| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Facebook-VirusWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
30.10.2011, 11:17
| #16 |
 |  Facebook-Virus 11:13:47.0001 3104 TDSS rootkit removing tool 2.6.14.0 Oct 28 2011 11:11:01 11:13:47.0308 3104 ============================================================ 11:13:47.0308 3104 Current date / time: 2011/10/30 11:13:47.0308 11:13:47.0308 3104 SystemInfo: 11:13:47.0308 3104 11:13:47.0308 3104 OS Version: 6.1.7601 ServicePack: 1.0 11:13:47.0308 3104 Product type: Workstation 11:13:47.0309 3104 ComputerName: B4RKEEPER-PC 11:13:47.0312 3104 UserName: B4rkeeper 11:13:47.0312 3104 Windows directory: C:\Windows 11:13:47.0312 3104 System windows directory: C:\Windows 11:13:47.0312 3104 Processor architecture: Intel x86 11:13:47.0312 3104 Number of processors: 2 11:13:47.0312 3104 Page size: 0x1000 11:13:47.0312 3104 Boot type: Normal boot 11:13:47.0312 3104 ============================================================ 11:13:48.0274 3104 Initialize success 11:14:58.0152 3744 ============================================================ 11:14:58.0152 3744 Scan started 11:14:58.0152 3744 Mode: Manual; SigCheck; TDLFS; 11:14:58.0152 3744 ============================================================ 11:14:59.0767 3744 1394ohci (1b133875b8aa8ac48969bd3458afe9f5) C:\Windows\system32\drivers\1394ohci.sys 11:15:00.0127 3744 1394ohci - ok 11:15:00.0305 3744 ACPI (cea80c80bed809aa0da6febc04733349) C:\Windows\system32\drivers\ACPI.sys 11:15:00.0351 3744 ACPI - ok 11:15:00.0456 3744 AcpiPmi (1efbc664abff416d1d07db115dcb264f) C:\Windows\system32\drivers\acpipmi.sys 11:15:00.0625 3744 AcpiPmi - ok 11:15:00.0843 3744 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys 11:15:00.0946 3744 adp94xx - ok 11:15:01.0035 3744 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys 11:15:01.0131 3744 adpahci - ok 11:15:01.0224 3744 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys 11:15:01.0313 3744 adpu320 - ok 11:15:01.0456 3744 AFD (9ebbba55060f786f0fcaa3893bfa2806) C:\Windows\system32\drivers\afd.sys 11:15:01.0583 3744 AFD - ok 11:15:01.0682 3744 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\drivers\agp440.sys 11:15:01.0754 3744 agp440 - ok 11:15:01.0822 3744 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys 11:15:01.0894 3744 aic78xx - ok 11:15:01.0990 3744 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\drivers\aliide.sys 11:15:02.0035 3744 aliide - ok 11:15:02.0124 3744 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\drivers\amdagp.sys 11:15:02.0177 3744 amdagp - ok 11:15:02.0258 3744 amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\drivers\amdide.sys 11:15:02.0324 3744 amdide - ok 11:15:02.0387 3744 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys 11:15:02.0492 3744 AmdK8 - ok 11:15:02.0536 3744 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys 11:15:02.0661 3744 AmdPPM - ok 11:15:02.0744 3744 amdsata (d320bf87125326f996d4904fe24300fc) C:\Windows\system32\drivers\amdsata.sys 11:15:02.0823 3744 amdsata - ok 11:15:02.0894 3744 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys 11:15:02.0973 3744 amdsbs - ok 11:15:03.0015 3744 amdxata (46387fb17b086d16dea267d5be23a2f2) C:\Windows\system32\drivers\amdxata.sys 11:15:03.0095 3744 amdxata - ok 11:15:03.0264 3744 ApfiltrService (441b46afdea05fd8436f680eb41c4190) C:\Windows\system32\DRIVERS\Apfiltr.sys 11:15:03.0366 3744 ApfiltrService - ok 11:15:03.0431 3744 AppID (aea177f783e20150ace5383ee368da19) C:\Windows\system32\drivers\appid.sys 11:15:03.0617 3744 AppID - ok 11:15:03.0781 3744 arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys 11:15:03.0856 3744 arc - ok 11:15:03.0915 3744 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys 11:15:04.0005 3744 arcsas - ok 11:15:04.0118 3744 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys 11:15:04.0334 3744 AsyncMac - ok 11:15:04.0432 3744 atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\drivers\atapi.sys 11:15:04.0502 3744 atapi - ok 11:15:04.0648 3744 avgntflt (7713e4eb0276702faa08e52a6e23f2a6) C:\Windows\system32\DRIVERS\avgntflt.sys 11:15:04.0842 3744 avgntflt - ok 11:15:04.0948 3744 avipbb (912d23140cd05980f6cdae790ddafc8d) C:\Windows\system32\DRIVERS\avipbb.sys 11:15:05.0032 3744 avipbb - ok 11:15:05.0116 3744 avkmgr (271cfd1a989209b1964e24d969552bf7) C:\Windows\system32\DRIVERS\avkmgr.sys 11:15:05.0181 3744 avkmgr - ok 11:15:05.0292 3744 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys 11:15:05.0435 3744 b06bdrv - ok 11:15:05.0476 3744 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys 11:15:05.0573 3744 b57nd60x - ok 11:15:05.0666 3744 Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys 11:15:05.0794 3744 Beep - ok 11:15:05.0864 3744 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys 11:15:05.0988 3744 blbdrive - ok 11:15:06.0058 3744 bowser (8f2da3028d5fcbd1a060a3de64cd6506) C:\Windows\system32\DRIVERS\bowser.sys 11:15:06.0203 3744 bowser - ok 11:15:06.0241 3744 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys 11:15:06.0403 3744 BrFiltLo - ok 11:15:06.0454 3744 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys 11:15:06.0545 3744 BrFiltUp - ok 11:15:06.0608 3744 Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys 11:15:06.0759 3744 Brserid - ok 11:15:06.0801 3744 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys 11:15:06.0928 3744 BrSerWdm - ok 11:15:06.0964 3744 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys 11:15:07.0069 3744 BrUsbMdm - ok 11:15:07.0096 3744 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys 11:15:07.0218 3744 BrUsbSer - ok 11:15:07.0250 3744 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys 11:15:07.0367 3744 BTHMODEM - ok 11:15:07.0540 3744 Cam5603D (eb5121a90c1e6859ed0ba2f60b8993bb) C:\Windows\system32\Drivers\BisonCam.sys 11:15:07.0689 3744 Cam5603D - ok 11:15:07.0764 3744 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys 11:15:07.0885 3744 cdfs - ok 11:15:07.0965 3744 cdrom (be167ed0fdb9c1fa1133953c18d5a6c9) C:\Windows\system32\drivers\cdrom.sys 11:15:08.0090 3744 cdrom - ok 11:15:08.0155 3744 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys 11:15:08.0264 3744 circlass - ok 11:15:08.0317 3744 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys 11:15:08.0361 3744 CLFS - ok 11:15:08.0431 3744 CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys 11:15:08.0535 3744 CmBatt - ok 11:15:08.0591 3744 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\drivers\cmdide.sys 11:15:08.0663 3744 cmdide - ok 11:15:08.0729 3744 CNG (1b675691ed940766149c93e8f4488d68) C:\Windows\system32\Drivers\cng.sys 11:15:08.0888 3744 CNG - ok 11:15:08.0950 3744 Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys 11:15:08.0995 3744 Compbatt - ok 11:15:09.0064 3744 CompositeBus (cbe8c58a8579cfe5fccf809e6f114e89) C:\Windows\system32\drivers\CompositeBus.sys 11:15:09.0178 3744 CompositeBus - ok 11:15:09.0233 3744 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys 11:15:09.0277 3744 crcdisk - ok 11:15:09.0381 3744 CSC (3c2177a897b4ca2788c6fb0c3fd81d4b) C:\Windows\system32\drivers\csc.sys 11:15:09.0535 3744 CSC - ok 11:15:09.0630 3744 DfsC (f024449c97ec1e464aaffda18593db88) C:\Windows\system32\Drivers\dfsc.sys 11:15:09.0705 3744 DfsC - ok 11:15:09.0752 3744 discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys 11:15:09.0801 3744 discache - ok 11:15:09.0836 3744 Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys 11:15:09.0874 3744 Disk - ok 11:15:09.0944 3744 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys 11:15:09.0975 3744 drmkaud - ok 11:15:10.0054 3744 DXGKrnl (23f5d28378a160352ba8f817bd8c71cb) C:\Windows\System32\drivers\dxgkrnl.sys 11:15:10.0129 3744 DXGKrnl - ok 11:15:10.0274 3744 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys 11:15:10.0538 3744 ebdrv - ok 11:15:10.0591 3744 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys 11:15:10.0648 3744 elxstor - ok 11:15:10.0693 3744 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\drivers\errdev.sys 11:15:10.0719 3744 ErrDev - ok 11:15:10.0770 3744 exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys 11:15:10.0859 3744 exfat - ok 11:15:10.0896 3744 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys 11:15:10.0989 3744 fastfat - ok 11:15:11.0028 3744 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys 11:15:11.0086 3744 fdc - ok 11:15:11.0126 3744 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys 11:15:11.0168 3744 FileInfo - ok 11:15:11.0196 3744 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys 11:15:11.0288 3744 Filetrace - ok 11:15:11.0309 3744 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys 11:15:11.0369 3744 flpydisk - ok 11:15:11.0405 3744 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys 11:15:11.0466 3744 FltMgr - ok 11:15:11.0506 3744 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys 11:15:11.0527 3744 FsDepends - ok 11:15:11.0550 3744 Fs_Rec (a574b4360e438977038aae4bf60d79a2) C:\Windows\system32\drivers\Fs_Rec.sys 11:15:11.0587 3744 Fs_Rec - ok 11:15:11.0672 3744 fvevol (8a73e79089b282100b9393b644cb853b) C:\Windows\system32\DRIVERS\fvevol.sys 11:15:11.0693 3744 fvevol - ok 11:15:11.0735 3744 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys 11:15:11.0780 3744 gagp30kx - ok 11:15:11.0874 3744 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys 11:15:11.0951 3744 hcw85cir - ok 11:15:12.0008 3744 HdAudAddService (a5ef29d5315111c80a5c1abad14c8972) C:\Windows\system32\drivers\HdAudio.sys 11:15:12.0114 3744 HdAudAddService - ok 11:15:12.0201 3744 HDAudBus (9036377b8a6c15dc2eec53e489d159b5) C:\Windows\system32\drivers\HDAudBus.sys 11:15:12.0233 3744 HDAudBus - ok 11:15:12.0282 3744 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys 11:15:12.0344 3744 HidBatt - ok 11:15:12.0375 3744 HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys 11:15:12.0440 3744 HidBth - ok 11:15:12.0498 3744 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys 11:15:12.0562 3744 HidIr - ok 11:15:12.0639 3744 HidUsb (10c19f8290891af023eaec0832e1eb4d) C:\Windows\system32\drivers\hidusb.sys 11:15:12.0685 3744 HidUsb - ok 11:15:12.0750 3744 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\drivers\HpSAMD.sys 11:15:12.0826 3744 HpSAMD - ok 11:15:12.0923 3744 HTTP (871917b07a141bff43d76d8844d48106) C:\Windows\system32\drivers\HTTP.sys 11:15:12.0986 3744 HTTP - ok 11:15:13.0058 3744 hwpolicy (0c4e035c7f105f1299258c90886c64c5) C:\Windows\system32\drivers\hwpolicy.sys 11:15:13.0071 3744 hwpolicy - ok 11:15:13.0132 3744 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\drivers\i8042prt.sys 11:15:13.0196 3744 i8042prt - ok 11:15:13.0257 3744 iaStorV (5cd5f9a5444e6cdcb0ac89bd62d8b76e) C:\Windows\system32\drivers\iaStorV.sys 11:15:13.0291 3744 iaStorV - ok 11:15:13.0344 3744 iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys 11:15:13.0385 3744 iirsp - ok 11:15:13.0534 3744 IntcAzAudAddService (0a0e3c041c20c4175e1cc6580138ca38) C:\Windows\system32\drivers\RTKVHDA.sys 11:15:13.0765 3744 IntcAzAudAddService - ok 11:15:13.0806 3744 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\drivers\intelide.sys 11:15:13.0849 3744 intelide - ok 11:15:13.0900 3744 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys 11:15:13.0943 3744 intelppm - ok 11:15:13.0977 3744 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys 11:15:14.0060 3744 IpFilterDriver - ok 11:15:14.0127 3744 IPMIDRV (4bd7134618c1d2a27466a099062547bf) C:\Windows\system32\drivers\IPMIDrv.sys 11:15:14.0151 3744 IPMIDRV - ok 11:15:14.0185 3744 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys 11:15:14.0238 3744 IPNAT - ok 11:15:14.0281 3744 IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys 11:15:14.0333 3744 IRENUM - ok 11:15:14.0390 3744 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\drivers\isapnp.sys 11:15:14.0410 3744 isapnp - ok 11:15:14.0469 3744 iScsiPrt (cb7a9abb12b8415bce5d74994c7ba3ae) C:\Windows\system32\drivers\msiscsi.sys 11:15:14.0516 3744 iScsiPrt - ok 11:15:14.0572 3744 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\drivers\kbdclass.sys 11:15:14.0616 3744 kbdclass - ok 11:15:14.0680 3744 kbdhid (9e3ced91863e6ee98c24794d05e27a71) C:\Windows\system32\drivers\kbdhid.sys 11:15:14.0746 3744 kbdhid - ok 11:15:14.0803 3744 KSecDD (412cea1aa78cc02a447f5c9e62b32ff1) C:\Windows\system32\Drivers\ksecdd.sys 11:15:14.0856 3744 KSecDD - ok 11:15:14.0899 3744 KSecPkg (26c046977e85b95036453d7b88ba1820) C:\Windows\system32\Drivers\ksecpkg.sys 11:15:14.0945 3744 KSecPkg - ok 11:15:15.0015 3744 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys 11:15:15.0067 3744 lltdio - ok 11:15:15.0120 3744 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys 11:15:15.0162 3744 LSI_FC - ok 11:15:15.0202 3744 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys 11:15:15.0250 3744 LSI_SAS - ok 11:15:15.0265 3744 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys 11:15:15.0300 3744 LSI_SAS2 - ok 11:15:15.0334 3744 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys 11:15:15.0375 3744 LSI_SCSI - ok 11:15:15.0434 3744 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys 11:15:15.0552 3744 luafv - ok 11:15:15.0617 3744 MBAMProtector (69a6268d7f81e53d568ab4e7e991caf3) C:\Windows\system32\drivers\mbam.sys 11:15:15.0636 3744 MBAMProtector - ok 11:15:15.0679 3744 MBAMSwissArmy - ok 11:15:15.0723 3744 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys 11:15:15.0762 3744 megasas - ok 11:15:15.0816 3744 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys 11:15:15.0865 3744 MegaSR - ok 11:15:15.0907 3744 Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys 11:15:15.0962 3744 Modem - ok 11:15:15.0998 3744 monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys 11:15:16.0031 3744 monitor - ok 11:15:16.0084 3744 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\drivers\mouclass.sys 11:15:16.0127 3744 mouclass - ok 11:15:16.0171 3744 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys 11:15:16.0203 3744 mouhid - ok 11:15:16.0261 3744 mountmgr (fc8771f45ecccfd89684e38842539b9b) C:\Windows\system32\drivers\mountmgr.sys 11:15:16.0276 3744 mountmgr - ok 11:15:16.0327 3744 mpio (2d699fb6e89ce0d8da14ecc03b3edfe0) C:\Windows\system32\drivers\mpio.sys 11:15:16.0372 3744 mpio - ok 11:15:16.0405 3744 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys 11:15:16.0496 3744 mpsdrv - ok 11:15:16.0553 3744 MRxDAV (ceb46ab7c01c9f825f8cc6babc18166a) C:\Windows\system32\drivers\mrxdav.sys 11:15:16.0667 3744 MRxDAV - ok 11:15:16.0747 3744 mrxsmb (5d16c921e3671636c0eba3bbaac5fd25) C:\Windows\system32\DRIVERS\mrxsmb.sys 11:15:16.0793 3744 mrxsmb - ok 11:15:16.0856 3744 mrxsmb10 (6d17a4791aca19328c685d256349fefc) C:\Windows\system32\DRIVERS\mrxsmb10.sys 11:15:16.0918 3744 mrxsmb10 - ok 11:15:16.0958 3744 mrxsmb20 (b81f204d146000be76651a50670a5e9e) C:\Windows\system32\DRIVERS\mrxsmb20.sys 11:15:17.0023 3744 mrxsmb20 - ok 11:15:17.0067 3744 msahci (012c5f4e9349e711e11e0f19a8589f0a) C:\Windows\system32\drivers\msahci.sys 11:15:17.0109 3744 msahci - ok 11:15:17.0157 3744 msdsm (55055f8ad8be27a64c831322a780a228) C:\Windows\system32\drivers\msdsm.sys 11:15:17.0205 3744 msdsm - ok 11:15:17.0269 3744 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys 11:15:17.0328 3744 Msfs - ok 11:15:17.0373 3744 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys 11:15:17.0426 3744 mshidkmdf - ok 11:15:17.0482 3744 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\drivers\msisadrv.sys 11:15:17.0501 3744 msisadrv - ok 11:15:17.0568 3744 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys 11:15:17.0650 3744 MSKSSRV - ok 11:15:17.0665 3744 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys 11:15:17.0739 3744 MSPCLOCK - ok 11:15:17.0764 3744 MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys 11:15:17.0842 3744 MSPQM - ok 11:15:17.0869 3744 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys 11:15:17.0893 3744 MsRPC - ok 11:15:17.0942 3744 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\drivers\mssmbios.sys 11:15:17.0955 3744 mssmbios - ok 11:15:17.0982 3744 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys 11:15:18.0037 3744 MSTEE - ok 11:15:18.0070 3744 MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys 11:15:18.0132 3744 MTConfig - ok 11:15:18.0157 3744 Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys 11:15:18.0196 3744 Mup - ok 11:15:18.0244 3744 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys 11:15:18.0306 3744 NativeWifiP - ok 11:15:18.0374 3744 NDIS (e7c54812a2aaf43316eb6930c1ffa108) C:\Windows\system32\drivers\ndis.sys 11:15:18.0407 3744 NDIS - ok 11:15:18.0450 3744 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys 11:15:18.0533 3744 NdisCap - ok 11:15:18.0560 3744 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys 11:15:18.0639 3744 NdisTapi - ok 11:15:18.0700 3744 Ndisuio (d8a65dafb3eb41cbb622745676fcd072) C:\Windows\system32\DRIVERS\ndisuio.sys 11:15:18.0754 3744 Ndisuio - ok 11:15:18.0804 3744 NdisWan (38fbe267e7e6983311179230facb1017) C:\Windows\system32\DRIVERS\ndiswan.sys 11:15:18.0884 3744 NdisWan - ok 11:15:18.0939 3744 NDProxy (a4bdc541e69674fbff1a8ff00be913f2) C:\Windows\system32\drivers\NDProxy.sys 11:15:19.0016 3744 NDProxy - ok 11:15:19.0070 3744 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys 11:15:19.0188 3744 NetBIOS - ok 11:15:19.0245 3744 NetBT (280122ddcf04b378edd1ad54d71c1e54) C:\Windows\system32\DRIVERS\netbt.sys 11:15:19.0297 3744 NetBT - ok 11:15:19.0363 3744 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys 11:15:19.0411 3744 nfrd960 - ok 11:15:19.0454 3744 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys 11:15:19.0539 3744 Npfs - ok 11:15:19.0571 3744 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys 11:15:19.0614 3744 nsiproxy - ok 11:15:19.0702 3744 Ntfs (81189c3d7763838e55c397759d49007a) C:\Windows\system32\drivers\Ntfs.sys 11:15:19.0801 3744 Ntfs - ok 11:15:19.0826 3744 Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys 11:15:19.0902 3744 Null - ok 11:15:19.0960 3744 NVENETFD (b5e37e31c053bc9950455a257526514b) C:\Windows\system32\DRIVERS\nvm62x32.sys 11:15:20.0027 3744 NVENETFD - ok 11:15:20.0286 3744 nvlddmkm (fe6bebb8fc2a1e50426624025d7c30d6) C:\Windows\system32\DRIVERS\nvlddmkm.sys 11:15:20.0827 3744 nvlddmkm - ok 11:15:20.0966 3744 nvraid (b3e25ee28883877076e0e1ff877d02e0) C:\Windows\system32\drivers\nvraid.sys 11:15:20.0989 3744 nvraid - ok 11:15:21.0055 3744 nvsmu (9aebc32f9d6e02ebee0369ab296fe7c8) C:\Windows\system32\DRIVERS\nvsmu.sys 11:15:21.0098 3744 nvsmu - ok 11:15:21.0151 3744 nvstor (4380e59a170d88c4f1022eff6719a8a4) C:\Windows\system32\drivers\nvstor.sys 11:15:21.0197 3744 nvstor - ok 11:15:21.0241 3744 nvstor32 (2bb068c7600c206372d8269be74c67bb) C:\Windows\system32\DRIVERS\nvstor32.sys 11:15:21.0251 3744 nvstor32 - ok 11:15:21.0297 3744 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\drivers\nv_agp.sys 11:15:21.0339 3744 nv_agp - ok 11:15:21.0402 3744 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\drivers\ohci1394.sys 11:15:21.0444 3744 ohci1394 - ok 11:15:21.0491 3744 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys 11:15:21.0555 3744 Parport - ok 11:15:21.0615 3744 partmgr (bf8f6af06da75b336f07e23aef97d93b) C:\Windows\system32\drivers\partmgr.sys 11:15:21.0638 3744 partmgr - ok 11:15:21.0669 3744 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys 11:15:21.0725 3744 Parvdm - ok 11:15:21.0780 3744 pci (673e55c3498eb970088e812ea820aa8f) C:\Windows\system32\drivers\pci.sys 11:15:21.0833 3744 pci - ok 11:15:21.0870 3744 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\drivers\pciide.sys 11:15:21.0915 3744 pciide - ok 11:15:21.0954 3744 pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys 11:15:21.0982 3744 pcmcia - ok 11:15:22.0073 3744 pcouffin (5b6c11de7e839c05248ced8825470fef) C:\Windows\system32\Drivers\pcouffin.sys 11:15:22.0149 3744 pcouffin - ok 11:15:22.0195 3744 pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys 11:15:22.0233 3744 pcw - ok 11:15:22.0290 3744 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys 11:15:22.0408 3744 PEAUTH - ok 11:15:22.0491 3744 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys 11:15:22.0549 3744 PptpMiniport - ok 11:15:22.0576 3744 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys 11:15:22.0645 3744 Processor - ok 11:15:22.0698 3744 Psched (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys 11:15:22.0764 3744 Psched - ok 11:15:22.0829 3744 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys 11:15:22.0949 3744 ql2300 - ok 11:15:22.0979 3744 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys 11:15:23.0020 3744 ql40xx - ok 11:15:23.0063 3744 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys 11:15:23.0109 3744 QWAVEdrv - ok 11:15:23.0139 3744 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys 11:15:23.0227 3744 RasAcd - ok 11:15:23.0276 3744 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys 11:15:23.0357 3744 RasAgileVpn - ok 11:15:23.0395 3744 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys 11:15:23.0482 3744 Rasl2tp - ok 11:15:23.0536 3744 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys 11:15:23.0623 3744 RasPppoe - ok 11:15:23.0654 3744 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys 11:15:23.0738 3744 RasSstp - ok 11:15:23.0787 3744 rdbss (d528bc58a489409ba40334ebf96a311b) C:\Windows\system32\DRIVERS\rdbss.sys 11:15:23.0889 3744 rdbss - ok 11:15:23.0904 3744 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys 11:15:23.0955 3744 rdpbus - ok 11:15:23.0998 3744 RDPCDD (23dae03f29d253ae74c44f99e515f9a1) C:\Windows\system32\DRIVERS\RDPCDD.sys 11:15:24.0062 3744 RDPCDD - ok 11:15:24.0115 3744 RDPDR (b973fcfc50dc1434e1970a146f7e3885) C:\Windows\system32\drivers\rdpdr.sys 11:15:24.0152 3744 RDPDR - ok 11:15:24.0191 3744 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys 11:15:24.0238 3744 RDPENCDD - ok 11:15:24.0263 3744 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys 11:15:24.0311 3744 RDPREFMP - ok 11:15:24.0391 3744 RdpVideoMiniport (68a0387f58e226deee23d9715955572a) C:\Windows\system32\drivers\rdpvideominiport.sys 11:15:24.0469 3744 RdpVideoMiniport - ok 11:15:24.0519 3744 RDPWD (288b06960d78428ff89e811632684e20) C:\Windows\system32\drivers\RDPWD.sys 11:15:24.0569 3744 RDPWD - ok 11:15:24.0648 3744 rdyboost (518395321dc96fe2c9f0e96ac743b656) C:\Windows\system32\drivers\rdyboost.sys 11:15:24.0740 3744 rdyboost - ok 11:15:24.0878 3744 RimUsb (f17713d108aca124a139fde877eef68a) C:\Windows\system32\Drivers\RimUsb.sys 11:15:24.0972 3744 RimUsb - ok 11:15:25.0058 3744 RimVSerPort (2c4fb2e9f039287767c384e46ee91030) C:\Windows\system32\DRIVERS\RimSerial.sys 11:15:25.0163 3744 RimVSerPort - ok 11:15:25.0221 3744 ROOTMODEM (564297827d213f52c7a3a2ff749568ca) C:\Windows\system32\Drivers\RootMdm.sys 11:15:25.0351 3744 ROOTMODEM - ok 11:15:25.0424 3744 rspndr (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys 11:15:25.0573 3744 rspndr - ok 11:15:25.0615 3744 RTSTOR (6e7f2054faedbe766034aa8a185213ec) C:\Windows\system32\drivers\RTSTOR.SYS 11:15:25.0679 3744 RTSTOR - ok 11:15:25.0740 3744 s3cap (7fa7f2e249a5dcbb7970630e15e1f482) C:\Windows\system32\drivers\vms3cap.sys 11:15:25.0835 3744 s3cap - ok 11:15:25.0905 3744 sbp2port (05d860da1040f111503ac416ccef2bca) C:\Windows\system32\drivers\sbp2port.sys 11:15:25.0983 3744 sbp2port - ok 11:15:26.0051 3744 scfilter (0693b5ec673e34dc147e195779a4dcf6) C:\Windows\system32\DRIVERS\scfilter.sys 11:15:26.0202 3744 scfilter - ok 11:15:26.0341 3744 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys 11:15:26.0453 3744 secdrv - ok 11:15:26.0526 3744 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys 11:15:26.0613 3744 Serenum - ok 11:15:26.0659 3744 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys 11:15:26.0773 3744 Serial - ok 11:15:26.0836 3744 sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys 11:15:26.0891 3744 sermouse - ok 11:15:26.0979 3744 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\drivers\sffdisk.sys 11:15:27.0086 3744 sffdisk - ok 11:15:27.0123 3744 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\drivers\sffp_mmc.sys 11:15:27.0250 3744 sffp_mmc - ok 11:15:27.0275 3744 sffp_sd (6d4ccaedc018f1cf52866bbbaa235982) C:\Windows\system32\drivers\sffp_sd.sys 11:15:27.0398 3744 sffp_sd - ok 11:15:27.0456 3744 sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys 11:15:27.0553 3744 sfloppy - ok 11:15:27.0652 3744 SIS163u (370ed82428657a2344aba98a76c06250) C:\Windows\system32\DRIVERS\sis163u.sys 11:15:27.0775 3744 SIS163u - ok 11:15:27.0854 3744 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\drivers\sisagp.sys 11:15:27.0939 3744 sisagp - ok 11:15:28.0006 3744 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys 11:15:28.0112 3744 SiSRaid2 - ok 11:15:28.0167 3744 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys 11:15:28.0219 3744 SiSRaid4 - ok 11:15:28.0267 3744 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys 11:15:28.0397 3744 Smb - ok 11:15:28.0537 3744 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys 11:15:28.0608 3744 spldr - ok 11:15:28.0762 3744 sptd (d15da1ba189770d93eea2d7e18f95af9) C:\Windows\system32\Drivers\sptd.sys 11:15:28.0763 3744 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: d15da1ba189770d93eea2d7e18f95af9 11:15:28.0769 3744 sptd ( LockedFile.Multi.Generic ) - warning 11:15:28.0770 3744 sptd - detected LockedFile.Multi.Generic (1) 11:15:28.0852 3744 srv (e4c2764065d66ea1d2d3ebc28fe99c46) C:\Windows\system32\DRIVERS\srv.sys 11:15:28.0987 3744 srv - ok 11:15:29.0059 3744 srv2 (03f0545bd8d4c77fa0ae1ceedfcc71ab) C:\Windows\system32\DRIVERS\srv2.sys 11:15:29.0220 3744 srv2 - ok 11:15:29.0286 3744 SrvHsfHDA (e00fdfaff025e94f9821153750c35a6d) C:\Windows\system32\DRIVERS\VSTAZL3.SYS 11:15:29.0401 3744 SrvHsfHDA - ok 11:15:29.0476 3744 SrvHsfV92 (ceb4e3b6890e1e42dca6694d9e59e1a0) C:\Windows\system32\DRIVERS\VSTDPV3.SYS 11:15:29.0704 3744 SrvHsfV92 - ok 11:15:29.0769 3744 SrvHsfWinac (bc0c7ea89194c299f051c24119000e17) C:\Windows\system32\DRIVERS\VSTCNXT3.SYS 11:15:29.0927 3744 SrvHsfWinac - ok 11:15:29.0985 3744 srvnet (be6bd660caa6f291ae06a718a4fa8abc) C:\Windows\system32\DRIVERS\srvnet.sys 11:15:30.0115 3744 srvnet - ok 11:15:30.0246 3744 ssmdrv (a36ee93698802cd899f98bfd553d8185) C:\Windows\system32\DRIVERS\ssmdrv.sys 11:15:30.0313 3744 ssmdrv - ok 11:15:30.0375 3744 stexstor (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys 11:15:30.0441 3744 stexstor - ok 11:15:30.0528 3744 storflt (472af0311073dceceaa8fa18ba2bdf89) C:\Windows\system32\drivers\vmstorfl.sys 11:15:30.0595 3744 storflt - ok 11:15:30.0651 3744 storvsc (dcaffd62259e0bdb433dd67b5bb37619) C:\Windows\system32\drivers\storvsc.sys 11:15:30.0701 3744 storvsc - ok 11:15:30.0866 3744 swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\drivers\swenum.sys 11:15:30.0978 3744 swenum - ok 11:15:31.0081 3744 Synth3dVsc - ok 11:15:31.0242 3744 Tcpip (04e4a7d53a7ace02e8c55b17a498f631) C:\Windows\system32\drivers\tcpip.sys 11:15:31.0502 3744 Tcpip - ok 11:15:31.0582 3744 TCPIP6 (04e4a7d53a7ace02e8c55b17a498f631) C:\Windows\system32\DRIVERS\tcpip.sys 11:15:31.0673 3744 TCPIP6 - ok 11:15:31.0754 3744 tcpipreg (cca24162e055c3714ce5a88b100c64ed) C:\Windows\system32\drivers\tcpipreg.sys 11:15:31.0886 3744 tcpipreg - ok 11:15:31.0960 3744 TDPIPE (1cb91b2bd8f6dd367dfc2ef26fd751b2) C:\Windows\system32\drivers\tdpipe.sys 11:15:32.0081 3744 TDPIPE - ok 11:15:32.0145 3744 TDTCP (2c10395baa4847f83042813c515cc289) C:\Windows\system32\drivers\tdtcp.sys 11:15:32.0251 3744 TDTCP - ok 11:15:32.0324 3744 tdx (b459575348c20e8121d6039da063c704) C:\Windows\system32\DRIVERS\tdx.sys 11:15:32.0542 3744 tdx - ok 11:15:32.0677 3744 TermDD (04dbf4b01ea4bf25a9a3e84affac9b20) C:\Windows\system32\drivers\termdd.sys 11:15:32.0729 3744 TermDD - ok 11:15:32.0857 3744 tssecsrv (254bb140eee3c59d6114c1a86b636877) C:\Windows\system32\DRIVERS\tssecsrv.sys 11:15:33.0017 3744 tssecsrv - ok 11:15:33.0104 3744 TsUsbFlt (fd1d6c73e6333be727cbcc6054247654) C:\Windows\system32\drivers\tsusbflt.sys 11:15:33.0198 3744 TsUsbFlt - ok 11:15:33.0218 3744 tsusbhub - ok 11:15:33.0308 3744 tunnel (b2fa25d9b17a68bb93d58b0556e8c90d) C:\Windows\system32\DRIVERS\tunnel.sys 11:15:33.0411 3744 tunnel - ok 11:15:33.0461 3744 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys 11:15:33.0525 3744 uagp35 - ok 11:15:33.0613 3744 udfs (ee43346c7e4b5e63e54f927babbb32ff) C:\Windows\system32\DRIVERS\udfs.sys 11:15:33.0749 3744 udfs - ok 11:15:33.0856 3744 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\drivers\uliagpkx.sys 11:15:33.0908 3744 uliagpkx - ok 11:15:33.0977 3744 umbus (d295bed4b898f0fd999fcfa9b32b071b) C:\Windows\system32\drivers\umbus.sys 11:15:34.0056 3744 umbus - ok 11:15:34.0111 3744 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys 11:15:34.0206 3744 UmPass - ok 11:15:34.0288 3744 usbccgp (bd9c55d7023c5de374507acc7a14e2ac) C:\Windows\system32\DRIVERS\usbccgp.sys 11:15:34.0402 3744 usbccgp - ok 11:15:34.0479 3744 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\drivers\usbcir.sys 11:15:34.0554 3744 usbcir - ok 11:15:34.0589 3744 usbehci (f92de757e4b7ce9c07c5e65423f3ae3b) C:\Windows\system32\DRIVERS\usbehci.sys 11:15:34.0738 3744 usbehci - ok 11:15:34.0810 3744 usbhub (8dc94aec6a7e644a06135ae7506dc2e9) C:\Windows\system32\DRIVERS\usbhub.sys 11:15:34.0978 3744 usbhub - ok 11:15:35.0007 3744 usbohci (e185d44fac515a18d9deddc23c2cdf44) C:\Windows\system32\DRIVERS\usbohci.sys 11:15:35.0102 3744 usbohci - ok 11:15:35.0184 3744 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys 11:15:35.0354 3744 usbprint - ok 11:15:35.0440 3744 usbscan (576096ccbc07e7c4ea4f5e6686d6888f) C:\Windows\system32\DRIVERS\usbscan.sys 11:15:35.0579 3744 usbscan - ok 11:15:35.0644 3744 USBSTOR (f991ab9cc6b908db552166768176896a) C:\Windows\system32\DRIVERS\USBSTOR.SYS 11:15:35.0772 3744 USBSTOR - ok 11:15:35.0838 3744 usbuhci (68df884cf41cdada664beb01daf67e3d) C:\Windows\system32\drivers\usbuhci.sys 11:15:35.0911 3744 usbuhci - ok 11:15:35.0989 3744 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\drivers\vdrvroot.sys 11:15:36.0037 3744 vdrvroot - ok 11:15:36.0101 3744 vga (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys 11:15:36.0198 3744 vga - ok 11:15:36.0239 3744 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys 11:15:36.0341 3744 VgaSave - ok 11:15:36.0381 3744 VGPU - ok 11:15:36.0469 3744 vhdmp (5461686cca2fda57b024547733ab42e3) C:\Windows\system32\drivers\vhdmp.sys 11:15:36.0539 3744 vhdmp - ok 11:15:36.0614 3744 viaagp (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\drivers\viaagp.sys 11:15:36.0670 3744 viaagp - ok 11:15:36.0714 3744 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys 11:15:36.0821 3744 ViaC7 - ok 11:15:36.0873 3744 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\drivers\viaide.sys 11:15:36.0936 3744 viaide - ok 11:15:37.0001 3744 vmbus (c2f2911156fdc7817c52829c86da494e) C:\Windows\system32\drivers\vmbus.sys 11:15:37.0069 3744 vmbus - ok 11:15:37.0120 3744 VMBusHID (d4d77455211e204f370d08f4963063ce) C:\Windows\system32\drivers\VMBusHID.sys 11:15:37.0226 3744 VMBusHID - ok 11:15:37.0264 3744 volmgr (4c63e00f2f4b5f86ab48a58cd990f212) C:\Windows\system32\drivers\volmgr.sys 11:15:37.0345 3744 volmgr - ok 11:15:37.0410 3744 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys 11:15:37.0468 3744 volmgrx - ok 11:15:37.0564 3744 volsnap (f497f67932c6fa693d7de2780631cfe7) C:\Windows\system32\drivers\volsnap.sys 11:15:37.0666 3744 volsnap - ok 11:15:37.0730 3744 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys 11:15:37.0809 3744 vsmraid - ok 11:15:37.0854 3744 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\System32\drivers\vwifibus.sys 11:15:37.0958 3744 vwifibus - ok 11:15:38.0019 3744 WacomPen (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys 11:15:38.0160 3744 WacomPen - ok 11:15:38.0252 3744 WANARP (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys 11:15:38.0462 3744 WANARP - ok 11:15:38.0487 3744 Wanarpv6 (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys 11:15:38.0579 3744 Wanarpv6 - ok 11:15:38.0691 3744 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys 11:15:38.0814 3744 Wd - ok 11:15:38.0891 3744 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys 11:15:39.0117 3744 Wdf01000 - ok 11:15:39.0332 3744 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys 11:15:39.0542 3744 WfpLwf - ok 11:15:39.0624 3744 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys 11:15:39.0659 3744 WIMMount - ok 11:15:39.0789 3744 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\drivers\wmiacpi.sys 11:15:39.0862 3744 WmiAcpi - ok 11:15:39.0920 3744 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys 11:15:40.0005 3744 ws2ifsl - ok 11:15:40.0072 3744 WudfPf (e714a1c0354636837e20ccbf00888ee7) C:\Windows\system32\drivers\WudfPf.sys 11:15:40.0155 3744 WudfPf - ok 11:15:40.0213 3744 WUDFRd (1023ee888c9b47178c5293ed5336ab69) C:\Windows\system32\DRIVERS\WUDFRd.sys 11:15:40.0256 3744 WUDFRd - ok 11:15:40.0324 3744 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0 11:15:40.0704 3744 \Device\Harddisk0\DR0 ( TDSS File System ) - warning 11:15:40.0704 3744 \Device\Harddisk0\DR0 - detected TDSS File System (1) 11:15:40.0709 3744 Boot (0x1200) (94ececeb7416306e4008fbb6bcfda31d) \Device\Harddisk0\DR0\Partition0 11:15:40.0710 3744 \Device\Harddisk0\DR0\Partition0 - ok 11:15:40.0747 3744 Boot (0x1200) (a97b6b34d574a115d613f6a6afd04130) \Device\Harddisk0\DR0\Partition1 11:15:40.0748 3744 \Device\Harddisk0\DR0\Partition1 - ok 11:15:40.0748 3744 ============================================================ 11:15:40.0748 3744 Scan finished 11:15:40.0748 3744 ============================================================ 11:15:40.0768 2448 Detected object count: 2 11:15:40.0768 2448 Actual detected object count: 2 11:15:59.0221 2448 sptd ( LockedFile.Multi.Generic ) - skipped by user 11:15:59.0222 2448 sptd ( LockedFile.Multi.Generic ) - User select action: Skip 11:15:59.0230 2448 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user 11:15:59.0231 2448 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip |
|
30.10.2011, 18:09
| #17 | |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Facebook-VirusZitat:
__________________ |
|
30.10.2011, 19:28
| #18 |
| | Facebook-Virus 19:25:41.0505 3532 TDSS rootkit removing tool 2.6.14.0 Oct 28 2011 11:11:01
__________________19:25:41.0770 3532 ============================================================ 19:25:41.0770 3532 Current date / time: 2011/10/30 19:25:41.0770 19:25:41.0770 3532 SystemInfo: 19:25:41.0770 3532 19:25:41.0770 3532 OS Version: 6.1.7601 ServicePack: 1.0 19:25:41.0770 3532 Product type: Workstation 19:25:41.0770 3532 ComputerName: B4RKEEPER-PC 19:25:41.0770 3532 UserName: B4rkeeper 19:25:41.0770 3532 Windows directory: C:\Windows 19:25:41.0770 3532 System windows directory: C:\Windows 19:25:41.0770 3532 Processor architecture: Intel x86 19:25:41.0770 3532 Number of processors: 2 19:25:41.0770 3532 Page size: 0x1000 19:25:41.0770 3532 Boot type: Normal boot 19:25:41.0770 3532 ============================================================ 19:25:43.0003 3532 Initialize success 19:25:51.0146 2440 ============================================================ 19:25:51.0146 2440 Scan started 19:25:51.0146 2440 Mode: Manual; SigCheck; TDLFS; 19:25:51.0146 2440 ============================================================ 19:25:51.0941 2440 1394ohci (1b133875b8aa8ac48969bd3458afe9f5) C:\Windows\system32\drivers\1394ohci.sys 19:25:52.0238 2440 1394ohci - ok 19:25:52.0643 2440 ACPI (cea80c80bed809aa0da6febc04733349) C:\Windows\system32\drivers\ACPI.sys 19:25:52.0706 2440 ACPI - ok 19:25:52.0862 2440 AcpiPmi (1efbc664abff416d1d07db115dcb264f) C:\Windows\system32\drivers\acpipmi.sys 19:25:52.0971 2440 AcpiPmi - ok 19:25:53.0174 2440 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys 19:25:53.0283 2440 adp94xx - ok 19:25:53.0377 2440 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys 19:25:53.0439 2440 adpahci - ok 19:25:53.0501 2440 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys 19:25:53.0564 2440 adpu320 - ok 19:25:53.0798 2440 AFD (9ebbba55060f786f0fcaa3893bfa2806) C:\Windows\system32\drivers\afd.sys 19:25:53.0954 2440 AFD - ok 19:25:54.0016 2440 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\drivers\agp440.sys 19:25:54.0079 2440 agp440 - ok 19:25:54.0141 2440 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys 19:25:54.0203 2440 aic78xx - ok 19:25:54.0281 2440 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\drivers\aliide.sys 19:25:54.0375 2440 aliide - ok 19:25:54.0406 2440 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\drivers\amdagp.sys 19:25:54.0500 2440 amdagp - ok 19:25:54.0547 2440 amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\drivers\amdide.sys 19:25:54.0609 2440 amdide - ok 19:25:54.0703 2440 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys 19:25:55.0061 2440 AmdK8 - ok 19:25:55.0171 2440 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys 19:25:55.0264 2440 AmdPPM - ok 19:25:55.0342 2440 amdsata (d320bf87125326f996d4904fe24300fc) C:\Windows\system32\drivers\amdsata.sys 19:25:55.0451 2440 amdsata - ok 19:25:55.0498 2440 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys 19:25:55.0607 2440 amdsbs - ok 19:25:55.0732 2440 amdxata (46387fb17b086d16dea267d5be23a2f2) C:\Windows\system32\drivers\amdxata.sys 19:25:55.0826 2440 amdxata - ok 19:25:56.0200 2440 ApfiltrService (441b46afdea05fd8436f680eb41c4190) C:\Windows\system32\DRIVERS\Apfiltr.sys 19:25:56.0278 2440 ApfiltrService - ok 19:25:57.0277 2440 AppID (aea177f783e20150ace5383ee368da19) C:\Windows\system32\drivers\appid.sys 19:25:57.0448 2440 AppID - ok 19:25:58.0135 2440 arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys 19:25:58.0306 2440 arc - ok 19:25:58.0415 2440 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys 19:25:58.0478 2440 arcsas - ok 19:25:58.0525 2440 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys 19:25:58.0774 2440 AsyncMac - ok 19:25:58.0915 2440 atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\drivers\atapi.sys 19:25:58.0946 2440 atapi - ok 19:25:59.0086 2440 avgntflt (7713e4eb0276702faa08e52a6e23f2a6) C:\Windows\system32\DRIVERS\avgntflt.sys 19:25:59.0227 2440 avgntflt - ok 19:26:00.0007 2440 avipbb (912d23140cd05980f6cdae790ddafc8d) C:\Windows\system32\DRIVERS\avipbb.sys 19:26:00.0069 2440 avipbb - ok 19:26:00.0537 2440 avkmgr (271cfd1a989209b1964e24d969552bf7) C:\Windows\system32\DRIVERS\avkmgr.sys 19:26:00.0584 2440 avkmgr - ok 19:26:02.0391 2440 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys 19:26:03.0396 2440 b06bdrv - ok 19:26:04.0327 2440 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys 19:26:04.0393 2440 b57nd60x - ok 19:26:04.0810 2440 Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys 19:26:04.0945 2440 Beep - ok 19:26:05.0157 2440 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys 19:26:05.0254 2440 blbdrive - ok 19:26:05.0493 2440 bowser (8f2da3028d5fcbd1a060a3de64cd6506) C:\Windows\system32\DRIVERS\bowser.sys 19:26:05.0562 2440 bowser - ok 19:26:05.0723 2440 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys 19:26:05.0895 2440 BrFiltLo - ok 19:26:06.0070 2440 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys 19:26:06.0120 2440 BrFiltUp - ok 19:26:06.0331 2440 Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys 19:26:06.0527 2440 Brserid - ok 19:26:06.0794 2440 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys 19:26:06.0870 2440 BrSerWdm - ok 19:26:06.0958 2440 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys 19:26:07.0023 2440 BrUsbMdm - ok 19:26:07.0076 2440 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys 19:26:07.0119 2440 BrUsbSer - ok 19:26:07.0154 2440 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys 19:26:07.0238 2440 BTHMODEM - ok 19:26:07.0725 2440 Cam5603D (eb5121a90c1e6859ed0ba2f60b8993bb) C:\Windows\system32\Drivers\BisonCam.sys 19:26:07.0796 2440 Cam5603D - ok 19:26:08.0054 2440 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys 19:26:08.0114 2440 cdfs - ok 19:26:08.0289 2440 cdrom (be167ed0fdb9c1fa1133953c18d5a6c9) C:\Windows\system32\drivers\cdrom.sys 19:26:08.0331 2440 cdrom - ok 19:26:08.0419 2440 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys 19:26:08.0544 2440 circlass - ok 19:26:08.0685 2440 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys 19:26:08.0731 2440 CLFS - ok 19:26:08.0825 2440 CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys 19:26:08.0856 2440 CmBatt - ok 19:26:08.0919 2440 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\drivers\cmdide.sys 19:26:08.0934 2440 cmdide - ok 19:26:08.0997 2440 CNG (1b675691ed940766149c93e8f4488d68) C:\Windows\system32\Drivers\cng.sys 19:26:09.0059 2440 CNG - ok 19:26:09.0153 2440 Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys 19:26:09.0168 2440 Compbatt - ok 19:26:09.0246 2440 CompositeBus (cbe8c58a8579cfe5fccf809e6f114e89) C:\Windows\system32\drivers\CompositeBus.sys 19:26:09.0293 2440 CompositeBus - ok 19:26:09.0340 2440 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys 19:26:09.0355 2440 crcdisk - ok 19:26:09.0480 2440 CSC (3c2177a897b4ca2788c6fb0c3fd81d4b) C:\Windows\system32\drivers\csc.sys 19:26:09.0558 2440 CSC - ok 19:26:09.0683 2440 DfsC (f024449c97ec1e464aaffda18593db88) C:\Windows\system32\Drivers\dfsc.sys 19:26:09.0761 2440 DfsC - ok 19:26:09.0792 2440 discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys 19:26:09.0839 2440 discache - ok 19:26:09.0870 2440 Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys 19:26:09.0901 2440 Disk - ok 19:26:09.0964 2440 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys 19:26:09.0979 2440 drmkaud - ok 19:26:10.0057 2440 DXGKrnl (23f5d28378a160352ba8f817bd8c71cb) C:\Windows\System32\drivers\dxgkrnl.sys 19:26:10.0104 2440 DXGKrnl - ok 19:26:10.0229 2440 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys 19:26:10.0401 2440 ebdrv - ok 19:26:10.0463 2440 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys 19:26:10.0494 2440 elxstor - ok 19:26:10.0557 2440 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\drivers\errdev.sys 19:26:10.0588 2440 ErrDev - ok 19:26:10.0697 2440 exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys 19:26:10.0759 2440 exfat - ok 19:26:10.0791 2440 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys 19:26:10.0837 2440 fastfat - ok 19:26:10.0884 2440 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys 19:26:10.0915 2440 fdc - ok 19:26:10.0962 2440 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys 19:26:10.0978 2440 FileInfo - ok 19:26:11.0009 2440 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys 19:26:11.0071 2440 Filetrace - ok 19:26:11.0118 2440 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys 19:26:11.0149 2440 flpydisk - ok 19:26:11.0212 2440 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys 19:26:11.0243 2440 FltMgr - ok 19:26:11.0290 2440 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys 19:26:11.0305 2440 FsDepends - ok 19:26:11.0352 2440 Fs_Rec (a574b4360e438977038aae4bf60d79a2) C:\Windows\system32\drivers\Fs_Rec.sys 19:26:11.0368 2440 Fs_Rec - ok 19:26:11.0446 2440 fvevol (8a73e79089b282100b9393b644cb853b) C:\Windows\system32\DRIVERS\fvevol.sys 19:26:11.0477 2440 fvevol - ok 19:26:11.0555 2440 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys 19:26:11.0571 2440 gagp30kx - ok 19:26:11.0758 2440 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys 19:26:11.0820 2440 hcw85cir - ok 19:26:11.0883 2440 HdAudAddService (a5ef29d5315111c80a5c1abad14c8972) C:\Windows\system32\drivers\HdAudio.sys 19:26:11.0945 2440 HdAudAddService - ok 19:26:12.0023 2440 HDAudBus (9036377b8a6c15dc2eec53e489d159b5) C:\Windows\system32\drivers\HDAudBus.sys 19:26:12.0070 2440 HDAudBus - ok 19:26:12.0101 2440 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys 19:26:12.0132 2440 HidBatt - ok 19:26:12.0163 2440 HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys 19:26:12.0210 2440 HidBth - ok 19:26:12.0241 2440 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys 19:26:12.0288 2440 HidIr - ok 19:26:12.0351 2440 HidUsb (10c19f8290891af023eaec0832e1eb4d) C:\Windows\system32\drivers\hidusb.sys 19:26:12.0366 2440 HidUsb - ok 19:26:12.0444 2440 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\drivers\HpSAMD.sys 19:26:12.0475 2440 HpSAMD - ok 19:26:12.0553 2440 HTTP (871917b07a141bff43d76d8844d48106) C:\Windows\system32\drivers\HTTP.sys 19:26:12.0694 2440 HTTP - ok 19:26:12.0741 2440 hwpolicy (0c4e035c7f105f1299258c90886c64c5) C:\Windows\system32\drivers\hwpolicy.sys 19:26:12.0756 2440 hwpolicy - ok 19:26:12.0819 2440 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\drivers\i8042prt.sys 19:26:12.0865 2440 i8042prt - ok 19:26:12.0912 2440 iaStorV (5cd5f9a5444e6cdcb0ac89bd62d8b76e) C:\Windows\system32\drivers\iaStorV.sys 19:26:12.0959 2440 iaStorV - ok 19:26:13.0021 2440 iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys 19:26:13.0037 2440 iirsp - ok 19:26:13.0224 2440 IntcAzAudAddService (0a0e3c041c20c4175e1cc6580138ca38) C:\Windows\system32\drivers\RTKVHDA.sys 19:26:13.0318 2440 IntcAzAudAddService - ok 19:26:13.0365 2440 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\drivers\intelide.sys 19:26:13.0380 2440 intelide - ok 19:26:13.0411 2440 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys 19:26:13.0443 2440 intelppm - ok 19:26:13.0474 2440 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys 19:26:13.0536 2440 IpFilterDriver - ok 19:26:13.0599 2440 IPMIDRV (4bd7134618c1d2a27466a099062547bf) C:\Windows\system32\drivers\IPMIDrv.sys 19:26:13.0661 2440 IPMIDRV - ok 19:26:13.0708 2440 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys 19:26:13.0770 2440 IPNAT - ok 19:26:13.0817 2440 IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys 19:26:13.0864 2440 IRENUM - ok 19:26:13.0926 2440 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\drivers\isapnp.sys 19:26:13.0942 2440 isapnp - ok 19:26:14.0004 2440 iScsiPrt (cb7a9abb12b8415bce5d74994c7ba3ae) C:\Windows\system32\drivers\msiscsi.sys 19:26:14.0035 2440 iScsiPrt - ok 19:26:14.0082 2440 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\drivers\kbdclass.sys 19:26:14.0098 2440 kbdclass - ok 19:26:14.0160 2440 kbdhid (9e3ced91863e6ee98c24794d05e27a71) C:\Windows\system32\drivers\kbdhid.sys 19:26:14.0191 2440 kbdhid - ok 19:26:14.0254 2440 KSecDD (412cea1aa78cc02a447f5c9e62b32ff1) C:\Windows\system32\Drivers\ksecdd.sys 19:26:14.0269 2440 KSecDD - ok 19:26:14.0301 2440 KSecPkg (26c046977e85b95036453d7b88ba1820) C:\Windows\system32\Drivers\ksecpkg.sys 19:26:14.0332 2440 KSecPkg - ok 19:26:14.0394 2440 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys 19:26:14.0457 2440 lltdio - ok 19:26:14.0503 2440 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys 19:26:14.0535 2440 LSI_FC - ok 19:26:14.0550 2440 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys 19:26:14.0581 2440 LSI_SAS - ok 19:26:14.0628 2440 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys 19:26:14.0659 2440 LSI_SAS2 - ok 19:26:14.0691 2440 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys 19:26:14.0722 2440 LSI_SCSI - ok 19:26:14.0769 2440 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys 19:26:14.0831 2440 luafv - ok 19:26:14.0893 2440 MBAMProtector (69a6268d7f81e53d568ab4e7e991caf3) C:\Windows\system32\drivers\mbam.sys 19:26:14.0909 2440 MBAMProtector - ok 19:26:14.0956 2440 MBAMSwissArmy - ok 19:26:15.0034 2440 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys 19:26:15.0049 2440 megasas - ok 19:26:15.0096 2440 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys 19:26:15.0143 2440 MegaSR - ok 19:26:15.0205 2440 Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys 19:26:15.0252 2440 Modem - ok 19:26:15.0299 2440 monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys 19:26:15.0330 2440 monitor - ok 19:26:15.0377 2440 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\drivers\mouclass.sys 19:26:15.0408 2440 mouclass - ok 19:26:15.0439 2440 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys 19:26:15.0471 2440 mouhid - ok 19:26:15.0517 2440 mountmgr (fc8771f45ecccfd89684e38842539b9b) C:\Windows\system32\drivers\mountmgr.sys 19:26:15.0549 2440 mountmgr - ok 19:26:15.0642 2440 mpio (2d699fb6e89ce0d8da14ecc03b3edfe0) C:\Windows\system32\drivers\mpio.sys 19:26:15.0658 2440 mpio - ok 19:26:15.0705 2440 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys 19:26:15.0767 2440 mpsdrv - ok 19:26:15.0814 2440 MRxDAV (ceb46ab7c01c9f825f8cc6babc18166a) C:\Windows\system32\drivers\mrxdav.sys 19:26:15.0892 2440 MRxDAV - ok 19:26:15.0970 2440 mrxsmb (5d16c921e3671636c0eba3bbaac5fd25) C:\Windows\system32\DRIVERS\mrxsmb.sys 19:26:16.0017 2440 mrxsmb - ok 19:26:16.0079 2440 mrxsmb10 (6d17a4791aca19328c685d256349fefc) C:\Windows\system32\DRIVERS\mrxsmb10.sys 19:26:16.0141 2440 mrxsmb10 - ok 19:26:16.0173 2440 mrxsmb20 (b81f204d146000be76651a50670a5e9e) C:\Windows\system32\DRIVERS\mrxsmb20.sys 19:26:16.0204 2440 mrxsmb20 - ok 19:26:16.0266 2440 msahci (012c5f4e9349e711e11e0f19a8589f0a) C:\Windows\system32\drivers\msahci.sys 19:26:16.0282 2440 msahci - ok 19:26:16.0344 2440 msdsm (55055f8ad8be27a64c831322a780a228) C:\Windows\system32\drivers\msdsm.sys 19:26:16.0375 2440 msdsm - ok 19:26:16.0438 2440 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys 19:26:16.0469 2440 Msfs - ok 19:26:16.0500 2440 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys 19:26:16.0547 2440 mshidkmdf - ok 19:26:16.0594 2440 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\drivers\msisadrv.sys 19:26:16.0641 2440 msisadrv - ok 19:26:16.0703 2440 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys 19:26:16.0765 2440 MSKSSRV - ok 19:26:16.0765 2440 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys 19:26:16.0812 2440 MSPCLOCK - ok 19:26:16.0843 2440 MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys 19:26:16.0890 2440 MSPQM - ok 19:26:16.0906 2440 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys 19:26:16.0937 2440 MsRPC - ok 19:26:16.0968 2440 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\drivers\mssmbios.sys 19:26:16.0984 2440 mssmbios - ok 19:26:17.0015 2440 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys 19:26:17.0062 2440 MSTEE - ok 19:26:17.0093 2440 MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys 19:26:17.0109 2440 MTConfig - ok 19:26:17.0140 2440 Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys 19:26:17.0171 2440 Mup - ok 19:26:17.0218 2440 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys 19:26:17.0249 2440 NativeWifiP - ok 19:26:17.0343 2440 NDIS (e7c54812a2aaf43316eb6930c1ffa108) C:\Windows\system32\drivers\ndis.sys 19:26:17.0421 2440 NDIS - ok 19:26:17.0452 2440 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys 19:26:17.0499 2440 NdisCap - ok 19:26:17.0530 2440 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys 19:26:17.0577 2440 NdisTapi - ok 19:26:17.0686 2440 Ndisuio (d8a65dafb3eb41cbb622745676fcd072) C:\Windows\system32\DRIVERS\ndisuio.sys 19:26:17.0748 2440 Ndisuio - ok 19:26:17.0795 2440 NdisWan (38fbe267e7e6983311179230facb1017) C:\Windows\system32\DRIVERS\ndiswan.sys 19:26:17.0842 2440 NdisWan - ok 19:26:17.0904 2440 NDProxy (a4bdc541e69674fbff1a8ff00be913f2) C:\Windows\system32\drivers\NDProxy.sys 19:26:17.0951 2440 NDProxy - ok 19:26:18.0013 2440 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys 19:26:18.0107 2440 NetBIOS - ok 19:26:18.0169 2440 NetBT (280122ddcf04b378edd1ad54d71c1e54) C:\Windows\system32\DRIVERS\netbt.sys 19:26:18.0232 2440 NetBT - ok 19:26:18.0294 2440 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys 19:26:18.0310 2440 nfrd960 - ok 19:26:18.0357 2440 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys 19:26:18.0403 2440 Npfs - ok 19:26:18.0435 2440 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys 19:26:18.0481 2440 nsiproxy - ok 19:26:18.0591 2440 Ntfs (81189c3d7763838e55c397759d49007a) C:\Windows\system32\drivers\Ntfs.sys 19:26:18.0762 2440 Ntfs - ok 19:26:18.0778 2440 Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys 19:26:18.0840 2440 Null - ok 19:26:18.0903 2440 NVENETFD (b5e37e31c053bc9950455a257526514b) C:\Windows\system32\DRIVERS\nvm62x32.sys 19:26:18.0965 2440 NVENETFD - ok 19:26:19.0293 2440 nvlddmkm (fe6bebb8fc2a1e50426624025d7c30d6) C:\Windows\system32\DRIVERS\nvlddmkm.sys 19:26:19.0963 2440 nvlddmkm - ok 19:26:20.0104 2440 nvraid (b3e25ee28883877076e0e1ff877d02e0) C:\Windows\system32\drivers\nvraid.sys 19:26:20.0151 2440 nvraid - ok 19:26:20.0213 2440 nvsmu (9aebc32f9d6e02ebee0369ab296fe7c8) C:\Windows\system32\DRIVERS\nvsmu.sys 19:26:20.0291 2440 nvsmu - ok 19:26:20.0353 2440 nvstor (4380e59a170d88c4f1022eff6719a8a4) C:\Windows\system32\drivers\nvstor.sys 19:26:20.0400 2440 nvstor - ok 19:26:20.0447 2440 nvstor32 (2bb068c7600c206372d8269be74c67bb) C:\Windows\system32\DRIVERS\nvstor32.sys 19:26:20.0478 2440 nvstor32 - ok 19:26:20.0525 2440 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\drivers\nv_agp.sys 19:26:20.0572 2440 nv_agp - ok 19:26:20.0650 2440 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\drivers\ohci1394.sys 19:26:20.0712 2440 ohci1394 - ok 19:26:20.0806 2440 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys 19:26:20.0868 2440 Parport - ok 19:26:20.0931 2440 partmgr (bf8f6af06da75b336f07e23aef97d93b) C:\Windows\system32\drivers\partmgr.sys 19:26:20.0977 2440 partmgr - ok 19:26:21.0024 2440 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys 19:26:21.0102 2440 Parvdm - ok 19:26:21.0180 2440 pci (673e55c3498eb970088e812ea820aa8f) C:\Windows\system32\drivers\pci.sys 19:26:21.0243 2440 pci - ok 19:26:21.0274 2440 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\drivers\pciide.sys 19:26:21.0321 2440 pciide - ok 19:26:21.0367 2440 pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys 19:26:21.0430 2440 pcmcia - ok 19:26:21.0508 2440 pcouffin (5b6c11de7e839c05248ced8825470fef) C:\Windows\system32\Drivers\pcouffin.sys 19:26:21.0601 2440 pcouffin - ok 19:26:21.0664 2440 pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys 19:26:21.0711 2440 pcw - ok 19:26:21.0773 2440 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys 19:26:21.0960 2440 PEAUTH - ok 19:26:22.0147 2440 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys 19:26:22.0257 2440 PptpMiniport - ok 19:26:22.0288 2440 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys 19:26:22.0366 2440 Processor - ok 19:26:22.0444 2440 Psched (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys 19:26:22.0569 2440 Psched - ok 19:26:22.0725 2440 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys 19:26:22.0912 2440 ql2300 - ok 19:26:22.0943 2440 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys 19:26:23.0005 2440 ql40xx - ok 19:26:23.0052 2440 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys 19:26:23.0099 2440 QWAVEdrv - ok 19:26:23.0130 2440 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys 19:26:23.0239 2440 RasAcd - ok 19:26:23.0302 2440 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys 19:26:23.0395 2440 RasAgileVpn - ok 19:26:23.0442 2440 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys 19:26:23.0567 2440 Rasl2tp - ok 19:26:23.0676 2440 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys 19:26:23.0801 2440 RasPppoe - ok 19:26:23.0832 2440 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys 19:26:23.0941 2440 RasSstp - ok 19:26:24.0035 2440 rdbss (d528bc58a489409ba40334ebf96a311b) C:\Windows\system32\DRIVERS\rdbss.sys 19:26:24.0144 2440 rdbss - ok 19:26:24.0175 2440 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys 19:26:24.0222 2440 rdpbus - ok 19:26:24.0285 2440 RDPCDD (23dae03f29d253ae74c44f99e515f9a1) C:\Windows\system32\DRIVERS\RDPCDD.sys 19:26:24.0409 2440 RDPCDD - ok 19:26:24.0472 2440 RDPDR (b973fcfc50dc1434e1970a146f7e3885) C:\Windows\system32\drivers\rdpdr.sys 19:26:24.0565 2440 RDPDR - ok 19:26:24.0597 2440 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys 19:26:24.0737 2440 RDPENCDD - ok 19:26:24.0784 2440 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys 19:26:24.0877 2440 RDPREFMP - ok 19:26:24.0955 2440 RdpVideoMiniport (68a0387f58e226deee23d9715955572a) C:\Windows\system32\drivers\rdpvideominiport.sys 19:26:25.0049 2440 RdpVideoMiniport - ok 19:26:25.0143 2440 RDPWD (288b06960d78428ff89e811632684e20) C:\Windows\system32\drivers\RDPWD.sys 19:26:25.0236 2440 RDPWD - ok 19:26:25.0314 2440 rdyboost (518395321dc96fe2c9f0e96ac743b656) C:\Windows\system32\drivers\rdyboost.sys 19:26:25.0377 2440 rdyboost - ok 19:26:25.0501 2440 RimUsb (f17713d108aca124a139fde877eef68a) C:\Windows\system32\Drivers\RimUsb.sys 19:26:25.0564 2440 RimUsb - ok 19:26:25.0704 2440 RimVSerPort (2c4fb2e9f039287767c384e46ee91030) C:\Windows\system32\DRIVERS\RimSerial.sys 19:26:25.0767 2440 RimVSerPort - ok 19:26:25.0829 2440 ROOTMODEM (564297827d213f52c7a3a2ff749568ca) C:\Windows\system32\Drivers\RootMdm.sys 19:26:25.0938 2440 ROOTMODEM - ok 19:26:26.0016 2440 rspndr (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys 19:26:26.0125 2440 rspndr - ok 19:26:26.0188 2440 RTSTOR (6e7f2054faedbe766034aa8a185213ec) C:\Windows\system32\drivers\RTSTOR.SYS 19:26:26.0235 2440 RTSTOR - ok 19:26:26.0297 2440 s3cap (7fa7f2e249a5dcbb7970630e15e1f482) C:\Windows\system32\drivers\vms3cap.sys 19:26:26.0375 2440 s3cap - ok 19:26:26.0453 2440 sbp2port (05d860da1040f111503ac416ccef2bca) C:\Windows\system32\drivers\sbp2port.sys 19:26:26.0515 2440 sbp2port - ok 19:26:26.0578 2440 scfilter (0693b5ec673e34dc147e195779a4dcf6) C:\Windows\system32\DRIVERS\scfilter.sys 19:26:26.0718 2440 scfilter - ok 19:26:26.0827 2440 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys 19:26:26.0937 2440 secdrv - ok 19:26:27.0015 2440 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys 19:26:27.0061 2440 Serenum - ok 19:26:27.0093 2440 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys 19:26:27.0171 2440 Serial - ok 19:26:27.0217 2440 sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys 19:26:27.0280 2440 sermouse - ok 19:26:27.0358 2440 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\drivers\sffdisk.sys 19:26:27.0420 2440 sffdisk - ok 19:26:27.0467 2440 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\drivers\sffp_mmc.sys 19:26:27.0529 2440 sffp_mmc - ok 19:26:27.0545 2440 sffp_sd (6d4ccaedc018f1cf52866bbbaa235982) C:\Windows\system32\drivers\sffp_sd.sys 19:26:27.0623 2440 sffp_sd - ok 19:26:27.0701 2440 sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys 19:26:27.0763 2440 sfloppy - ok 19:26:27.0857 2440 SIS163u (370ed82428657a2344aba98a76c06250) C:\Windows\system32\DRIVERS\sis163u.sys 19:26:27.0951 2440 SIS163u - ok 19:26:27.0997 2440 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\drivers\sisagp.sys 19:26:28.0060 2440 sisagp - ok 19:26:28.0153 2440 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys 19:26:28.0200 2440 SiSRaid2 - ok 19:26:28.0247 2440 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys 19:26:28.0309 2440 SiSRaid4 - ok 19:26:28.0372 2440 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys 19:26:28.0481 2440 Smb - ok 19:26:28.0590 2440 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys 19:26:28.0668 2440 spldr - ok 19:26:28.0809 2440 srv (e4c2764065d66ea1d2d3ebc28fe99c46) C:\Windows\system32\DRIVERS\srv.sys 19:26:28.0933 2440 srv - ok 19:26:29.0011 2440 srv2 (03f0545bd8d4c77fa0ae1ceedfcc71ab) C:\Windows\system32\DRIVERS\srv2.sys 19:26:29.0121 2440 srv2 - ok 19:26:29.0183 2440 SrvHsfHDA (e00fdfaff025e94f9821153750c35a6d) C:\Windows\system32\DRIVERS\VSTAZL3.SYS 19:26:29.0261 2440 SrvHsfHDA - ok 19:26:29.0339 2440 SrvHsfV92 (ceb4e3b6890e1e42dca6694d9e59e1a0) C:\Windows\system32\DRIVERS\VSTDPV3.SYS 19:26:29.0495 2440 SrvHsfV92 - ok 19:26:29.0557 2440 SrvHsfWinac (bc0c7ea89194c299f051c24119000e17) C:\Windows\system32\DRIVERS\VSTCNXT3.SYS 19:26:29.0698 2440 SrvHsfWinac - ok 19:26:29.0760 2440 srvnet (be6bd660caa6f291ae06a718a4fa8abc) C:\Windows\system32\DRIVERS\srvnet.sys 19:26:29.0823 2440 srvnet - ok 19:26:29.0916 2440 ssmdrv (a36ee93698802cd899f98bfd553d8185) C:\Windows\system32\DRIVERS\ssmdrv.sys 19:26:29.0963 2440 ssmdrv - ok 19:26:30.0025 2440 stexstor (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys 19:26:30.0072 2440 stexstor - ok 19:26:30.0150 2440 storflt (472af0311073dceceaa8fa18ba2bdf89) C:\Windows\system32\drivers\vmstorfl.sys 19:26:30.0213 2440 storflt - ok 19:26:30.0244 2440 storvsc (dcaffd62259e0bdb433dd67b5bb37619) C:\Windows\system32\drivers\storvsc.sys 19:26:30.0291 2440 storvsc - ok 19:26:30.0353 2440 swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\drivers\swenum.sys 19:26:30.0384 2440 swenum - ok 19:26:30.0447 2440 Synth3dVsc - ok 19:26:30.0696 2440 Tcpip (04e4a7d53a7ace02e8c55b17a498f631) C:\Windows\system32\drivers\tcpip.sys 19:26:30.0868 2440 Tcpip - ok 19:26:30.0946 2440 TCPIP6 (04e4a7d53a7ace02e8c55b17a498f631) C:\Windows\system32\DRIVERS\tcpip.sys 19:26:31.0039 2440 TCPIP6 - ok 19:26:31.0117 2440 tcpipreg (cca24162e055c3714ce5a88b100c64ed) C:\Windows\system32\drivers\tcpipreg.sys 19:26:31.0227 2440 tcpipreg - ok 19:26:31.0305 2440 TDPIPE (1cb91b2bd8f6dd367dfc2ef26fd751b2) C:\Windows\system32\drivers\tdpipe.sys 19:26:31.0398 2440 TDPIPE - ok 19:26:31.0429 2440 TDTCP (2c10395baa4847f83042813c515cc289) C:\Windows\system32\drivers\tdtcp.sys 19:26:31.0539 2440 TDTCP - ok 19:26:31.0632 2440 tdx (b459575348c20e8121d6039da063c704) C:\Windows\system32\DRIVERS\tdx.sys 19:26:31.0741 2440 tdx - ok 19:26:31.0835 2440 TermDD (04dbf4b01ea4bf25a9a3e84affac9b20) C:\Windows\system32\drivers\termdd.sys 19:26:31.0882 2440 TermDD - ok 19:26:32.0007 2440 tssecsrv (254bb140eee3c59d6114c1a86b636877) C:\Windows\system32\DRIVERS\tssecsrv.sys 19:26:32.0100 2440 tssecsrv - ok 19:26:32.0194 2440 TsUsbFlt (fd1d6c73e6333be727cbcc6054247654) C:\Windows\system32\drivers\tsusbflt.sys 19:26:32.0287 2440 TsUsbFlt - ok 19:26:32.0303 2440 tsusbhub - ok 19:26:32.0397 2440 tunnel (b2fa25d9b17a68bb93d58b0556e8c90d) C:\Windows\system32\DRIVERS\tunnel.sys 19:26:32.0506 2440 tunnel - ok 19:26:32.0553 2440 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys 19:26:32.0599 2440 uagp35 - ok 19:26:32.0693 2440 udfs (ee43346c7e4b5e63e54f927babbb32ff) C:\Windows\system32\DRIVERS\udfs.sys 19:26:32.0818 2440 udfs - ok 19:26:32.0927 2440 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\drivers\uliagpkx.sys 19:26:32.0974 2440 uliagpkx - ok 19:26:33.0067 2440 umbus (d295bed4b898f0fd999fcfa9b32b071b) C:\Windows\system32\drivers\umbus.sys 19:26:33.0114 2440 umbus - ok 19:26:33.0161 2440 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys 19:26:33.0223 2440 UmPass - ok 19:26:33.0286 2440 usbccgp (bd9c55d7023c5de374507acc7a14e2ac) C:\Windows\system32\DRIVERS\usbccgp.sys 19:26:33.0379 2440 usbccgp - ok 19:26:33.0426 2440 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\drivers\usbcir.sys 19:26:33.0504 2440 usbcir - ok 19:26:33.0551 2440 usbehci (f92de757e4b7ce9c07c5e65423f3ae3b) C:\Windows\system32\DRIVERS\usbehci.sys 19:26:33.0629 2440 usbehci - ok 19:26:33.0707 2440 usbhub (8dc94aec6a7e644a06135ae7506dc2e9) C:\Windows\system32\DRIVERS\usbhub.sys 19:26:33.0785 2440 usbhub - ok 19:26:33.0832 2440 usbohci (e185d44fac515a18d9deddc23c2cdf44) C:\Windows\system32\DRIVERS\usbohci.sys 19:26:33.0879 2440 usbohci - ok 19:26:33.0925 2440 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys 19:26:33.0972 2440 usbprint - ok 19:26:34.0019 2440 usbscan (576096ccbc07e7c4ea4f5e6686d6888f) C:\Windows\system32\DRIVERS\usbscan.sys 19:26:34.0066 2440 usbscan - ok 19:26:34.0113 2440 USBSTOR (f991ab9cc6b908db552166768176896a) C:\Windows\system32\DRIVERS\USBSTOR.SYS 19:26:34.0175 2440 USBSTOR - ok 19:26:34.0222 2440 usbuhci (68df884cf41cdada664beb01daf67e3d) C:\Windows\system32\drivers\usbuhci.sys 19:26:34.0269 2440 usbuhci - ok 19:26:34.0300 2440 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\drivers\vdrvroot.sys 19:26:34.0331 2440 vdrvroot - ok 19:26:34.0378 2440 vga (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys 19:26:34.0409 2440 vga - ok 19:26:34.0440 2440 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys 19:26:34.0471 2440 VgaSave - ok 19:26:34.0518 2440 VGPU - ok 19:26:34.0581 2440 vhdmp (5461686cca2fda57b024547733ab42e3) C:\Windows\system32\drivers\vhdmp.sys 19:26:34.0596 2440 vhdmp - ok 19:26:34.0721 2440 viaagp (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\drivers\viaagp.sys 19:26:34.0737 2440 viaagp - ok 19:26:34.0768 2440 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys 19:26:34.0815 2440 ViaC7 - ok 19:26:34.0846 2440 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\drivers\viaide.sys 19:26:34.0861 2440 viaide - ok 19:26:34.0924 2440 vmbus (c2f2911156fdc7817c52829c86da494e) C:\Windows\system32\drivers\vmbus.sys 19:26:34.0955 2440 vmbus - ok 19:26:35.0002 2440 VMBusHID (d4d77455211e204f370d08f4963063ce) C:\Windows\system32\drivers\VMBusHID.sys 19:26:35.0033 2440 VMBusHID - ok 19:26:35.0064 2440 volmgr (4c63e00f2f4b5f86ab48a58cd990f212) C:\Windows\system32\drivers\volmgr.sys 19:26:35.0080 2440 volmgr - ok 19:26:35.0111 2440 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys 19:26:35.0142 2440 volmgrx - ok 19:26:35.0205 2440 volsnap (f497f67932c6fa693d7de2780631cfe7) C:\Windows\system32\drivers\volsnap.sys 19:26:35.0236 2440 volsnap - ok 19:26:35.0283 2440 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys 19:26:35.0298 2440 vsmraid - ok 19:26:35.0329 2440 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\System32\drivers\vwifibus.sys 19:26:35.0361 2440 vwifibus - ok 19:26:35.0392 2440 WacomPen (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys 19:26:35.0423 2440 WacomPen - ok 19:26:35.0485 2440 WANARP (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys 19:26:35.0532 2440 WANARP - ok 19:26:35.0548 2440 Wanarpv6 (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys 19:26:35.0579 2440 Wanarpv6 - ok 19:26:35.0657 2440 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys 19:26:35.0688 2440 Wd - ok 19:26:35.0735 2440 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys 19:26:35.0766 2440 Wdf01000 - ok 19:26:35.0844 2440 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys 19:26:35.0891 2440 WfpLwf - ok 19:26:35.0907 2440 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys 19:26:35.0922 2440 WIMMount - ok 19:26:36.0016 2440 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\drivers\wmiacpi.sys 19:26:36.0047 2440 WmiAcpi - ok 19:26:36.0109 2440 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys 19:26:36.0156 2440 ws2ifsl - ok 19:26:36.0234 2440 WudfPf (e714a1c0354636837e20ccbf00888ee7) C:\Windows\system32\drivers\WudfPf.sys 19:26:36.0297 2440 WudfPf - ok 19:26:36.0359 2440 WUDFRd (1023ee888c9b47178c5293ed5336ab69) C:\Windows\system32\DRIVERS\WUDFRd.sys 19:26:36.0406 2440 WUDFRd - ok 19:26:36.0468 2440 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0 19:26:36.0905 2440 \Device\Harddisk0\DR0 - ok 19:26:36.0921 2440 Boot (0x1200) (94ececeb7416306e4008fbb6bcfda31d) \Device\Harddisk0\DR0\Partition0 19:26:36.0921 2440 \Device\Harddisk0\DR0\Partition0 - ok 19:26:36.0952 2440 Boot (0x1200) (a97b6b34d574a115d613f6a6afd04130) \Device\Harddisk0\DR0\Partition1 19:26:36.0952 2440 \Device\Harddisk0\DR0\Partition1 - ok 19:26:36.0952 2440 ============================================================ 19:26:36.0952 2440 Scan finished 19:26:36.0952 2440 ============================================================ 19:26:36.0983 3864 Detected object count: 0 19:26:36.0983 3864 Actual detected object count: 0 Ist nun alles wieder ok? Danke! |
|
30.10.2011, 19:39
| #19 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Facebook-Virus Dann bitte jetzt CF ausführen: ComboFix Ein Leitfaden und Tutorium zur Nutzung von ComboFix
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat! Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie Zitat:
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
30.10.2011, 22:29
| #20 |
| | Facebook-Virus Combofix Logfile: Code:
ATTFilter ComboFix 11-10-30.03 - B4rkeeper 30.10.2011 20:20:49.1.2 - x86
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.49.1031.18.2047.1439 [GMT 1:00]
ausgeführt von:: c:\users\B4rkeeper\Desktop\ComboFix.exe
AV: Avira Desktop *Enabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Enabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Neuer Wiederherstellungspunkt wurde erstellt
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\Install.exe
c:\program files\facemoods.com
c:\program files\facemoods.com\facemoods\1.4.17.7\facemoods.crx
c:\program files\facemoods.com\facemoods\1.4.17.7\facemoods.png
c:\program files\facemoods.com\facemoods\1.4.17.7\facemoodsApp.dll
c:\program files\facemoods.com\facemoods\1.4.17.7\facemoodsEng.dll
c:\program files\facemoods.com\facemoods\1.4.17.7\uninstall.exe
c:\users\B4rkeeper\AppData\Roaming\inst.exe
c:\users\B4rkeeper\AppData\Roaming\vso_ts_preview.xml
c:\windows\system\BisonCam.dll
c:\windows\WindowsUpdate.log
.
Infizierte Kopie von c:\windows\system32\drivers\ntfs.sys wurde gefunden und desinfiziert
Kopie von - c:\windows\winsxs\x86_microsoft-windows-ntfs_31bf3856ad364e35_6.1.7600.20921_none_a70e0489972fb38f\ntfs.sys wurde wiederhergestellt
.
.
((((((((((((((((((((((( Dateien erstellt von 2011-09-28 bis 2011-10-30 ))))))))))))))))))))))))))))))
.
.
2011-10-30 19:32 . 2011-10-30 19:34 -------- d-----w- c:\users\B4rkeeper\AppData\Local\temp
2011-10-30 19:32 . 2011-10-30 19:32 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-10-30 19:15 . 2011-10-30 19:15 -------- dc----w- c:\users\B4rkeeper\AppData\Local\MigWiz
2011-10-28 22:56 . 2011-10-28 22:56 -------- d-----w- C:\_OTL
2011-10-27 17:24 . 2011-10-27 17:24 -------- d-----w- c:\program files\ESET
2011-10-20 16:03 . 2011-10-20 16:03 -------- d-----w- c:\program files\Common Files\Java
2011-10-16 12:27 . 2011-08-31 15:00 22216 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-10-16 12:27 . 2011-10-16 12:31 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-10-15 17:47 . 2011-10-28 22:56 -------- d-----w- c:\program files\vShare.tv plugin
2011-10-13 20:32 . 2011-08-17 04:24 465408 ----a-w- c:\windows\system32\psisdecd.dll
2011-10-13 20:32 . 2011-08-17 04:19 75776 ----a-w- c:\windows\system32\psisrndr.ax
2011-10-13 20:32 . 2011-08-27 04:26 233472 ----a-w- c:\windows\system32\oleacc.dll
2011-10-13 20:32 . 2011-08-27 04:26 571904 ----a-w- c:\windows\system32\oleaut32.dll
2011-10-13 20:32 . 2011-09-06 02:28 2334720 ----a-w- c:\windows\system32\win32k.sys
2011-10-03 09:14 . 2011-10-03 09:14 83456 ----a-w- c:\program files\Mozilla Firefox\plugins\npvsharetvplg.dll
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-10-03 03:06 . 2010-05-23 08:21 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-10-02 09:18 . 2011-05-13 13:37 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-10-01 10:17 . 2011-06-19 13:20 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\B4rkeeper\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\B4rkeeper\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\B4rkeeper\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvSvc"="c:\windows\system32\nvsvc.dll" [2007-07-19 86016]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-07-19 8466432]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-07-19 81920]
"Apoint"="c:\program files\Apoint2K\Apoint.exe" [2007-05-25 159744]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2009-10-28 7862816]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 31016]
"BisonAPP"="c:\windows\BisonCam\BisonAPP.exe" [2007-05-17 49152]
"LXCTCATS"="c:\windows\system32\spool\DRIVERS\W32X86\3\LXCTtime.dll" [2006-11-21 106496]
"Malwarebytes' Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2011-08-31 1047208]
"Ocs_SM"="c:\users\B4rkeeper\AppData\Roaming\OCS\SM\SearchAnonymizer.exe" [2011-08-29 106496]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2011-07-05 421888]
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-08-31 449608]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
.
c:\users\B4rkeeper\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\B4rkeeper\AppData\Roaming\Dropbox\bin\Dropbox.exe [2011-5-25 24176560]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"HideSCAHealth"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
Trusted 2eab
.
[HKLM\~\startupfolder\C:^Users^B4rkeeper^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk]
path=c:\users\B4rkeeper\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
backup=c:\windows\pss\Dropbox.lnk.Startup
backupExtension=.Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\dradio-RecorderTimer]
2010-11-23 17:26 39936 ----a-w- c:\program files\dradio-Recorder\phonostarTimer.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EzPrint]
2006-11-22 08:11 82864 ----a-w- c:\program files\Lexmark 5400 Series\ezprint.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ]
2010-11-16 19:37 133432 ----a-w- c:\program files\ICQ7.2\ICQ.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Lexmark 5400 Series Fax Server]
2006-11-22 08:12 304048 ----a-w- c:\program files\Lexmark 5400 Series\fm3032.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\lxctmon.exe]
2006-11-22 08:11 291760 ----a-w- c:\program files\Lexmark 5400 Series\lxctmon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
2011-07-11 21:47 74752 ----a-w- c:\program files\Winamp\winampa.exe
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-10-04 136176]
R3 gupdatem;Google Update-Dienst (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2010-10-04 136176]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2010-11-20 15872]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2011-08-31 366152]
S2 SearchAnonymizer;SearchAnonymizer;c:\users\B4rkeeper\AppData\Roaming\OCS\SM\SearchAnonymizerHelper.exe [2011-08-29 40960]
S2 TeamViewer4;TeamViewer 4;c:\program files\TeamViewer\Version4\TeamViewer_Service.exe [2009-10-07 185640]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-08-31 22216]
S3 pcouffin;VSO Software pcouffin;c:\windows\system32\Drivers\pcouffin.sys [2009-12-04 47360]
S3 SIS163u;SiS163 USB Wireless LAN Adapter Driver;c:\windows\system32\DRIVERS\sis163u.sys [2007-05-07 218624]
S3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL3.SYS [2009-07-13 207360]
S3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV3.SYS [2009-07-13 980992]
S3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT3.SYS [2009-07-13 661504]
.
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page =
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Free YouTube to MP3 Converter - c:\users\B4rkeeper\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: {{7644E42D-B096-457F-8B5B-901238FC81AE} - c:\program files\ICQ7.6\ICQ.exe
TCP: DhcpNameServer = 192.168.2.1
FF - ProfilePath - c:\users\B4rkeeper\AppData\Roaming\Mozilla\Firefox\Profiles\y62ol1ts.default\
FF - prefs.js: browser.search.defaulturl -
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxps://www.google.com/accounts/ServiceLogin?service=mail&passive=true&rm=false&continue=https%3A%2F%2Fmail.google.com%2Fmail%2F%3Fui%3Dhtml%26zy%3Dl&bsv=llya694le36z&ss=1&scc=1<mpl=googlemail&hl=de&from=logout
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
SafeBoot-47102691.sys
AddRemove-facemoods - c:\program files\facemoods.com\facemoods\1.4.17.7\uninstall.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- Durch laufende Prozesse gestartete DLLs ---------------------
.
- - - - - - - > 'Explorer.exe'(2960)
c:\users\B4rkeeper\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\windows\system32\rundll32.exe
c:\windows\system32\lxctcoms.exe
c:\windows\system32\taskhost.exe
c:\windows\system32\WUDFHost.exe
c:\windows\system32\conhost.exe
c:\windows\system32\sppsvc.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\\?\c:\windows\system32\wbem\WMIADAP.EXE
.
**************************************************************************
.
Zeit der Fertigstellung: 2011-10-30 20:40:26 - PC wurde neu gestartet
ComboFix-quarantined-files.txt 2011-10-30 19:40
.
Vor Suchlauf: 12 Verzeichnis(se), 70.389.796.864 Bytes frei
Nach Suchlauf: 16 Verzeichnis(se), 70.293.102.592 Bytes frei
.
- - End Of File - - B8D9F0493D7F66BD3E954A850470084A
|
|
30.10.2011, 23:48
| #21 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Facebook-Virus Ok. Bitte nun Logs mit GMER und OSAM erstellen und posten. GMER stürzt häufiger ab, wenn das Tool auch beim 2. Mal nicht will, lass es einfach weg und führ nur OSAM aus - die Online-Abfrage durch OSAM bitte überspringen. Bei OSAM bitte darauf auch achten, dass Du das Log auch als *.log und nicht *.html oder so abspeicherst. Hinweis: Zum Entpacken von OSAM bitte WinRAR oder 7zip verwenden! Stell auch unbedingt den Virenscanner ab, besonders der Scanner von McAfee meldet oft einen Fehalarm in OSAM! Downloade dir bitte  aswMBR.exe und speichere die Datei auf deinem Desktop.
Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none).
__________________ --> Facebook-Virus |
|
31.10.2011, 15:00
| #22 |
| | Facebook-Virus Anbei die 3 Logs: GMER Logfile: Code:
ATTFilter GMER 1.0.15.15641 - GMER - Rootkit Detector and Remover
Rootkit scan 2011-10-31 11:31:37
Windows 6.1.7601 Service Pack 1 Harddisk0\DR0 -> \Device\00000068 WDC_WD16 rev.04.0
Running: 70x1dpt7.exe; Driver: C:\Users\B4RKEE~1\AppData\Local\Temp\uwlyiuow.sys
---- System - GMER 1.0.15 ----
SSDT 8E708C2E ZwCreateSection
SSDT 8E708C38 ZwRequestWaitReplyPort
SSDT 8E708C33 ZwSetContextThread
SSDT 8E708C3D ZwSetSecurityObject
SSDT 8E708C42 ZwSystemDebugControl
SSDT 8E708BCF ZwTerminateProcess
---- Kernel code sections - GMER 1.0.15 ----
.text ntkrnlpa.exe!ZwSaveKey + 13D1 82C83349 1 Byte [06]
.text ntkrnlpa.exe!KiDispatchInterrupt + 5A2 82CBCD52 19 Bytes [E0, 0F, BA, F0, 07, 73, 09, ...] {LOOPNZ 0x11; MOV EDX, 0x97307f0; MOV CR4, EAX; OR AL, 0x80; MOV CR4, EAX; RET ; MOV ECX, CR3}
.text ntkrnlpa.exe!KeRemoveQueueEx + 11F7 82CC3EAC 4 Bytes [2E, 8C, 70, 8E]
.text ntkrnlpa.exe!KeRemoveQueueEx + 1553 82CC4208 4 Bytes [38, 8C, 70, 8E]
.text ntkrnlpa.exe!KeRemoveQueueEx + 1597 82CC424C 4 Bytes [33, 8C, 70, 8E]
.text ntkrnlpa.exe!KeRemoveQueueEx + 1613 82CC42C8 4 Bytes [3D, 8C, 70, 8E]
.text ntkrnlpa.exe!KeRemoveQueueEx + 1667 82CC431C 4 Bytes [42, 8C, 70, 8E]
.text ...
.text C:\Windows\system32\DRIVERS\nvlddmkm.sys section is writeable [0x9383A380, 0x3559E2, 0xE8000020]
---- User IAT/EAT - GMER 1.0.15 ----
IAT C:\Windows\system32\rundll32.exe[1444] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [74E7FFF6] C:\Windows\system32\apphelp.dll (Clientbibliothek für Anwendungskompatibilität/Microsoft Corporation)
IAT C:\Windows\system32\rundll32.exe[1444] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [74E7FFF6] C:\Windows\system32\apphelp.dll (Clientbibliothek für Anwendungskompatibilität/Microsoft Corporation)
IAT C:\Windows\system32\rundll32.exe[1444] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [74E7FFF6] C:\Windows\system32\apphelp.dll (Clientbibliothek für Anwendungskompatibilität/Microsoft Corporation)
IAT C:\Windows\system32\rundll32.exe[1444] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [74E7FFF6] C:\Windows\system32\apphelp.dll (Clientbibliothek für Anwendungskompatibilität/Microsoft Corporation)
IAT C:\Windows\System32\rundll32.exe[2320] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [74E7FFF6] C:\Windows\system32\apphelp.dll (Clientbibliothek für Anwendungskompatibilität/Microsoft Corporation)
IAT C:\Windows\System32\rundll32.exe[2320] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [74E7FFF6] C:\Windows\system32\apphelp.dll (Clientbibliothek für Anwendungskompatibilität/Microsoft Corporation)
IAT C:\Windows\System32\rundll32.exe[2320] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [74E7FFF6] C:\Windows\system32\apphelp.dll (Clientbibliothek für Anwendungskompatibilität/Microsoft Corporation)
IAT C:\Windows\System32\rundll32.exe[2320] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [74E7FFF6] C:\Windows\system32\apphelp.dll (Clientbibliothek für Anwendungskompatibilität/Microsoft Corporation)
IAT C:\Windows\System32\rundll32.exe[2336] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [74E7FFF6] C:\Windows\system32\apphelp.dll (Clientbibliothek für Anwendungskompatibilität/Microsoft Corporation)
IAT C:\Windows\System32\rundll32.exe[2336] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [74E7FFF6] C:\Windows\system32\apphelp.dll (Clientbibliothek für Anwendungskompatibilität/Microsoft Corporation)
IAT C:\Windows\System32\rundll32.exe[2336] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [74E7FFF6] C:\Windows\system32\apphelp.dll (Clientbibliothek für Anwendungskompatibilität/Microsoft Corporation)
IAT C:\Windows\System32\rundll32.exe[2336] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [74E7FFF6] C:\Windows\system32\apphelp.dll (Clientbibliothek für Anwendungskompatibilität/Microsoft Corporation)
---- Devices - GMER 1.0.15 ----
AttachedDevice \Driver\volmgr \Device\HarddiskVolume1 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume1 rdyboost.sys (ReadyBoost Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume2 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume2 rdyboost.sys (ReadyBoost Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume3 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume3 rdyboost.sys (ReadyBoost Driver/Microsoft Corporation)
Device \Driver\ACPI_HAL \Device\0000004e halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation)
---- Threads - GMER 1.0.15 ----
Thread System [4:3248] A7C2BF2E
---- Registry - GMER 1.0.15 ----
Reg HKLM\SOFTWARE\Microsoft\Windows Media Player NSS\3.0\Events\lvvm_RASAPI32@EnableFileTracing 0
Reg HKLM\SOFTWARE\Microsoft\Windows Media Player NSS\3.0\Events\lvvm_RASAPI32@EnableConsoleTracing 0
Reg HKLM\SOFTWARE\Microsoft\Windows Media Player NSS\3.0\Events\lvvm_RASAPI32@FileTracingMask -65536
Reg HKLM\SOFTWARE\Microsoft\Windows Media Player NSS\3.0\Events\lvvm_RASAPI32@ConsoleTracingMask -65536
Reg HKLM\SOFTWARE\Microsoft\Windows Media Player NSS\3.0\Events\lvvm_RASAPI32@MaxFileSize 1048576
Reg HKLM\SOFTWARE\Microsoft\Windows Media Player NSS\3.0\Events\lvvm_RASAPI32@FileDirectory %windir%\tracing
---- EOF - GMER 1.0.15 ----
OSAM Logfile: Code:
ATTFilter Report of OSAM: Autorun Manager v5.0.11926.0 Online Solutions. Complex Protection for Information Systems Saved at 11:38:09 on 31.10.2011 OS: Windows 7 Ultimate Edition Service Pack 1 (Build 7601), 32-bit Default Browser: Google Inc. Google Chrome 15.0.874.106 Scanner Settings [x] Rootkits detection (hidden registry) [x] Rootkits detection (hidden files) [x] Retrieve files information [x] Check Microsoft signatures Filters [ ] Trusted entries [ ] Empty entries [x] Hidden registry entries (rootkit activity) [x] Exclusively opened files [x] Not found files [x] Files without detailed information [x] Existing files [ ] Non-startable services [ ] Non-startable drivers [x] Active entries [x] Disabled entries [Control Panel Objects] -----( %SystemRoot%\system32 )----- "DivXControlPanelApplet.cpl" - "DivX, Inc." - C:\Windows\system32\DivXControlPanelApplet.cpl "FlashPlayerCPLApp.cpl" - "Adobe Systems Incorporated" - C:\Windows\system32\FlashPlayerCPLApp.cpl -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Control Panel\Cpls )----- "mlcfg32.cpl" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office12\MLCFG32.CPL "QuickTime" - "Apple Inc." - C:\Program Files\QuickTime\QTSystem\QuickTime.cpl [Drivers] -----( HKLM\SYSTEM\CurrentControlSet\Services )----- "@%SystemRoot%\system32\drivers\tsusbhub.sys,-1" (tsusbhub) - ? - C:\Windows\System32\drivers\tsusbhub.sys (File not found) "avgntflt" (avgntflt) - "Avira GmbH" - C:\Windows\System32\DRIVERS\avgntflt.sys "avipbb" (avipbb) - "Avira GmbH" - C:\Windows\System32\DRIVERS\avipbb.sys "avkmgr" (avkmgr) - "Avira GmbH" - C:\Windows\System32\DRIVERS\avkmgr.sys "catchme" (catchme) - ? - C:\Users\B4RKEE~1\AppData\Local\Temp\catchme.sys (File not found) "MBAMProtector" (MBAMProtector) - "Malwarebytes Corporation" - C:\Windows\system32\drivers\mbam.sys "MBAMSwissArmy" (MBAMSwissArmy) - ? - C:\Windows\system32\drivers\mbamswissarmy.sys (File not found) "ssmdrv" (ssmdrv) - "Avira GmbH" - C:\Windows\System32\DRIVERS\ssmdrv.sys "Synth3dVsc" (Synth3dVsc) - ? - C:\Windows\System32\drivers\synth3dvsc.sys (File not found) "uwlyiuow" (uwlyiuow) - ? - C:\Users\B4RKEE~1\AppData\Local\Temp\uwlyiuow.sys (Hidden registry entry, rootkit activity | File not found) "VGPU" (VGPU) - ? - C:\Windows\System32\drivers\rdvgkmd.sys (File not found) [Explorer] -----( HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )----- {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} "DropboxExt" - ? - (File not found | COM-object registry key not found) {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} "DropboxExt" - ? - (File not found | COM-object registry key not found) {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} "DropboxExt" - ? - (File not found | COM-object registry key not found) {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} "DropboxExt" - ? - (File not found | COM-object registry key not found) -----( HKLM\Software\Classes\Folder\shellex\ColumnHandlers )----- {F9DB5320-233E-11D1-9F84-707F02C10627} "PDF Shell Extension" - "Adobe Systems, Inc." - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll -----( HKLM\Software\Classes\Protocols\Filter )----- {807563E5-5146-11D5-A672-00B0D022E945} "Microsoft Office InfoPath XML Mime Filter" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL -----( HKLM\Software\Classes\Protocols\Handler )----- {314111c7-a502-11d2-bbca-00c04f8ec294} "HxProtocol Class" - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll {88FED34C-F0CA-4636-A375-3CB6248B04CD} "Local Groove Web Services Protocol" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office12\GRA32A~1.DLL -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks )----- {B5A7F190-DDA6-4420-B3BA-52453494E6CD} "Groove GFS Stub Execution Hook" - ? - C:\PROGRA~1\MICROS~2\Office12\GR469A~1.DLL (File not found) -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )----- {D8D1CE8C-B1EB-4E95-B63B-1531BA60E992} "DivX Property Handler" - "DivX, Inc." - C:\Program Files\DivX\DivX Plus Media Foundation Components\DivXPropertyHandler.dll {83238FAE-D346-4E12-8734-D42F7554B3E6} "DivX Thumbnail Provider" - "DivX, Inc." - C:\Program Files\DivX\DivX Plus Media Foundation Components\DivXThumbnailProvider.dll {99FD978C-D287-4F50-827F-B2C658EDA8E7} "Groove Explorer Icon Overlay 1 (GFS Unread Stub)" - ? - C:\PROGRA~1\MICROS~2\Office12\GR469A~1.DLL (File not found) {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} "Groove Explorer Icon Overlay 2 (GFS Stub)" - ? - C:\PROGRA~1\MICROS~2\Office12\GR469A~1.DLL (File not found) {920E6DB1-9907-4370-B3A0-BAFC03D81399} "Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)" - ? - C:\PROGRA~1\MICROS~2\Office12\GR469A~1.DLL (File not found) {16F3DD56-1AF5-4347-846D-7C10C4192619} "Groove Explorer Icon Overlay 3 (GFS Folder)" - ? - C:\PROGRA~1\MICROS~2\Office12\GR469A~1.DLL (File not found) {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} "Groove Explorer Icon Overlay 4 (GFS Unread Mark)" - ? - C:\PROGRA~1\MICROS~2\Office12\GR469A~1.DLL (File not found) {2A541AE1-5BF6-4665-A8A3-CFA9672E4291} "Groove Folder Synchronization" - ? - C:\PROGRA~1\MICROS~2\Office12\GR469A~1.DLL (File not found) {72853161-30C5-4D22-B7F9-0BBC1D38A37E} "Groove GFS Browser Helper" - ? - (File not found | COM-object registry key not found) {6C467336-8281-4E60-8204-430CED96822D} "Groove GFS Context Menu Handler" - ? - C:\PROGRA~1\MICROS~2\Office12\GR469A~1.DLL (File not found) {B5A7F190-DDA6-4420-B3BA-52453494E6CD} "Groove GFS Stub Execution Hook" - ? - C:\PROGRA~1\MICROS~2\Office12\GR469A~1.DLL (File not found) {A449600E-1DC6-4232-B948-9BD794D62056} "Groove GFS Stub Icon Handler" - ? - C:\PROGRA~1\MICROS~2\Office12\GR469A~1.DLL (File not found) {387E725D-DC16-4D76-B310-2C93ED4752A0} "Groove XML Icon Handler" - ? - C:\PROGRA~1\MICROS~2\Office12\GR469A~1.DLL (File not found) {42042206-2D85-11D3-8CFF-005004838597} "Microsoft Office HTML Icon Handler" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\msohevi.dll {993BE281-6695-4BA5-8A2A-7AACBFAAB69E} "Microsoft Office Metadata Handler" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll {5858A72C-C2B4-4dd7-B2BF-B76DB1BD9F6C} "Microsoft Office OneNote Namespace Extension for Windows Desktop Search" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office12\ONFILTER.DLL {00020D75-0000-0000-C000-000000000046} "Microsoft Office Outlook" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office12\MLSHEXT.DLL {C41662BB-1FA0-4CE0-8DC5-9B7F8279FF97} "Microsoft Office Thumbnail Handler" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll {0006F045-0000-0000-C000-000000000046} "Outlook File Icon Extension" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office12\OLKFSTUB.DLL {45AC2688-0253-4ED8-97DE-B5370FA7D48A} "Shell Extension for Malware scanning" - "Avira Operations GmbH & Co. KG" - C:\Program Files\Avira\AntiVir Desktop\shlext.dll {BD88A479-9623-4897-8546-BC62B9628F44} "SPTHandler" - ? - (File not found | COM-object registry key not found) {B41DB860-8EE4-11D2-9906-E49FADC173CA} "WinRAR" - "Alexander Roshal" - C:\Program Files\WinRAR\rarext.dll [Internet Explorer] -----( HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser )----- ITBar7Height "ITBar7Height" - ? - (File not found | COM-object registry key not found) <binary data> "ITBar7Layout" - ? - (File not found | COM-object registry key not found) -----( HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units )----- {8AD9C840-044E-11D1-B3E9-00805F499D93} "Java Plug-in 1.6.0_29" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} "Java Plug-in 1.6.0_29" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} "Java Plug-in 1.6.0_29" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\npjpi160_29.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab {F9043C85-F6F2-101A-A3C9-08002B2F49FB} "Microsoft Common Dialog Control, version 5.0 (SP2)" - "Microsoft Corporation" - C:\Windows\system32\comdlg32.OCX / ms-its:C:\Program Files\The Tournament Director 2\TD.lib::/comdlg32.cab {E2883E8F-472F-4FB0-9522-AC9BF37916A7} "{E2883E8F-472F-4FB0-9522-AC9BF37916A7}" - ? - (File not found | COM-object registry key not found) / hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab -----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions )----- {48E73304-E1D6-4330-914C-F5F514E3486C} "An OneNote senden" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll "ICQ7.6" - "ICQ, LLC." - C:\Program Files\ICQ7.6\ICQ.exe "PokerStars.net" - "PokerStars" - C:\Program Files\PokerStars.NET\PokerStarsUpdate.exe {FF059E31-CC5A-4E2E-BF3B-96E929D65503} "Research" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects )----- {18DF081C-E8AD-4283-A596-FA578C2EBDC3} "Adobe PDF Link Helper" - "Adobe Systems Incorporated" - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll {593DDEC6-7468-4cdd-90E1-42DADAA222E9} "DivX HiQ" - "DivX, LLC" - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll {326E768D-4182-46FD-9C16-1449A49795F4} "DivX Plus Web Player HTML5 <video>" - "DivX, LLC" - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll {DBC80044-A445-435b-BC74-9C25C1C588A9} "Java(tm) Plug-In 2 SSV Helper" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2ssv.dll [Logon] -----( %APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup )----- "desktop.ini" - ? - C:\Users\B4rkeeper\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini "Dropbox.lnk" - "Dropbox, Inc." - C:\Users\B4rkeeper\AppData\Roaming\Dropbox\bin\Dropbox.exe (Shortcut exists | File exists) -----( %AllUsersProfile%\Microsoft\Windows\Start Menu\Programs\Startup )----- "desktop.ini" - ? - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Run )----- "Adobe ARM" - "Adobe Systems Incorporated" - "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "avgnt" - "Avira Operations GmbH & Co. KG" - "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min "BisonAPP" - "Bison Inc." - C:\Windows\BisonCam\BisonAPP.exe "DivXUpdate" - ? - "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW "GrooveMonitor" - "Microsoft Corporation" - "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" "Malwarebytes' Anti-Malware" - "Malwarebytes Corporation" - "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray "Malwarebytes' Anti-Malware (reboot)" - "Malwarebytes Corporation" - "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript "Ocs_SM" - "OCS" - C:\Users\B4rkeeper\AppData\Roaming\OCS\SM\SearchAnonymizer.exe "QuickTime Task" - "Apple Inc." - "C:\Program Files\QuickTime\QTTask.exe" -atboottime "SunJavaUpdateSched" - "Sun Microsystems, Inc." - "C:\Program Files\Common Files\Java\Java Update\jusched.exe" [Print Monitors] -----( HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors )----- "Fax Lexmark 5400 Series Port" - ? - C:\Windows\system32\lxctpmon.dll "PDFCreator" - ? - C:\Windows\system32\pdfcmnnt.dll (File found, but it contains no detailed information) "Send To Microsoft OneNote Monitor" - "Microsoft Corporation" - C:\Windows\system32\msonpmon.dll [Services] -----( HKLM\SYSTEM\CurrentControlSet\Services )----- "Adobe Acrobat Update Service" (AdobeARMservice) - "Adobe Systems Incorporated" - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe "Avira Echtzeit Scanner" (AntiVirService) - "Avira Operations GmbH & Co. KG" - C:\Program Files\Avira\AntiVir Desktop\avguard.exe "Avira Planer" (AntiVirSchedulerService) - "Avira Operations GmbH & Co. KG" - C:\Program Files\Avira\AntiVir Desktop\sched.exe "Google Update Service (gupdate)" (gupdate) - "Google Inc." - C:\Program Files\Google\Update\GoogleUpdate.exe "Google Update-Dienst (gupdatem)" (gupdatem) - "Google Inc." - C:\Program Files\Google\Update\GoogleUpdate.exe "MBAMService" (MBAMService) - "Malwarebytes Corporation" - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe "Microsoft .NET Framework NGEN v4.0.30319_X86" (clr_optimization_v4.0.30319_32) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe "Microsoft Office Diagnostics Service" (odserv) - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE "Microsoft Office Groove Audit Service" (Microsoft Office Groove Audit Service) - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe "Office Source Engine" (ose) - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE "SearchAnonymizer" (SearchAnonymizer) - ? - C:\Users\B4rkeeper\AppData\Roaming\OCS\SM\SearchAnonymizerHelper.exe "TeamViewer 4" (TeamViewer4) - "TeamViewer GmbH" - C:\Program Files\TeamViewer\Version4\TeamViewer_Service.exe [Winlogon] -----( HKCU\Control Panel\Desktop )----- "SCRNSAVE.EXE" - ? - C:\Tom\DOWNLO~1\IMG056~1.SCR (File not found) ===[ Logfile end ]=========================================[ Logfile end ]=== If You have questions or want to get some help, You can visit Online Solutions :: Index aswMBR version 0.9.8.986 Copyright(c) 2011 AVAST Software Run date: 2011-10-31 11:40:23 ----------------------------- 11:40:23.531 OS Version: Windows 6.1.7601 Service Pack 1 11:40:23.531 Number of processors: 2 586 0x6801 11:40:23.531 ComputerName: B4RKEEPER-PC UserName: B4rkeeper 11:40:24.467 Initialize success 11:41:54.922 AVAST engine defs: 11103100 11:42:41.597 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000068 11:42:41.613 Disk 0 Vendor: WDC_WD16 04.0 Size: 152627MB BusType: 6 11:42:43.797 Disk 0 MBR read successfully 11:42:43.812 Disk 0 MBR scan 11:42:43.828 Disk 0 Windows XP default MBR code 11:42:44.233 Disk 0 scanning sectors +312578048 11:42:45.154 Disk 0 scanning C:\Windows\system32\drivers 11:44:05.649 Service scanning 11:44:07.573 Modules scanning 11:47:01.467 Disk 0 trace - called modules: 11:47:01.482 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys halmacpi.dll storport.sys nvstor32.sys VSTCNXT3.SYS 11:47:01.483 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x85b65030] 11:47:01.483 3 CLASSPNP.SYS[8925659e] -> nt!IofCallDriver -> [0x84cab378] 11:47:01.485 5 ACPI.sys[88a2d3d4] -> nt!IofCallDriver -> \Device\00000068[0x85586030] 11:47:02.143 AVAST engine scan C:\Windows 11:48:17.396 AVAST engine scan C:\Windows\system32 11:59:54.722 AVAST engine scan C:\Windows\system32\drivers 12:02:31.692 AVAST engine scan C:\Users\B4rkeeper 13:00:51.152 AVAST engine scan C:\ProgramData 13:17:08.414 Scan finished successfully 14:56:47.270 Disk 0 MBR has been saved successfully to "C:\Users\B4rkeeper\Desktop\MBR.dat" 14:56:47.286 The log file has been saved successfully to "C:\Users\B4rkeeper\Desktop\aswMBR.txt" |
|
31.10.2011, 15:34
| #23 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Facebook-Virus Sieht ok aus. Mach bitte zur Kontrolle Vollscans mit Malwarebytes und SUPERAntiSpyware und poste die Logs. Denk dran beide Tools zu updaten vor dem Scan!! Anschließend über den OnlineScanner von ESET eine zusätzliche Meinung zu holen ist auch nicht verkehrt: ESET Online Scanner
__________________ Logfiles bitte immer in CODE-Tags posten |
|
02.11.2011, 22:46
| #24 |
| | Facebook-Virus Abschließend nun die 3 Logs: Malwarebytes' Anti-Malware 1.51.2.1300 Malwarebytes : Free anti-malware, anti-virus and spyware removal download Datenbank Version: 8050 Windows 6.1.7601 Service Pack 1 Internet Explorer 9.0.8112.16421 01.11.2011 19:44:34 mbam-log-2011-11-01 (19-44-34).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|E:\|) Durchsuchte Objekte: 336246 Laufzeit: 2 Stunde(n), 21 Minute(n), 2 Sekunde(n) Infizierte Speicherprozesse: 0 Infizierte Speichermodule: 0 Infizierte Registrierungsschlüssel: 0 Infizierte Registrierungswerte: 0 Infizierte Dateiobjekte der Registrierung: 0 Infizierte Verzeichnisse: 0 Infizierte Dateien: 0 Infizierte Speicherprozesse: (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: (Keine bösartigen Objekte gefunden) Infizierte Dateien: (Keine bösartigen Objekte gefunden) SUPERAntiSpyware Scan Log SUPERAntiSpyware.com | Remove Malware | Remove Spyware - AntiMalware, AntiSpyware, AntiAdware! Generated 11/02/2011 at 06:23 PM Application Version : 5.0.1134 Core Rules Database Version : 7885 Trace Rules Database Version: 5697 Scan type : Complete Scan Total Scan Time : 02:22:59 Operating System Information Windows 7 Ultimate 32-bit, Service Pack 1 (Build 6.01.7601) UAC On - Limited User Memory items scanned : 609 Memory threats detected : 0 Registry items scanned : 38264 Registry threats detected : 0 File items scanned : 160652 File threats detected : 535 Adware.Tracking Cookie C:\Users\B4rkeeper\AppData\Roaming\Microsoft\Windows\Cookies\NDQPI89Q.txt [ /zedo.com ] C:\Users\B4rkeeper\AppData\Roaming\Microsoft\Windows\Cookies\LQ1OHJ7P.txt [ /pro-market.net ] C:\Users\B4rkeeper\AppData\Roaming\Microsoft\Windows\Cookies\CTI5W8K9.txt [ /adbrite.com ] C:\Users\B4rkeeper\AppData\Roaming\Microsoft\Windows\Cookies\GAQSC1GE.txt [ /adserver.adtechus.com ] C:\Users\B4rkeeper\AppData\Roaming\Microsoft\Windows\Cookies\8GPG574U.txt [ /ad3.adfarm1.adition.com ] C:\Users\B4rkeeper\AppData\Roaming\Microsoft\Windows\Cookies\TG6E2LIQ.txt [ /anrtx.tacoda.net ] C:\Users\B4rkeeper\AppData\Roaming\Microsoft\Windows\Cookies\63QUV2DN.txt [ /doubleclick.net ] C:\Users\B4rkeeper\AppData\Roaming\Microsoft\Windows\Cookies\RDA0Y0RC.txt [ /adfarm1.adition.com ] C:\Users\B4rkeeper\AppData\Roaming\Microsoft\Windows\Cookies\8OOZF92Y.txt [ /atdmt.com ] C:\USERS\B4RKEEPER\AppData\Roaming\Microsoft\Windows\Cookies\Low\EINN2B1T.txt [ Cookie:b4rkeeper@clickbank.net/ ] C:\USERS\B4RKEEPER\AppData\Roaming\Microsoft\Windows\Cookies\Low\O09NIW1X.txt [ Cookie:b4rkeeper@www.etracker.de/ ] C:\USERS\B4RKEEPER\AppData\Roaming\Microsoft\Windows\Cookies\Low\J0G3NJ2Y.txt [ Cookie:b4rkeeper@adserver.adtechus.com/ ] C:\USERS\B4RKEEPER\AppData\Roaming\Microsoft\Windows\Cookies\Low\R0VC135R.txt [ Cookie:b4rkeeper@ad.yieldmanager.com/ ] C:\USERS\B4RKEEPER\AppData\Roaming\Microsoft\Windows\Cookies\Low\38WBHAEU.txt [ Cookie:b4rkeeper@doubleclick.net/ ] C:\USERS\B4RKEEPER\AppData\Roaming\Microsoft\Windows\Cookies\Low\GHEEFWMI.txt [ Cookie:b4rkeeper@apmebf.com/ ] C:\USERS\B4RKEEPER\Cookies\NDQPI89Q.txt [ Cookie:b4rkeeper@zedo.com/ ] C:\USERS\B4RKEEPER\Cookies\LQ1OHJ7P.txt [ Cookie:b4rkeeper@pro-market.net/ ] C:\USERS\B4RKEEPER\Cookies\CTI5W8K9.txt [ Cookie:b4rkeeper@adbrite.com/ ] C:\USERS\B4RKEEPER\Cookies\GAQSC1GE.txt [ Cookie:b4rkeeper@adserver.adtechus.com/ ] C:\USERS\B4RKEEPER\Cookies\TG6E2LIQ.txt [ Cookie:b4rkeeper@anrtx.tacoda.net/ ] C:\USERS\B4RKEEPER\Cookies\63QUV2DN.txt [ Cookie:b4rkeeper@doubleclick.net/ ] C:\USERS\B4RKEEPER\Cookies\RDA0Y0RC.txt [ Cookie:b4rkeeper@adfarm1.adition.com/ ] C:\USERS\B4RKEEPER\Cookies\8OOZF92Y.txt [ Cookie:b4rkeeper@atdmt.com/ ] .cunttt.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .cunttt.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .cunttt.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .atdmt.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .imrworldwide.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .imrworldwide.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .revsci.net [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] ad.yieldmanager.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .revsci.net [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .im.banner.t-online.de [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .serving-sys.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .serving-sys.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .olympiaverlag.122.2o7.net [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .xiti.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .smartadserver.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .specificclick.net [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .apmebf.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .mediaplex.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] CPCADV [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .cpcadnet.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .revsci.net [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] track.effiliation.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .revsci.net [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .revsci.net [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] ADTECH Ad Server Solutions for Publishers, Ad Networks, Agencies and Advertisers - [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .traffichaus.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .adultfriendfinder.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .ero-advertising.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] ads.ventivmedia.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] ads2.zeusclicks.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .hardsextube.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .hardsextube.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .hardsextube.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .hardsextube.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .pornologo.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .pornologo.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .pornologo.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .histats.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] free porn - king of pornography at Pornologo [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] free porn - king of pornography at Pornologo [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] free porn - king of pornography at Pornologo [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] free porn - king of pornography at Pornologo [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] free porn - king of pornography at Pornologo [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] free porn - king of pornography at Pornologo [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] free porn - king of pornography at Pornologo [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] free porn - king of pornography at Pornologo [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .histats.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] free porn - king of pornography at Pornologo [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] FPCTraffic - turning traffic into cash [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] FPCTraffic - turning traffic into cash [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] free porn - king of pornography at Pornologo [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] delivery.trafficbroker.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .trafficholder.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .atdmt.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] de.sitestat.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] de.sitestat.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .zedo.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .zedo.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .adbrite.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] filter.plusfind.net [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] edates.traffective-tracking.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] edates.traffective-tracking.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] edates.traffective-tracking.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] edates.traffective-tracking.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .webmasterplan.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .yadro.ru [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] tracking.oasis.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] tracking.oasis.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .clickbank.net [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .clickbank.net [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] Google [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .advertise.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .apmebf.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .doubleclick.net [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .vodafonegroup.122.2o7.net [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] adserver.sevenload.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] etracker Home - forget log-file analysis, this is real-time Web Analytics and online market research [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .ad.adnet.de [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] eas.apm.emediate.eu [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] track.adform.net [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] ads.adxvalue.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] ads.adxvalue.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] ads.adxvalue.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] ads.adxvalue.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .hardsextube.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .hardsextube.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .hardsextube.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .stats.ilivid.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] ad.yieldmanager.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .adxpose.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .myroitracking.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .clicksor.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .clicksor.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .clicksor.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .rambler.ru [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .aim4media.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] fr.sitestat.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] fr.sitestat.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .webmasterplan.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .pro-market.net [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .hardsextube.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .hardsextube.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .hardsextube.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] Free Porn Movies | PornTube.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .porntube.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .porntube.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .porntube.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] Free Porn Movies | PornTube.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] Free Porn Movies | PornTube.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] Free Porn Movies | PornTube.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] Free Porn Movies | PornTube.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] Free Porn Movies | PornTube.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] Free Porn Movies | PornTube.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] Free Porn Movies | PornTube.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] Free Porn Movies | PornTube.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] Free Porn Movies | PornTube.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] Free Porn Movies | PornTube.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] Free Porn Movies | PornTube.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] Free Porn Movies | PornTube.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] Free Porn Movies | PornTube.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] Free Porn Movies | PornTube.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .porntube.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .porntube.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .porntube.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] Free Porn Movies | PornTube.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] FPCTraffic - turning traffic into cash [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .pornoadler.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .pornoadler.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] FPCTraffic - turning traffic into cash [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .trafficholder.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] go.trafficshop.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] go.trafficshop.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .hardsextube.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .hardsextube.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .hardsextube.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .webmasterplan.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .adbrite.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .adbrite.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .partypoker.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .partypoker.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .de.partypoker.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .partypoker.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] wmedia.rotator.hadj7.adjuggler.net [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] wmedia.rotator.hadj7.adjuggler.net [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] wmedia.rotator.hadj7.adjuggler.net [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .casalemedia.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .casalemedia.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .casalemedia.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .casalemedia.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .casalemedia.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .casalemedia.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .yieldmanager.net [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .invitemedia.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .realmedia.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] network.realmedia.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .invitemedia.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] 1.sharkadnetwork.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] 1.sharkadnetwork.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .mediaplex.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .trafficmp.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .trafficmp.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .trafficmp.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] adserver2.clipkit.de [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .girlsteachsex.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .toplist.eu [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] Hard Sex Tube - for every fan of hot porn videos and free porn [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .hardsextube.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .hardsextube.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .hardsextube.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] dev.hardsextube.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] Hard Sex Tube - for every fan of hot porn videos and free porn [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] Hard Sex Tube - for every fan of hot porn videos and free porn [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .hardsextube.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .hardsextube.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .hardsextube.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .hardsextube.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .hardsextube.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .hardsextube.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .hardsextube.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] adserver.hardsextube.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .hardsextube.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .adtech.de [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .traffictrack.de [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .traffictrack.de [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .tto2.traffictrack.de [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .deutschepostag.112.2o7.net [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .invitemedia.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] logging.ourstats.de [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] etracker Home - forget log-file analysis, this is real-time Web Analytics and online market research [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] etracker Home - forget log-file analysis, this is real-time Web Analytics and online market research [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .tradedoubler.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .tradedoubler.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] UseNeXT | In vollem DSL-Speed aus dem Usenet downloaden! [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .ad.adnet.de [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] ads.adxvalue.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .ad.adnet.de [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] trekmedia.net [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] ad.zanox.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .ru4.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .ru4.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .azjmp.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .aim4media.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .webmasterplan.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .azjmp.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .azjmp.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .azjmp.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .azjmp.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .azjmp.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] count.asnetworks.de [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] eas.apm.emediate.eu [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] eas.apm.emediate.eu [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .markussexblog.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .markussexblog.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .rambler.ru [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .h2porn.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .h2porn.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .h2porn.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .h2porn.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .h2porn.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .h2porn.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .h2porn.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .h2porn.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .h2porn.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .tracking.quisma.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .tracking.quisma.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] tracking.quisma.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .adbrite.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .2o7.net [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .invitemedia.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] de.sitestat.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .im.banner.t-online.de [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .im.banner.t-online.de [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .webmasterplan.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .ad.yieldmanager.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .ad.yieldmanager.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] ad1.emediate.dk [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] ad1.emediate.dk [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] ad1.emediate.dk [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] ad1.adfarm1.adition.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .media6degrees.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .media6degrees.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .media6degrees.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .adviva.net [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] adfarm1.adition.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .mmotraffic.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .mmotraffic.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] tracking.gameforge.de [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .ads.quartermedia.de [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] newsclick.de - Braunschweiger Zeitung, Salzgitter-Zeitung, Wolfsburger Nachrichten, Peiner Nachrichten, Gifhorner Rundschau [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .newsclick.de [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .newsclick.de [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .newsclick.de [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .tracking.quisma.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .webmasterplan.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .xm.xtendmedia.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] www9.addfreestats.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .smartadserver.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .tracking.quisma.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .webmasterplan.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .webmasterplan.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] Comunio Statistiken [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] adserver2.exgfnetwork.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] track.effiliation.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] track.effiliation.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] track.effiliation.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] track.effiliation.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] track.effiliation.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] adx.chip.de [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .tracking.quisma.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .webmasterplan.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .tracking.mindshare.de [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] adx.chip.de [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] ad.yieldmanager.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .tracking.quisma.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .smartadserver.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .smartadserver.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .smartadserver.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] ad.yieldmanager.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .adbrite.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .adbrite.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .tradedoubler.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .webmasterplan.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .webmasterplan.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] rts.pgmediaserve.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] rts.pgmediaserve.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] rts.pgmediaserve.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .partypoker.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .partypoker.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .partypoker.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .de.partypoker.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .de.partypoker.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .de.partypoker.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .de.partypoker.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .tracking.quisma.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .exoclick.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] FPCTraffic - turning traffic into cash [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .pornoxo.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .pornoxo.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .pornoxo.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] Porno tube - Adult Streaming Sex Tube Videos at PornoXO - page 1 [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] Porno tube - Adult Streaming Sex Tube Videos at PornoXO - page 1 [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .alphaporno.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .alphaporno.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .alphaporno.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .alphaporno.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .alphaporno.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .alphaporno.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .alphaporno.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .alphaporno.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .pornoxo.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .pornoxo.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .pornoxo.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .pornoxo.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .toplist.cz [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .adxpansion.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .apmebf.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] ad1.dyntracker.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .revsci.net [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .revsci.net [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .revsci.net [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .revsci.net [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .comstats.de [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .comstats.de [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .comstats.de [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .fastclick.net [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] Modelabel Shopsuche Labelverzeichnis und Shopverzeichnis - TheLabelFinder.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] TLDAdserv.com - Ihr Partner für seriöse Auszahlungen [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .tradedoubler.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] ww251.smartadserver.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .smartadserver.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .smartadserver.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .smartadserver.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .smartadserver.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .tracking.quisma.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .webmasterplan.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .webmasterplan.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .tribalfusion.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .adbrite.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .adbrite.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .adbrite.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .statcounter.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] ad.yieldmanager.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .questionmarket.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] www.zanox-affiliate.de [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .weborama.fr [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .weborama.fr [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .xing.solution.weborama.fr [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] ads.crakmedia.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] track.adform.net [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .adform.net [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .zanox-affiliate.de [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] tracking.quisma.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] ad.zanox.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .tracking.quisma.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .unitymedia.de [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .unitymedia.de [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .tracking.quisma.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .tradedoubler.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] ad4.adfarm1.adition.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .tradedoubler.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .zanox.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .traffictrack.de [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .hightraffic.hugoboss.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .hightraffic.hugoboss.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .hightraffic.hugoboss.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .exoclick.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .adultfriendfinder.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .adultfriendfinder.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .adultfriendfinder.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .adultfriendfinder.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .adultfriendfinder.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .adultfriendfinder.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .adultfriendfinder.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .adultfriendfinder.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] testtaketraffic.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] testtaketraffic.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] testtaketraffic.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] testtaketraffic.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] testtaketraffic.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .js.pixelrevenue.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .adtech.de [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .mediaplex.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .bs.serving-sys.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] ad2.adfarm1.adition.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .adfarm1.adition.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .adfarm1.adition.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] accounts.youtube.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] accounts.google.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .stats.betradar.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .stats.betradar.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .stats.betradar.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .serving-sys.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .serving-sys.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .adfarm1.adition.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] ad3.adfarm1.adition.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .zedo.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .zedo.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .zedo.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .zedo.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] ad.yieldmanager.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] ad.yieldmanager.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] ad.yieldmanager.com [ C:\USERS\B4RKEEPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] imagesrv.adition.com [ C:\USERS\B4RKEEPER\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\BECUN2NC ] secure-uk.imrworldwide.com [ C:\USERS\B4RKEEPER\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\BECUN2NC ] Alpha Porno - Free XXX porn TUBE MOVIES. Free Sex Video [ C:\USERS\B4RKEEPER\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\BECUN2NC ] filter.plusfind.net [ C:\USERS\B4RKEEPER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Y62OL1TS.DEFAULT\COOKIES.SQLITE ] ad.yieldmanager.com [ C:\USERS\B4RKEEPER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Y62OL1TS.DEFAULT\COOKIES.SQLITE ] .im.banner.t-online.de [ C:\USERS\B4RKEEPER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Y62OL1TS.DEFAULT\COOKIES.SQLITE ] .doubleclick.net [ C:\USERS\B4RKEEPER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Y62OL1TS.DEFAULT\COOKIES.SQLITE ] .xiti.com [ C:\USERS\B4RKEEPER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Y62OL1TS.DEFAULT\COOKIES.SQLITE ] ad1.adfarm1.adition.com [ C:\USERS\B4RKEEPER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Y62OL1TS.DEFAULT\COOKIES.SQLITE ] .smartadserver.com [ C:\USERS\B4RKEEPER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Y62OL1TS.DEFAULT\COOKIES.SQLITE ] .zedo.com [ C:\USERS\B4RKEEPER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Y62OL1TS.DEFAULT\COOKIES.SQLITE ] .zedo.com [ C:\USERS\B4RKEEPER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Y62OL1TS.DEFAULT\COOKIES.SQLITE ] www9.addfreestats.com [ C:\USERS\B4RKEEPER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Y62OL1TS.DEFAULT\COOKIES.SQLITE ] .adserver.adtechus.com [ C:\USERS\B4RKEEPER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Y62OL1TS.DEFAULT\COOKIES.SQLITE ] .rambler.ru [ C:\USERS\B4RKEEPER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Y62OL1TS.DEFAULT\COOKIES.SQLITE ] .yadro.ru [ C:\USERS\B4RKEEPER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Y62OL1TS.DEFAULT\COOKIES.SQLITE ] .histats.com [ C:\USERS\B4RKEEPER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Y62OL1TS.DEFAULT\COOKIES.SQLITE ] .histats.com [ C:\USERS\B4RKEEPER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Y62OL1TS.DEFAULT\COOKIES.SQLITE ] banners.victor.com [ C:\USERS\B4RKEEPER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Y62OL1TS.DEFAULT\COOKIES.SQLITE ] .apmebf.com [ C:\USERS\B4RKEEPER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Y62OL1TS.DEFAULT\COOKIES.SQLITE ] .mediaplex.com [ C:\USERS\B4RKEEPER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Y62OL1TS.DEFAULT\COOKIES.SQLITE ] .atdmt.com [ C:\USERS\B4RKEEPER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Y62OL1TS.DEFAULT\COOKIES.SQLITE ] .atdmt.com [ C:\USERS\B4RKEEPER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Y62OL1TS.DEFAULT\COOKIES.SQLITE ] banners.victor.com [ C:\USERS\B4RKEEPER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Y62OL1TS.DEFAULT\COOKIES.SQLITE ] .banners.victor.com [ C:\USERS\B4RKEEPER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Y62OL1TS.DEFAULT\COOKIES.SQLITE ] .content.yieldmanager.com [ C:\USERS\B4RKEEPER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Y62OL1TS.DEFAULT\COOKIES.SQLITE ] track.adform.net [ C:\USERS\B4RKEEPER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Y62OL1TS.DEFAULT\COOKIES.SQLITE ] .olympiaverlag.122.2o7.net [ C:\USERS\B4RKEEPER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Y62OL1TS.DEFAULT\COOKIES.SQLITE ] .serving-sys.com [ C:\USERS\B4RKEEPER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Y62OL1TS.DEFAULT\COOKIES.SQLITE ] .serving-sys.com [ C:\USERS\B4RKEEPER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Y62OL1TS.DEFAULT\COOKIES.SQLITE ] .serving-sys.com [ C:\USERS\B4RKEEPER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Y62OL1TS.DEFAULT\COOKIES.SQLITE ] ww251.smartadserver.com [ C:\USERS\B4RKEEPER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Y62OL1TS.DEFAULT\COOKIES.SQLITE ] ad4.adfarm1.adition.com [ C:\USERS\B4RKEEPER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Y62OL1TS.DEFAULT\COOKIES.SQLITE ] .adfarm1.adition.com [ C:\USERS\B4RKEEPER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Y62OL1TS.DEFAULT\COOKIES.SQLITE ] .adfarm1.adition.com [ C:\USERS\B4RKEEPER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Y62OL1TS.DEFAULT\COOKIES.SQLITE ] .mediaplex.com [ C:\USERS\B4RKEEPER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Y62OL1TS.DEFAULT\COOKIES.SQLITE ] .trafficmp.com [ C:\USERS\B4RKEEPER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Y62OL1TS.DEFAULT\COOKIES.SQLITE ] .mmotraffic.com [ C:\USERS\B4RKEEPER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Y62OL1TS.DEFAULT\COOKIES.SQLITE ] .mmotraffic.com [ C:\USERS\B4RKEEPER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Y62OL1TS.DEFAULT\COOKIES.SQLITE ] .adfarm1.adition.com [ C:\USERS\B4RKEEPER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Y62OL1TS.DEFAULT\COOKIES.SQLITE ] adfarm1.adition.com [ C:\USERS\B4RKEEPER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Y62OL1TS.DEFAULT\COOKIES.SQLITE ] .mediaplex.com [ C:\USERS\B4RKEEPER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Y62OL1TS.DEFAULT\COOKIES.SQLITE ] .zedo.com [ C:\USERS\B4RKEEPER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Y62OL1TS.DEFAULT\COOKIES.SQLITE ] ad.yieldmanager.com [ C:\USERS\B4RKEEPER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Y62OL1TS.DEFAULT\COOKIES.SQLITE ] ad.zanox.com [ C:\USERS\B4RKEEPER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Y62OL1TS.DEFAULT\COOKIES.SQLITE ] .zanox-affiliate.de [ C:\USERS\B4RKEEPER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Y62OL1TS.DEFAULT\COOKIES.SQLITE ] .zanox.com [ C:\USERS\B4RKEEPER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Y62OL1TS.DEFAULT\COOKIES.SQLITE ] .traffictrack.de [ C:\USERS\B4RKEEPER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Y62OL1TS.DEFAULT\COOKIES.SQLITE ] .tracking.quisma.com [ C:\USERS\B4RKEEPER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Y62OL1TS.DEFAULT\COOKIES.SQLITE ] tracking.quisma.com [ C:\USERS\B4RKEEPER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Y62OL1TS.DEFAULT\COOKIES.SQLITE ] tracking.quisma.com [ C:\USERS\B4RKEEPER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Y62OL1TS.DEFAULT\COOKIES.SQLITE ] .adfarm1.adition.com [ C:\USERS\B4RKEEPER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Y62OL1TS.DEFAULT\COOKIES.SQLITE ] .imrworldwide.com [ C:\USERS\B4RKEEPER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Y62OL1TS.DEFAULT\COOKIES.SQLITE ] .imrworldwide.com [ C:\USERS\B4RKEEPER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Y62OL1TS.DEFAULT\COOKIES.SQLITE ] .azjmp.com [ C:\USERS\B4RKEEPER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Y62OL1TS.DEFAULT\COOKIES.SQLITE ] .azjmp.com [ C:\USERS\B4RKEEPER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Y62OL1TS.DEFAULT\COOKIES.SQLITE ] .azjmp.com [ C:\USERS\B4RKEEPER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Y62OL1TS.DEFAULT\COOKIES.SQLITE ] ad.yieldmanager.com [ C:\USERS\B4RKEEPER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Y62OL1TS.DEFAULT\COOKIES.SQLITE ] .trafficmp.com [ C:\USERS\B4RKEEPER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Y62OL1TS.DEFAULT\COOKIES.SQLITE ] .trafficmp.com [ C:\USERS\B4RKEEPER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Y62OL1TS.DEFAULT\COOKIES.SQLITE ] .tribalfusion.com [ C:\USERS\B4RKEEPER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Y62OL1TS.DEFAULT\COOKIES.SQLITE ] .smartadserver.com [ C:\USERS\B4RKEEPER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Y62OL1TS.DEFAULT\COOKIES.SQLITE ] .smartadserver.com [ C:\USERS\B4RKEEPER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Y62OL1TS.DEFAULT\COOKIES.SQLITE ] track.adform.net [ C:\USERS\B4RKEEPER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Y62OL1TS.DEFAULT\COOKIES.SQLITE ] .adform.net [ C:\USERS\B4RKEEPER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Y62OL1TS.DEFAULT\COOKIES.SQLITE ] .tracking.quisma.com [ C:\USERS\B4RKEEPER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Y62OL1TS.DEFAULT\COOKIES.SQLITE ] .adfarm1.adition.com [ C:\USERS\B4RKEEPER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Y62OL1TS.DEFAULT\COOKIES.SQLITE ] tracking.gameforge.de [ C:\USERS\B4RKEEPER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Y62OL1TS.DEFAULT\COOKIES.SQLITE ] .zedo.com [ C:\USERS\B4RKEEPER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Y62OL1TS.DEFAULT\COOKIES.SQLITE ] .zedo.com [ C:\USERS\B4RKEEPER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Y62OL1TS.DEFAULT\COOKIES.SQLITE ] .zedo.com [ C:\USERS\B4RKEEPER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Y62OL1TS.DEFAULT\COOKIES.SQLITE ] .smartadserver.com [ C:\USERS\B4RKEEPER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Y62OL1TS.DEFAULT\COOKIES.SQLITE ] .smartadserver.com [ C:\USERS\B4RKEEPER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Y62OL1TS.DEFAULT\COOKIES.SQLITE ] .smartadserver.com [ C:\USERS\B4RKEEPER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Y62OL1TS.DEFAULT\COOKIES.SQLITE ] .rambler.ru [ C:\USERS\B4RKEEPER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Y62OL1TS.DEFAULT\COOKIES.SQLITE ] ad.yieldmanager.com [ C:\USERS\B4RKEEPER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Y62OL1TS.DEFAULT\COOKIES.SQLITE ] .statcounter.com [ C:\USERS\B4RKEEPER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Y62OL1TS.DEFAULT\COOKIES.SQLITE ] .statcounter.com [ C:\USERS\B4RKEEPER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Y62OL1TS.DEFAULT\COOKIES.SQLITE ] ad.yieldmanager.com [ C:\USERS\B4RKEEPER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Y62OL1TS.DEFAULT\COOKIES.SQLITE ] ad.yieldmanager.com [ C:\USERS\B4RKEEPER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Y62OL1TS.DEFAULT\COOKIES.SQLITE ] ad.yieldmanager.com [ C:\USERS\B4RKEEPER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Y62OL1TS.DEFAULT\COOKIES.SQLITE ] ad.yieldmanager.com [ C:\USERS\B4RKEEPER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Y62OL1TS.DEFAULT\COOKIES.SQLITE ] accounts.youtube.com [ C:\USERS\B4RKEEPER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Y62OL1TS.DEFAULT\COOKIES.SQLITE ] .adfarm1.adition.com [ C:\USERS\B4RKEEPER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Y62OL1TS.DEFAULT\COOKIES.SQLITE ] ad3.adfarm1.adition.com [ C:\USERS\B4RKEEPER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Y62OL1TS.DEFAULT\COOKIES.SQLITE ] .adfarm1.adition.com [ C:\USERS\B4RKEEPER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Y62OL1TS.DEFAULT\COOKIES.SQLITE ] .adfarm1.adition.com [ C:\USERS\B4RKEEPER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Y62OL1TS.DEFAULT\COOKIES.SQLITE ] ad2.adfarm1.adition.com [ C:\USERS\B4RKEEPER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Y62OL1TS.DEFAULT\COOKIES.SQLITE ] .adfarm1.adition.com [ C:\USERS\B4RKEEPER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Y62OL1TS.DEFAULT\COOKIES.SQLITE ] accounts.google.com [ C:\USERS\B4RKEEPER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Y62OL1TS.DEFAULT\COOKIES.SQLITE ] .adultfriendfinder.com [ C:\USERS\B4RKEEPER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Y62OL1TS.DEFAULT\COOKIES.SQLITE ] .exoclick.com [ C:\USERS\B4RKEEPER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Y62OL1TS.DEFAULT\COOKIES.SQLITE ] .adultfriendfinder.com [ C:\USERS\B4RKEEPER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Y62OL1TS.DEFAULT\COOKIES.SQLITE ] .adultfriendfinder.com [ C:\USERS\B4RKEEPER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Y62OL1TS.DEFAULT\COOKIES.SQLITE ] .adultfriendfinder.com [ C:\USERS\B4RKEEPER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Y62OL1TS.DEFAULT\COOKIES.SQLITE ] .adultfriendfinder.com [ C:\USERS\B4RKEEPER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Y62OL1TS.DEFAULT\COOKIES.SQLITE ] .adultfriendfinder.com [ C:\USERS\B4RKEEPER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Y62OL1TS.DEFAULT\COOKIES.SQLITE ] .adultfriendfinder.com [ C:\USERS\B4RKEEPER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Y62OL1TS.DEFAULT\COOKIES.SQLITE ] .adultfriendfinder.com [ C:\USERS\B4RKEEPER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Y62OL1TS.DEFAULT\COOKIES.SQLITE ] .adultfriendfinder.com [ C:\USERS\B4RKEEPER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Y62OL1TS.DEFAULT\COOKIES.SQLITE ] C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@BIZZCLICK[1].TXT [ /BIZZCLICK ] C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@CLICKSOR[2].TXT [ /CLICKSOR ] C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@WWW.CPCADNET[2].TXT [ /WWW.CPCADNET ] C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@WWW.CPCADNET[1].TXT [ /WWW.CPCADNET ] C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@AD.YIELDMANAGER[1].TXT [ /AD.YIELDMANAGER ] C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@TRADEDOUBLER[1].TXT [ /TRADEDOUBLER ] C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@BANNER.POKER770[2].TXT [ /BANNER.POKER770 ] C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@MYROITRACKING[1].TXT [ /MYROITRACKING ] C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@DOUBLECLICK[1].TXT [ /DOUBLECLICK ] C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@CONTENT.YIELDMANAGER[1].TXT [ /CONTENT.YIELDMANAGER ] C:\Tom\Setup\Everest Pokernet.exe a variant of Win32/Casino application C:\Tom\Setup\registrybooster.exe Win32/RegistryBooster application C:\Tom\Setup\SoftonicDownloader_fuer_oben-up-meet-dug-screensaver.exe a variant of Win32/SoftonicDownloader.A application C:\Tom\Setup\uusee_2008.exe probably a variant of Win32/Agent.HKUJHEL trojan C:\Tom\Setup\icq_7.0_build_1211_banner_remover\ICQ 7.0 Build #1211 Banner Remover 1.0 Setup.exe Win32/Adware.ADON application C:\Tom\Setup\icq_lite_7.0_build_1509_banner_remover\ICQ Lite 7.0 Build #1509 Banner Remover 1.0 Setup.exe Win32/Adware.ADON application |
|
02.11.2011, 22:58
| #25 | ||
| /// Winkelfunktion /// TB-Süch-Tiger™ | Facebook-VirusZitat:
Die Registry ist das Hirn des Systems. Funktioniert das Hirn nicht, funktioniert der Rest nicht mehr wirklich. Wir lesen oft genug von Hilfesuchenden, dass deren System nach der Nutzung von Registry Cleanern nicht mehr booted.
Ein sogenanntes False Positive von einem Cleaner kann auch dein System unbootbar machen. Zerstörst Du die Registry, zerstörst Du Windows. Zitat:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
03.11.2011, 12:18
| #26 |
| | Facebook-Virus Hallo, danke erstmal für die nützlichen Tipps! Ich habe die beiden angesprochenen exe-Dateien jetzt mal gelöscht. Normalerweise besorge ich mir sämtliche Freeware über chip.de, jedoch kann es in der Vergangenheit durchaus passiert sein, dass ich auf anderen Plattformen aktiv war. Noch 2 Fragen zum Schluss vielleicht: In letzter Zeit erscheint bei mir öfters beim Surfen der blaue Bildschirm (Crash Dump). Da es gestern zuletzt passierte, hat es wohl nichts mit den bekannten Schädlingen zu tun!? Und um nochmal auf das Windows-Sicherheitscenter (die weiße Flagge in der Leiste) zurückzukommen: Diese existiert bei mir nicht mehr! Brauche ich das überhaupt zwingend? Und wenn ja: Wie kann ich es wieder aktivieren? Vielen Dank schonmal! Gruß Tom |
|
03.11.2011, 13:11
| #27 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Facebook-Virus Abgesehen von den zwei weiteren Fragen: Rechner erstmal wieder im Lot? Wenn ja, würde ich erstmal ein Update empfehlen, dann erübrigen sich diese vllt. Die Programme, die hier zum Einsatz kamen, können alle wieder runter. CF kann über Start, Ausführen mit combofix /uninstall entfernt werden. Melde dich falls es da Fehlermeldungen zu gibt. Malwarebytes zu behalten ist kein Fehler. Kannst ja 1x im Monat damit scannen, aber immer vorher ans Update denken. Bitte abschließend die Updates prüfen, unten mein Leitfaden dazu. Um in Zukunft die Aktualität der installierten Programme besser im Überblick zu halten, kannst du zB Secunia PSI verwenden. Für noch mehr Sicherheit solltest Du nach der beseitigten Infektion auch möglichst alle Passwörter ändern. Microsoftupdate Windows XP: Besuch mit dem IE die MS-Updateseite und lass Dir alle wichtigen Updates installieren. Windows Vista/7: Anleitung Windows-Update PDF-Reader aktualisieren Ein veralteter AdobeReader stellt ein großes Sicherheitsrisiko dar. Du solltest daher besser alte Versionen vom AdobeReader über Systemsteuerung => Software bzw. Programme und Funktionen deinstallieren, indem Du dort auf "Adobe Reader x.0" klickst und das Programm entfernst. (falls du AdobeReader installiert hast) Ich empfehle einen alternativen PDF-Reader wie PDF Xchange Viewer, SumatraPDF oder Foxit PDF Reader, die sind sehr viel schlanker und flotter als der AdobeReader. Bitte überprüf bei der Gelegenheit auch die Aktualität des Flashplayers, hier der direkte Downloadlink: Mozilla und andere Browser => http://filepony.de/?q=Flash+Player Internet Explorer => http://fpdownload.adobe.com/get/flas..._player_ax.exe Natürlich auch darauf achten, dass andere installierte Browser wie zB Firefox, Opera oder Chrome aktuell sind. Java-Update Veraltete Java-Installationen sind ein Sicherheitsrisiko, daher solltest Du die alten Versionen löschen (falls vorhanden, am besten mit JavaRa) und auf die neuste aktualisieren. Beende dazu alle Programme (v.a. die Browser), klick danach auf Start, Systemsteuerung, Software und deinstalliere darüber alle aufgelisteten Java-Versionen. Lad Dir danach von hier das aktuelle Java SE Runtime Environment (JRE) herunter und installiere es.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
| Themen zu Facebook-Virus |
| antivir, autorun, avg, avira, backdoor.cycbot, bho, browser, conduit, continue, converter, desktop, error, excel, excel.exe, flash player, format, host.exe, install.exe, jdownloader, langs, logfile, lvvm.exe, mbamservice.exe, microsoft office word, mozilla, mp3, nvlddmkm.sys, object, plug-in, realtek, registry, revo uninstaller, rundll, scan, sched.exe, security, senden, shell32.dll, software, studio, taskhost.exe, usb 2.0, video converter, webcheck, wlan |
Linear-Darstellung
