows\Cookies\HUPY65IN.txt [ /serving-sys.com ]
C:\Users\Asus\AppData\Roaming\Microsoft\Windows\Cookies\DBQYTSUN.txt [ /server.adformdsp.net ]
C:\Users\Asus\AppData\Roaming\Microsoft\Windows\Cookies\2CNUNEKV.txt [ /atdmt.com ]
C:\Users\Asus\AppData\Roaming\Microsoft\Windows\Cookies\4MTKBDP4.txt [ /c.atdmt.com ]
C:\Users\Asus\AppData\Roaming\Microsoft\Windows\Cookies\ANDO99R9.txt [ /ad.dyntracker.de ]
C:\Users\Asus\AppData\Roaming\Microsoft\Windows\Cookies\OZZR07XH.txt [ /ad.360yield.com ]
C:\Users\Asus\AppData\Roaming\Microsoft\Windows\Cookies\5F4ZX7CH.txt [ /ad4.adfarm1.adition.com ]
C:\Users\Asus\AppData\Roaming\Microsoft\Windows\Cookies\6DD13KM2.txt [ /adformdsp.net ]
C:\Users\Asus\AppData\Roaming\Microsoft\Windows\Cookies\9NA8JRUB.txt [ /specificclick.net ]
C:\Users\Asus\AppData\Roaming\Microsoft\Windows\Cookies\V7GWG8TQ.txt [ /tracking.mindshare.de ]
C:\Users\Asus\AppData\Roaming\Microsoft\Windows\Cookies\04BMX4OY.txt [ /adfarm1.adition.com ]
C:\Users\Asus\AppData\Roaming\Microsoft\Windows\Cookies\R1BS9KD2.txt [ /bs.serving-sys.com ]
C:\Users\Asus\AppData\Roaming\Microsoft\Windows\Cookies\9I28DHPC.txt [ /ad1.adfarm1.adition.com ]
C:\Users\Asus\AppData\Roaming\Microsoft\Windows\Cookies\N52ODA0D.txt [ /content.yieldmanager.com ]
C:\Users\Asus\AppData\Roaming\Microsoft\Windows\Cookies\8ASAM7ZW.txt [ /adfarm1.adition.com ]
C:\Users\Asus\AppData\Roaming\Microsoft\Windows\Cookies\ZUBSO0LL.txt [ /zanox.com ]
C:\Users\Asus\AppData\Roaming\Microsoft\Windows\Cookies\66Y4VUGH.txt [ /ad.zanox.com ]
C:\Users\Asus\AppData\Roaming\Microsoft\Windows\Cookies\A0MLUA4C.txt [ /content.yieldmanager.com ]
C:\Users\Asus\AppData\Roaming\Microsoft\Windows\Cookies\ODQMG1AK.txt [ /eyewonder.com ]
C:\Users\Asus\AppData\Roaming\Microsoft\Windows\Cookies\BD9AKGGW.txt [ /www.traffective-tracking.net ]
C:\Users\Asus\AppData\Roaming\Microsoft\Windows\Cookies\OAUOGELF.txt [ /adserv.kwick.de ]
C:\Users\Asus\AppData\Roaming\Microsoft\Windows\Cookies\OMRIONY9.txt [ /mediaplex.com ]
C:\USERS\ASUS\AppData\Roaming\Microsoft\Windows\Cookies\Low\asus@statcounter[3].txt [ Cookie:asus@statcounter.com/ ]
C:\USERS\ASUS\AppData\Roaming\Microsoft\Windows\Cookies\Low\asus@ad.yieldmanager[1].txt [ Cookie:asus@ad.yieldmanager.com/ ]
C:\USERS\ASUS\AppData\Roaming\Microsoft\Windows\Cookies\Low\4X3PNCG6.txt [ Cookie:asus@atdmt.com/ ]
C:\USERS\ASUS\AppData\Roaming\Microsoft\Windows\Cookies\Low\asus@content.yieldmanager[2].txt [ Cookie:asus@content.yieldmanager.com/ ]
C:\USERS\ASUS\Cookies\BE92Y1RP.txt [ Cookie:asus@www.zanox-affiliate.de/ ]
C:\USERS\ASUS\Cookies\asus@atwola[1].txt [ Cookie:asus@atwola.com/ ]
C:\USERS\ASUS\Cookies\L9P15RJQ.txt [ Cookie:asus@eas.apm.emediate.eu/ ]
C:\USERS\ASUS\Cookies\1XB4P3EE.txt [ Cookie:asus@track.adform.net/ ]
C:\USERS\ASUS\Cookies\XLH7WR2T.txt [ Cookie:asus@tracking.quisma.com/ ]
C:\USERS\ASUS\Cookies\TPIER6XF.txt [ Cookie:asus@adtech.de/ ]
C:\USERS\ASUS\Cookies\C1465JJL.txt [ Cookie:asus@ad2.adfarm1.adition.com/ ]
C:\USERS\ASUS\Cookies\asus@sevenoneintermedia.112.2o7[1].txt [ Cookie:asus@sevenoneintermedia.112.2o7.net/ ]
C:\USERS\ASUS\Cookies\SYTX7D0A.txt [ Cookie:asus@doubleclick.net/ ]
C:\USERS\ASUS\Cookies\3DBMIX9B.txt [ Cookie:asus@unister-adservices.com/ ]
C:\USERS\ASUS\Cookies\GU3FJGFK.txt [ Cookie:asus@ad4.adfarm1.adition.com/ ]
C:\USERS\ASUS\Cookies\JGUW525W.txt [ Cookie:asus@adform.net/ ]
C:\USERS\ASUS\Cookies\E259M06X.txt [ Cookie:asus@webmasterplan.com/ ]
C:\USERS\ASUS\Cookies\4UI41HYC.txt [ Cookie:asus@questionmarket.com/ ]
C:\USERS\ASUS\Cookies\QOSTSNFA.txt [ Cookie:asus@ad3.adfarm1.adition.com/ ]
C:\USERS\ASUS\Cookies\asus@adx.chip[1].txt [ Cookie:asus@adx.chip.de/ ]
C:\USERS\ASUS\Cookies\LBNVO19W.txt [ Cookie:asus@zanox-affiliate.de/ ]
C:\USERS\ASUS\Cookies\XOKWSEQN.txt [ Cookie:asus@server.adform.net/ ]
C:\USERS\ASUS\Cookies\A1RNXLT2.txt [ Cookie:asus@unitymedia.de/ ]
C:\USERS\ASUS\Cookies\9MMITPC8.txt [ Cookie:asus@ad.yieldmanager.com/ ]
C:\USERS\ASUS\Cookies\DBQYTSUN.txt [ Cookie:asus@server.adformdsp.net/ ]
C:\USERS\ASUS\Cookies\2CNUNEKV.txt [ Cookie:asus@atdmt.com/ ]
C:\USERS\ASUS\Cookies\4MTKBDP4.txt [ Cookie:asus@c.atdmt.com/ ]
C:\USERS\ASUS\Cookies\ANDO99R9.txt [ Cookie:asus@ad.dyntracker.de/ ]
C:\USERS\ASUS\Cookies\6DD13KM2.txt [ Cookie:asus@adformdsp.net/ ]
C:\USERS\ASUS\Cookies\V7GWG8TQ.txt [ Cookie:asus@tracking.mindshare.de/ ]
C:\USERS\ASUS\Cookies\04BMX4OY.txt [ Cookie:asus@adfarm1.adition.com/ ]
C:\USERS\ASUS\Cookies\R1BS9KD2.txt [ Cookie:asus@bs.serving-sys.com/ ]
C:\USERS\ASUS\Cookies\9I28DHPC.txt [ Cookie:asus@ad1.adfarm1.adition.com/ ]
C:\USERS\ASUS\Cookies\N52ODA0D.txt [ Cookie:asus@content.yieldmanager.com/ ]
C:\USERS\ASUS\Cookies\8ASAM7ZW.txt [ Cookie:asus@adfarm1.adition.com/ ]
C:\USERS\ASUS\Cookies\ZUBSO0LL.txt [ Cookie:asus@zanox.com/ ]
C:\USERS\ASUS\Cookies\OAUOGELF.txt [ Cookie:asus@adserv.kwick.de/ ]
C:\USERS\ASUS\Cookies\OMRIONY9.txt [ Cookie:asus@mediaplex.com/ ]
statse.webtrendslive.com [ C:\USERS\ALTERNATIVE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2GOCDVLE.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\ALTERNATIVE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2GOCDVLE.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\ALTERNATIVE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2GOCDVLE.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\ALTERNATIVE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2GOCDVLE.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\ALTERNATIVE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2GOCDVLE.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\ALTERNATIVE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2GOCDVLE.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\ALTERNATIVE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2GOCDVLE.DEFAULT\COOKIES.SQLITE ]
cdn2.themis-media.com [ C:\USERS\ASUS\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\DGFQD8BS ]
de.partypoker.com [ C:\USERS\ASUS\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\DGFQD8BS ]
delivery.ibanner.de [ C:\USERS\ASUS\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\DGFQD8BS ]
ia.media-imdb.com [ C:\USERS\ASUS\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\DGFQD8BS ]
imagesrv.adition.com [ C:\USERS\ASUS\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\DGFQD8BS ]
macromedia.com [ C:\USERS\ASUS\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\DGFQD8BS ]
media.adxpansion.com [ C:\USERS\ASUS\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\DGFQD8BS ]
media.mtvnservices.com [ C:\USERS\ASUS\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\DGFQD8BS ]
media.noob.us [ C:\USERS\ASUS\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\DGFQD8BS ]
media.trafficfactory.biz [ C:\USERS\ASUS\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\DGFQD8BS ]
objects.tremormedia.com [ C:\USERS\ASUS\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\DGFQD8BS ]
s0.2mdn.net [ C:\USERS\ASUS\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\DGFQD8BS ]
secure-us.imrworldwide.com [ C:\USERS\ASUS\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\DGFQD8BS ]
stat.easydate.biz [ C:\USERS\ASUS\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\DGFQD8BS ]
stat.ed.cupidplc.com [ C:\USERS\ASUS\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\DGFQD8BS ]
stat.upforitnetworks.com [ C:\USERS\ASUS\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\DGFQD8BS ]
www.ardmediathek.de [ C:\USERS\ASUS\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\DGFQD8BS ]
www.partypoker.com [ C:\USERS\ASUS\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\DGFQD8BS ]
C:\USERS\ASUS\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\ASUS@CONTENT.YIELDMANAGER[3].TXT [ /CONTENT.YIELDMANAGER ]
C:\USERS\ASUS\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\ASUS@AD.YIELDMANAGER[2].TXT [ /AD.YIELDMANAGER ]
C:\USERS\ASUS\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\ASUS@CONTENT.YIELDMANAGER[4].TXT [ /CONTENT.YIELDMANAGER ]
C:\USERS\ASUS\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\ASUS@ATDMT[2].TXT [ /ATDMT ]
C:\USERS\ASUS\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\ASUS@MICROSOFTWLSEARCHCRM.112.2O7[1].TXT [ /MICROSOFTWLSEARCHCRM.112.2O7 ]
C:\USERS\ASUS\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\ASUS@MSNPORTAL.112.2O7[1].TXT [ /MSNPORTAL.112.2O7 ]
C:\USERS\ASUS\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\ASUS@STATCOUNTER[1].TXT [ /STATCOUNTER ]
.im.banner.t-online.de [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
eas.apm.emediate.eu [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.apmebf.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.apmebf.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.mediaplex.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.zedo.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.imrworldwide.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.imrworldwide.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.xiti.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.adbrite.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.adxpose.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.eyewonder.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.eyewonder.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.atdmt.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.a.revenuemax.de [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.ru4.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.ru4.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.ad.adnet.de [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.server.cpmstar.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.ibanner.de [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.tracking.quisma.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
tracking.quisma.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.googleads.g.doubleclick.net [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.revenuemax.de [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
tracking.quisma.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.ru4.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.amazon-adsystem.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.amazon-adsystem.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.adviva.net [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.ero-advertising.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.gostats.de [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.traffictrack.de [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.tto2.traffictrack.de [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.clickfuse.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.eyewonder.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.traffictrack.de [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.traffictrack.de [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.lfstmedia.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.lfstmedia.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.lfstmedia.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.lfstmedia.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.lfstmedia.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
track.effiliation.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.mediaplex.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.doubleclick.net [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.ru4.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
7.rotator.wigetmedia.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.ad.yieldmanager.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.ad.yieldmanager.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.doubleclick.net [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.ad3.adfarm1.adition.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.ww251.smartadserver.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.adbrite.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.advertising.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.liveperson.net [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.ero-advertising.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.lego.112.2o7.net [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
eas4.emediate.eu [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.histats.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.clicksor.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.clicksor.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.adbrite.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.bwincom.122.2o7.net [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.ero-advertising.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.ero-advertising.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.realmedia.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
fl01.ct2.comclick.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
adfarm1.adition.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.ero-advertising.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.sexkontakt.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.sexkontakt.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.at.atwola.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.uk.at.atwola.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.ero-advertising.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.ero-advertising.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.ero-advertising.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.ero-advertising.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.ero-advertising.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.xm.xtendmedia.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.imagesrv.adition.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.histats.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.mediaplex.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.schnurstracks-kletterparks.de [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.schnurstracks-kletterparks.de [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
tracker.bmtsystem.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.ad-emea.doubleclick.net [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.ad-emea.doubleclick.net [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
ads2.fettspielen.de [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
tracking.affiliates.de [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
tracking.affiliates.de [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.ero-advertising.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.ero-advertising.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.ero-advertising.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.ero-advertising.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.ero-advertising.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.realmedia.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
accounts.google.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
accounts.google.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.aka-cdn-ns.adtech.de [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
ad.adserver01.de [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.animetoplist.org [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.www.animetoplist.org [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.game-advertising-online.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.interclick.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.interclick.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.adserver.adtechus.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.adbrite.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
tracking.dc-storm.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
track.adform.net [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.specificclick.net [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.traffictrack.de [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.traffictrack.de [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.tto2.traffictrack.de [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.ero-advertising.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
fl01.ct2.comclick.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
server.adform.net [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.partypoker.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.traffictrack.de [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.atdmt.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.c.atdmt.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.c.atdmt.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.legolas-media.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.legolas-media.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.legolas-media.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.msnbc.112.2o7.net [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.ar.atwola.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.advertising.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.advertising.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.tacoda.at.atwola.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.advertising.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.at.atwola.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.tacoda.at.atwola.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.tacoda.at.atwola.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.at.atwola.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.ad-emea.doubleclick.net [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.adxvalue.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.adxvalue.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.adxvalue.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
adserver1.mokono.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
eas.apm.emediate.eu [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.adbrite.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.ero-advertising.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.clicksor.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.clicksor.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
fidelity.rotator.hadj7.adjuggler.net [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
fidelity.rotator.hadj7.adjuggler.net [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
track2.httptrack.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
track.solocpm.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
track71.solocpm.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
track1.httptrack.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
track1.httptrack.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
track.solocpm.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
track71.solocpm.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
track2.httptrack.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
track.solocpm.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
track71.solocpm.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
track1.httptrack.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
track.solocpm.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
track2.httptrack.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
track1.httptrack.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.freshnewtracks.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.burstnet.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.burstnet.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.freshnewtracks.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.freshnewtracks.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.adbrite.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.ad.adnet.de [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
server.adformdsp.net [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.adformdsp.net [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.ad.velmedia.net [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.ad.velmedia.net [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.velmedia.net [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
stat.easydate.biz [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
stat.ed.cupidplc.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.youporn.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.youporn.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
www.youporn.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
dm3adserver.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.tracking.quisma.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.im.banner.t-online.de [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.tribalfusion.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.adnetwork.net [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.harrenmedianetwork.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.tracking.quisma.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
eas4.emediate.eu [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.statcounter.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
eas.apm.emediate.eu [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
track.effiliation.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.bs.serving-sys.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
eas.apm.emediate.eu [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
eas.apm.emediate.eu [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
stats.bmw.de [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
www.zanox-affiliate.de [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
ad.zanox.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.zedo.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.yieldmanager.net [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.adultfriendfinder.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.adultfriendfinder.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.adultfriendfinder.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.adultfriendfinder.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.adultfriendfinder.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.adultfriendfinder.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.adultfriendfinder.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.adultfriendfinder.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
rts.pgmediaserve.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
rts.pgmediaserve.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
rts.pgmediaserve.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.partypoker.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
ads.trafficjunky.net [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.sexad.net [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.youporn.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.youporn.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.guj.122.2o7.net [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.zedo.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
studivz.adfarm1.adition.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
studivz.adfarm1.adition.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.partypoker.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.partypoker.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.partypoker.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.partypoker.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.de.partypoker.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.partypoker.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.partypoker.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.partypoker.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.partypoker.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.zedo.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.zedo.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.ero-advertising.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.ero-advertising.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.pornofilmpjes.nl [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.pornofilmpjes.nl [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.advertisingenhanced.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.advertisingenhanced.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.maximumfindings.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.maximumfindings.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.cpvadverts.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.cpvadverts.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
ads1.zenoviaexchange.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
7.rotator.wigetmedia.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
delivery.atkmedia.de [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.yadro.ru [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.yadro.ru [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
ad.dyntracker.de [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.ad.adnet.de [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.tracking.quisma.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.burstnet.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
statse.webtrendslive.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.tracking.mindshare.de [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.adviva.net [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
server.adform.net [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
ad4.adfarm1.adition.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.kontera.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.advertising.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.tracking.quisma.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.unitymedia.de [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.unitymedia.de [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.tracking.quisma.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.tracking.quisma.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.a.revenuemax.de [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.ad.adnet.de [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.lucidmedia.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
adfarm1.adition.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.unister-adservices.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.unister-adservices.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
ww251.smartadserver.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
ad3.adfarm1.adition.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
www.usenext.de [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
adx.chip.de [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.tracker.vinsight.de [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
adx.chip.de [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
tomtailor.dyntracker.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.atdmt.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.atdmt.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.questionmarket.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.questionmarket.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.questionmarket.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.questionmarket.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.fastclick.net [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
yourxxxdate.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.doubleclick.net [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.adbrite.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
eas.apm.emediate.eu [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
eas.apm.emediate.eu [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.lfstmedia.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
ad1.adfarm1.adition.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.tracking.quisma.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.mediaplex.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.bs.serving-sys.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
ad2.adfarm1.adition.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
tracking.quisma.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.traffictrack.de [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
ad.dyntracker.de [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.zanox-affiliate.de [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.apmebf.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
www.zanox-affiliate.de [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
ad.dyntracker.de [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.zanox.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
ad.zanox.com [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.quartermedia.de [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.quartermedia.de [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
track.adform.net [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
.adform.net [ C:\USERS\ASUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ISKPX8KI.DEFAULT\COOKIES.SQLITE ]
Trojan.Agent/Gen-Frauder
C:\PROGRAM FILES (X86)\1&1 SURF-STICK\COMPONENT\BIUSBSOUND.DLL
Schönen Sonntag Sebastian |
|
23.07.2012, 14:23
| #26 | ||
| /// Winkelfunktion /// TB-Süch-Tiger™ | GVU Trojaner (mit Webcam?) unter Windows 7Zitat:
 Probier es mal mit der CODE-Box in der das Log von SUPERAntiSpyware ist aus Zitat:
Cookies sind keine Schädlinge direkt, aber es besteht die Gefahr der missbräuchlichen Verwendung (eindeutige Wiedererkennung zB für gezielte Werbung o.ä. => HTTP-Cookie ) Wegen Cookies und anderer Dinge im Web: Um die Pest von vornherein zu blocken (also TrackingCookies, Werbebanner etc.) müsstest du dir mal sowas wie MVPS Hosts File anschauen => Blocking Unwanted Parasites with a Hosts File - sinnvollerweise solltest du alle 4 Wochen mal bei MVPS nachsehen, ob er eine neue Hosts Datei herausgebracht hat. Ansonsten gibt es noch gute Cookiemanager, Erweiterungen für den Firefox zB wäre da CookieCuller http://filepony.de/download-cookie_culler/ Wenn du aber damit leben kannst, dich bei jeder Browsersession überall neu einzuloggen (zB Facebook, Ebay, GMX, oder auch Trojaner-Board) dann stell den Browser einfach so ein, dass einfach alles beim Beenden des Browser inkl. Cookies gelöscht wird. Ich halte es so, dass ich zum "wilden Surfen" den Opera-Browser oder Chromium unter meinem Linux verwende. Mein Hauptbrowser (Firefox) speichert nur die Cookies von den Sites die ich auch will, alles andere lehne ich manuell ab (der FF fragt mich immer) - die anderen Browser nehmen alles an Cookies zwar an, aber spätestens beim nächsten Start von Opera oder Chromium sind keine Cookies mehr da. Ist dein System nun wieder in Ordnung oder gibt's noch andere Funde oder Probleme?
__________________ Logfiles bitte immer in CODE-Tags posten |
|
23.07.2012, 20:25
| #27 |
| | GVU Trojaner (mit Webcam?) unter Windows 7 Nabend. Bin kein schlechter Beobachter. Dachte ich zumindest immer... Naja egal ich habs mal ausprobiert. Da passiert in der Tat bei mir gar nichts. Null Nada. Das sieht nachm Button drücken genauso aus wie vorm Button drücken. Und leicht hysterisch bin ich auch nicht. Das mit den aus den Latschen gekippt war etwas übertrieben formuliert ... Der Witz kam wohl nicht so ganz an ... Das das Cookies waren hab ich gesehn. Der Fehlalarm entging mir aber in der Tat. Ob mein System wieder in Ordnung ist ... Ehrlich ich hab keine Ahnung. Andere Funde gabs nicht. Habe alle Logs was so war gepostet. Was mir halt Sorgen macht, ist die Tatsache, dass der GVU Trojaner auf meinem Alternativen Benutzer aufgetaucht ist. Aber ansonsten ist an sich alles in Ordnung glaub ich. Sebastian |
|
24.07.2012, 15:23
| #28 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | GVU Trojaner (mit Webcam?) unter Windows 7 Wenn du auf Larusso Modus klcikst wird die CODE-Box komplett ausgerollt bzw. komplett angezeigt, man muss dann nicht mehr innerhalb der CODE-Box scrollen Warum das bei dir nicht geht weiß ich nicht. Verwendest du den IE? Mit dem geht das nicht Dann wären wir durch!  Die Programme, die hier zum Einsatz kamen, können alle wieder runter. Mit Hilfe von OTL kannst du auch viele Tools entfernen: Starte bitte OTL und klicke auf Bereinigung. Dies wird die meisten Tools entfernen, die wir zur Bereinigung benötigt haben. Sollte etwas bestehen bleiben, bitte mit Rechtsklick --> Löschen entfernen. Malwarebytes zu behalten ist zu empfehlen. Kannst ja 1x im Monat damit einen Vollscan machen, aber immer vorher ans Update denken. Bitte abschließend die Updates prüfen, unten mein Leitfaden dazu. Um in Zukunft die Aktualität der installierten Programme besser im Überblick zu halten, kannst du zB Secunia PSI verwenden. Für noch mehr Sicherheit solltest Du nach der beseitigten Infektion auch möglichst alle Passwörter ändern. Microsoftupdate Windows XP: Besuch mit dem IE die MS-Updateseite und lass Dir alle wichtigen Updates installieren. Windows Vista/7: Anleitung Windows-Update PDF-Reader aktualisieren Ein veralteter AdobeReader stellt ein großes Sicherheitsrisiko dar. Du solltest daher besser alte Versionen vom AdobeReader über Systemsteuerung => Software bzw. Programme und Funktionen deinstallieren, indem Du dort auf "Adobe Reader x.0" klickst und das Programm entfernst. (falls du AdobeReader installiert hast) Ich empfehle einen alternativen PDF-Reader wie PDF Xchange Viewer, SumatraPDF oder Foxit PDF Reader, die sind sehr viel schlanker und flotter als der AdobeReader. Bitte überprüf bei der Gelegenheit auch die Aktualität des Flashplayers: Prüfen => Adobe - Flash Player Downloadlinks => Adobe Flash Player Distribution | Adobe Natürlich auch darauf achten, dass andere installierte Browser wie zB Firefox, Opera oder Chrome aktuell sind. Java-Update Veraltete Java-Installationen sind ein Sicherheitsrisiko, daher solltest Du die alten Versionen löschen (falls vorhanden, am besten mit JavaRa) und auf die neuste aktualisieren. Beende dazu alle Programme (v.a. die Browser), klick danach auf Start, Systemsteuerung, Software und deinstalliere darüber alle aufgelisteten Java-Versionen. Lad Dir danach von hier das aktuelle Java SE Runtime Environment (JRE) herunter und installiere es.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
24.07.2012, 20:38
| #29 |
| | GVU Trojaner (mit Webcam?) unter Windows 7 Ok Na dann bedank ich mich mal ganz artig und fleißig für die Hilfe. Ich hoffe ich muss mich nicht so bald wieder bei euch melden ^^ In diesem Sinne wünsche ich noch ein frohes schaffen Vielen Dank nochmal Sebastian |
|
03.08.2012, 20:11
| #30 |
| | GVU Trojaner (mit Webcam?) unter Windows 7 Heyho. Ich bins mal wieder. Er ist wieder da :-( Der tolle tolle GVU Trojaner. Und ich habe keine Ahnung wieso. Ich habe mcih auf keinen komsichen, verdächtigen oder halblegalen Seiten rumgetrieben. Zumindest solang GMX und Youtube als legal gelten. Und nu? Wieder alles von vorn? Oder bringt es was einfach alle für mich wichtigen Daten auf ne Externe Festplatte zu ziehen und dann den Rechner platt zu machen und windows neu zu installieren? Oder zieh ich den Trojaner dann nur mit zur auf die Externe? Liebe grüße von einem grad sehr genervten  Sebastian |
|
| Themen zu GVU Trojaner (mit Webcam?) unter Windows 7 |
| antimalware, gesperrt, gestartet, interne, internet, kinox.to, locker, löschen, malwarebytes, malwarebytes antimalware, morgen, nicht mehr, nicht sicher, nichts, programm, rechner, rescue, thema, trojaner, versuche, versucht, w-lan, webcam, windows, windows 7, windowsunlocker |
Linear-Darstellung
