| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Avast blockiert URL bei Google ChromeWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
24.09.2012, 14:04
| #16 |
| /// Winkelfunktion /// TB-Süch-Tiger™   |  Avast blockiert URL bei Google Chrome Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten Anleitung und Downloadlink hier => http://www.trojaner-board.de/82358-t...entfernen.html Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm! Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet, Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten. Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition ( meistens Laufwerk C: ) nach, da speichert der TDSS-Killer seine Logs. Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten! 
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
24.09.2012, 15:33
| #17 |
 | Avast blockiert URL bei Google Chrome Der Beitrag würde gute 3000 Zeichen zu lang sein und somit die maximale Länge übersteigen.
__________________Wie soll ich dir also den Report posten? |
|
24.09.2012, 19:44
| #18 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Avast blockiert URL bei Google Chrome Wenn es nur ein Zehntel davon wäre, hättest du es in zwei oder drei Beiträge verteilt posten können aber so
__________________ Bitte das Log zippen und hier anhängen. Wenn's zu groß ist muss es so sein
__________________ |
|
24.09.2012, 21:05
| #19 |
| | Avast blockiert URL bei Google Chrome Ich teile es nun doch. Natürlich die beste Idee... Unfassbar wie dumm ich mir vorkomme [code] Code:
ATTFilter 16:21:29.0029 1180 TDSS rootkit removing tool 2.8.10.0 Sep 17 2012 19:23:24
16:21:29.0387 1180 ============================================================
16:21:29.0387 1180 Current date / time: 2012/09/24 16:21:29.0387
16:21:29.0387 1180 SystemInfo:
16:21:29.0387 1180
16:21:29.0388 1180 OS Version: 6.0.6000 ServicePack: 0.0
16:21:29.0388 1180 Product type: Workstation
16:21:29.0388 1180 ComputerName: POSSEHL-PC
16:21:29.0388 1180 UserName: Possehl
16:21:29.0388 1180 Windows directory: C:\Windows
16:21:29.0388 1180 System windows directory: C:\Windows
16:21:29.0389 1180 Processor architecture: Intel x86
16:21:29.0389 1180 Number of processors: 2
16:21:29.0389 1180 Page size: 0x1000
16:21:29.0389 1180 Boot type: Normal boot
16:21:29.0389 1180 ============================================================
16:21:30.0172 1180 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
16:21:30.0174 1180 ============================================================
16:21:30.0174 1180 \Device\Harddisk0\DR0:
16:21:30.0175 1180 MBR partitions:
16:21:30.0175 1180 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1770800, BlocksNum 0x12831000
16:21:30.0175 1180 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x13FA1800, BlocksNum 0x9223800
16:21:30.0175 1180 ============================================================
16:21:30.0210 1180 C: <-> \Device\Harddisk0\DR0\Partition1
16:21:30.0254 1180 D: <-> \Device\Harddisk0\DR0\Partition2
16:21:30.0254 1180 ============================================================
16:21:30.0255 1180 Initialize success
16:21:30.0255 1180 ============================================================
16:21:33.0594 5068 ============================================================
16:21:33.0594 5068 Scan started
16:21:33.0594 5068 Mode: Manual;
16:21:33.0594 5068 ============================================================
16:21:33.0915 5068 ================ Scan system memory ========================
16:21:33.0915 5068 System memory - ok
16:21:33.0916 5068 ================ Scan services =============================
16:21:34.0157 5068 [ 84FC6DF81212D16BE5C4F441682FECCC ] ACPI C:\Windows\system32\drivers\acpi.sys
16:21:34.0161 5068 ACPI - ok
16:21:34.0280 5068 [ 3FD8DC2C9735C2AA70155102CFB93EDA ] AdobeActiveFileMonitor7.0 C:\Program Files\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe
16:21:34.0286 5068 AdobeActiveFileMonitor7.0 - ok
16:21:34.0436 5068 [ B2B64AF436FACCFA854DD397027C5360 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
16:21:34.0441 5068 AdobeFlashPlayerUpdateSvc - ok
16:21:34.0503 5068 [ 2EDC5BBAC6C651ECE337BDE8ED97C9FB ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
16:21:34.0513 5068 adp94xx - ok
16:21:34.0570 5068 [ B84088CA3CDCA97DA44A984C6CE1CCAD ] adpahci C:\Windows\system32\drivers\adpahci.sys
16:21:34.0577 5068 adpahci - ok
16:21:34.0599 5068 [ 7880C67BCCC27C86FD05AA2AFB5EA469 ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
16:21:34.0602 5068 adpu160m - ok
16:21:34.0619 5068 [ 9AE713F8E30EFC2ABCCD84904333DF4D ] adpu320 C:\Windows\system32\drivers\adpu320.sys
16:21:34.0623 5068 adpu320 - ok
16:21:34.0663 5068 [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
16:21:34.0664 5068 AeLookupSvc - ok
16:21:34.0685 5068 [ 5D24CAF8EFD924A875698FF28384DB8B ] AFD C:\Windows\system32\drivers\afd.sys
16:21:34.0691 5068 AFD - ok
16:21:34.0719 5068 [ 198636E76971EBC96404547EC0FD5E75 ] agp440 C:\Windows\system32\drivers\agp440.sys
16:21:34.0721 5068 agp440 - ok
16:21:34.0748 5068 [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx C:\Windows\system32\drivers\djsvs.sys
16:21:34.0750 5068 aic78xx - ok
16:21:34.0764 5068 [ E69FB0E3112C40FDC0EF7D21A52DC951 ] ALG C:\Windows\System32\alg.exe
16:21:34.0766 5068 ALG - ok
16:21:34.0803 5068 [ 0B3B337A68D9A75CC8D787DC98B53D79 ] aliide C:\Windows\system32\drivers\aliide.sys
16:21:34.0805 5068 aliide - ok
16:21:34.0834 5068 [ 2363ABC8989A14FD7247CA6F4E89D397 ] amdagp C:\Windows\system32\drivers\amdagp.sys
16:21:34.0836 5068 amdagp - ok
16:21:34.0858 5068 [ 468A204966D09F327A662C35F4B15DD3 ] amdide C:\Windows\system32\drivers\amdide.sys
16:21:34.0860 5068 amdide - ok
16:21:34.0897 5068 [ DC487885BCEF9F28EECE6FAC0E5DDFC5 ] AmdK7 C:\Windows\system32\drivers\amdk7.sys
16:21:34.0899 5068 AmdK7 - ok
16:21:34.0946 5068 [ 0CA0071DA4315B00FC1328CA86B425DA ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
16:21:34.0947 5068 AmdK8 - ok
16:21:34.0997 5068 [ CFA455816879F06F1C4E5BBF9E8AEF7D ] Appinfo C:\Windows\System32\appinfo.dll
16:21:34.0998 5068 Appinfo - ok
16:21:35.0112 5068 [ 7EF47644B74EBE721CC32211D3C35E76 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
16:21:35.0115 5068 Apple Mobile Device - ok
16:21:35.0154 5068 [ 5F673180268BB1FDB69C99B6619FE379 ] arc C:\Windows\system32\drivers\arc.sys
16:21:35.0156 5068 arc - ok
16:21:35.0178 5068 [ 957F7540B5E7F602E44648C7DE5A1C05 ] arcsas C:\Windows\system32\drivers\arcsas.sys
16:21:35.0181 5068 arcsas - ok
16:21:35.0217 5068 [ F5DC168BF77572D51BE28BA261B30CB4 ] aswFsBlk C:\Windows\system32\drivers\aswFsBlk.sys
16:21:35.0219 5068 aswFsBlk - ok
16:21:35.0228 5068 [ F76E51561562AC4105DBBE53FC99BC10 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
16:21:35.0230 5068 aswMonFlt - ok
16:21:35.0248 5068 [ B7D5E4486BA658ED08624D8084ABB830 ] aswRdr C:\Windows\system32\drivers\aswRdr.sys
16:21:35.0249 5068 aswRdr - ok
16:21:35.0311 5068 [ 30E45AF8B4D83176CA850FC9699E860B ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
16:21:35.0354 5068 aswSnx - ok
16:21:35.0389 5068 [ F04BDBCB965C05C51F4A7DE7B62063D6 ] aswSP C:\Windows\system32\drivers\aswSP.sys
16:21:35.0398 5068 aswSP - ok
16:21:35.0422 5068 [ DFE9152ABFA89BB8CFDC057409B2D4DA ] aswTdi C:\Windows\system32\drivers\aswTdi.sys
16:21:35.0425 5068 aswTdi - ok
16:21:35.0468 5068 [ E86CF7CE67D5DE898F27EF884DC357D8 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
16:21:35.0469 5068 AsyncMac - ok
16:21:35.0494 5068 [ 0B77F93AB73798F97E8E0A0AA4CCBEEF ] atapi C:\Windows\system32\drivers\atapi.sys
16:21:35.0496 5068 atapi - ok
16:21:35.0566 5068 [ ADFD93663D3BAE4FADC19AD1AE519EE4 ] Ati External Event Utility C:\Windows\system32\Ati2evxx.exe
16:21:35.0587 5068 Ati External Event Utility - ok
16:21:35.0718 5068 [ 389A2668E0C0C6698A6B565632C7F43A ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys
16:21:35.0807 5068 atikmdag - ok
16:21:35.0865 5068 [ 0B5302314A77100A930249F0BE9AB2D2 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
16:21:35.0868 5068 AudioEndpointBuilder - ok
16:21:35.0898 5068 [ 0B5302314A77100A930249F0BE9AB2D2 ] Audiosrv C:\Windows\System32\Audiosrv.dll
16:21:35.0901 5068 Audiosrv - ok
16:21:35.0964 5068 [ 04AC21E821F259845BD7367CEE057290 ] avast! Antivirus C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
16:21:35.0966 5068 avast! Antivirus - ok
16:21:36.0010 5068 [ AC3DD1708B22761EBD7CBE14DCC3B5D7 ] Beep C:\Windows\system32\drivers\Beep.sys
16:21:36.0011 5068 Beep - ok
16:21:36.0073 5068 [ 96B73CC64BD905EA6CC4E44384ABD8C9 ] BFE C:\Windows\System32\bfe.dll
16:21:36.0076 5068 BFE - ok
16:21:36.0152 5068 [ DA551697E34D2B9943C8B1C8EAFFE89A ] BITS C:\Windows\System32\qmgr.dll
16:21:36.0162 5068 BITS - ok
16:21:36.0168 5068 blbdrive - ok
16:21:36.0245 5068 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
16:21:36.0252 5068 Bonjour Service - ok
16:21:36.0278 5068 [ 913CD06FBE9105CE6077E90FD4418561 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
16:21:36.0281 5068 bowser - ok
16:21:36.0325 5068 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
16:21:36.0327 5068 BrFiltLo - ok
16:21:36.0357 5068 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
16:21:36.0358 5068 BrFiltUp - ok
16:21:36.0412 5068 [ BEB6470532B7461D7BB426E3FACB424F ] Browser C:\Windows\System32\browser.dll
16:21:36.0415 5068 Browser - ok
16:21:36.0439 5068 [ B304E75CFF293029EDDF094246747113 ] Brserid C:\Windows\system32\drivers\brserid.sys
16:21:36.0442 5068 Brserid - ok
16:21:36.0474 5068 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
16:21:36.0476 5068 BrSerWdm - ok
16:21:36.0505 5068 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
16:21:36.0506 5068 BrUsbMdm - ok
16:21:36.0533 5068 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
16:21:36.0534 5068 BrUsbSer - ok
16:21:36.0557 5068 [ AD07C1EC6665B8B35741AB91200C6B68 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
16:21:36.0559 5068 BTHMODEM - ok
16:21:36.0625 5068 [ 6C3A437FC873C6F6A4FC620B6888CB86 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
16:21:36.0626 5068 cdfs - ok
16:21:36.0641 5068 [ 8D1866E61AF096AE8B582454F5E4D303 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
16:21:36.0644 5068 cdrom - ok
16:21:36.0681 5068 [ 0600E04315FE543802A379D5D23C8BE0 ] CertPropSvc C:\Windows\System32\certprop.dll
16:21:36.0683 5068 CertPropSvc - ok
16:21:36.0691 5068 [ DA8E0AFC7BAA226C538EF53AC2F90897 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
16:21:36.0693 5068 circlass - ok
16:21:36.0735 5068 [ 1B84FD0937D3B99AF9BA38DDFF3DAF54 ] CLFS C:\Windows\system32\CLFS.sys
16:21:36.0741 5068 CLFS - ok
16:21:36.0808 5068 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:21:36.0811 5068 clr_optimization_v2.0.50727_32 - ok
16:21:36.0864 5068 CLTNetCnService - ok
16:21:36.0891 5068 [ ED97AD3DF1B9005989EAF149BF06C821 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
16:21:36.0892 5068 CmBatt - ok
16:21:36.0915 5068 [ 2AC0C92B29EC21838F4CB46ADB26BCC0 ] cmdide C:\Windows\system32\drivers\cmdide.sys
16:21:36.0917 5068 cmdide - ok
16:21:36.0986 5068 [ 722936AFB75A7F509662B69B5632F48A ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
16:21:36.0987 5068 Compbatt - ok
16:21:36.0997 5068 COMSysApp - ok
16:21:37.0008 5068 [ 2A213AE086BBEC5E937553C7D9A2B22C ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
16:21:37.0009 5068 crcdisk - ok
16:21:37.0027 5068 [ 22A7F883508176489F559EE745B5BF5D ] Crusoe C:\Windows\system32\drivers\crusoe.sys
16:21:37.0029 5068 Crusoe - ok
16:21:37.0081 5068 [ 1C26FB097170A2A91066D1E3A24366E3 ] CryptSvc C:\Windows\system32\cryptsvc.dll
16:21:37.0084 5068 CryptSvc - ok
16:21:37.0137 5068 [ B1BB45E24717A7F790B4411C4446EF5E ] DcomLaunch C:\Windows\system32\rpcss.dll
16:21:37.0161 5068 DcomLaunch - ok
16:21:37.0196 5068 [ A7179DE59AE269AB70345527894CCD7C ] DfsC C:\Windows\system32\Drivers\dfsc.sys
16:21:37.0200 5068 DfsC - ok
16:21:37.0293 5068 [ E0D584AA76C7D845BA9F3A788260528F ] DFSR C:\Windows\system32\DFSR.exe
16:21:37.0360 5068 DFSR - ok
16:21:37.0410 5068 [ DC45739BC22D528D2B3E50D3F6761750 ] Dhcp C:\Windows\System32\dhcpcsvc.dll
16:21:37.0415 5068 Dhcp - ok
16:21:37.0429 5068 [ 841AF4C4D41D3E3B2F244E976B0F7963 ] disk C:\Windows\system32\drivers\disk.sys
16:21:37.0431 5068 disk - ok
16:21:37.0466 5068 [ 05D7E62FD2EABAD579EB4D0C29245EEC ] Dnscache C:\Windows\System32\dnsrslvr.dll
16:21:37.0468 5068 Dnscache - ok
16:21:37.0487 5068 [ 32A15AF277E287E5A3AAEC67EDDB258C ] dot3svc C:\Windows\System32\dot3svc.dll
16:21:37.0492 5068 dot3svc - ok
16:21:37.0548 5068 [ 57B2D433A08B95E4F1B53A919937F3E5 ] Dot4 C:\Windows\system32\DRIVERS\Dot4.sys
16:21:37.0552 5068 Dot4 - ok
16:21:37.0573 5068 [ D93FA484BB62FBE7E5EF335C5415D3CF ] Dot4Print C:\Windows\system32\DRIVERS\Dot4Prt.sys
16:21:37.0575 5068 Dot4Print - ok
16:21:37.0593 5068 [ 599742C4260FB3E8EDB3BE148B8CE856 ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys
16:21:37.0595 5068 dot4usb - ok
16:21:37.0635 5068 [ 032C90AD677BF7B7A8013D6087C7A921 ] DPS C:\Windows\system32\dps.dll
16:21:37.0638 5068 DPS - ok
16:21:37.0670 5068 [ EE472CD2C01F6F8E8AA1FA06FFEF61B6 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
16:21:37.0671 5068 drmkaud - ok
16:21:37.0704 5068 [ 2D13D9E98CAF6321F219B28921AF214C ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
16:21:37.0715 5068 DXGKrnl - ok
16:21:37.0762 5068 [ F88FB26547FD2CE6D0A5AF2985892C48 ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys
16:21:37.0766 5068 E1G60 - ok
16:21:37.0796 5068 [ 90A0A875642E18618010645311B4E89E ] EapHost C:\Windows\System32\eapsvc.dll
16:21:37.0798 5068 EapHost - ok
16:21:37.0838 5068 [ 38573398F734B71B06CD2411494F234A ] Ecache C:\Windows\system32\drivers\ecache.sys
16:21:37.0842 5068 Ecache - ok
16:21:37.0896 5068 [ 8EA277BDA2730C9B34ADD67CDD593D64 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
16:21:37.0902 5068 ehRecvr - ok
16:21:37.0926 5068 [ AD1870C8E5D6DD340C829E6074BF3C3F ] ehSched C:\Windows\ehome\ehsched.exe
16:21:37.0929 5068 ehSched - ok
16:21:37.0936 5068 [ C27C4EE8926E74AA72EFCAB24C5242C3 ] ehstart C:\Windows\ehome\ehstart.dll
16:21:37.0937 5068 ehstart - ok
16:21:37.0982 5068 [ E8F3F21A71720C84BCF423B80028359F ] elxstor C:\Windows\system32\drivers\elxstor.sys
16:21:37.0989 5068 elxstor - ok
16:21:38.0057 5068 [ 902CDDD9CD94AD1B4688D96FF8F2EDB8 ] EMDMgmt C:\Windows\system32\emdmgmt.dll
16:21:38.0063 5068 EMDMgmt - ok
16:21:38.0120 5068 [ 7B4971C3D43525175A4EA0D143E0412E ] EventSystem C:\Windows\system32\es.dll
16:21:38.0124 5068 EventSystem - ok
16:21:38.0130 5068 ewusbnet - ok
16:21:38.0179 5068 [ 84A317CB0B3954D3768CDCD018DBF670 ] fastfat C:\Windows\system32\drivers\fastfat.sys
16:21:38.0183 5068 fastfat - ok
16:21:38.0206 5068 [ 63BDADA84951B9C03E641800E176898A ] fdc C:\Windows\system32\DRIVERS\fdc.sys
16:21:38.0207 5068 fdc - ok
16:21:38.0212 5068 [ E43BCE1A77D6FD4ED5F8E0482B9E7DF1 ] fdPHost C:\Windows\system32\fdPHost.dll
16:21:38.0215 5068 fdPHost - ok
16:21:38.0241 5068 [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub C:\Windows\system32\fdrespub.dll
16:21:38.0244 5068 FDResPub - ok
16:21:38.0273 5068 [ 65773D6115C037FFD7EF8280AE85EB9D ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
16:21:38.0275 5068 FileInfo - ok
16:21:38.0289 5068 [ C226DD0DE060745F3E042F58DCF78402 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
16:21:38.0291 5068 Filetrace - ok
16:21:38.0390 5068 [ F76D04F7413B07DAA029F6520B64B4E8 ] FLEXnet Licensing Service C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
16:21:38.0434 5068 FLEXnet Licensing Service - ok
16:21:38.0531 5068 [ 6603957EFF5EC62D25075EA8AC27DE68 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
16:21:38.0534 5068 flpydisk - ok
16:21:38.0567 5068 [ A6A8DA7AE4D53394AB22AC3AB6D3F5D3 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
16:21:38.0573 5068 FltMgr - ok
16:21:38.0680 5068 [ C9BE08664611DDAF98E2331E9288B00B ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
16:21:38.0685 5068 FontCache3.0.0.0 - ok
16:21:38.0744 5068 [ 6A4125EDBE6D5907D4B1E4514F1F5675 ] FSCLBaseUpdaterService C:\Program Files\Fujitsu Siemens Computers\FSCLounge\FSCWBaseUpdaterService\2\FSCWBaseUpdaterService.exe
16:21:38.0747 5068 FSCLBaseUpdaterService - ok
16:21:38.0829 5068 [ 66A078591208BAA210C7634B11EB392C ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
16:21:38.0831 5068 Fs_Rec - ok
16:21:38.0891 5068 [ 4E1CD0A45C50A8882616CAE5BF82F3C5 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
16:21:38.0895 5068 gagp30kx - ok
16:21:38.0941 5068 [ 8182FF89C65E4D38B2DE4BB0FB18564E ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
16:21:38.0943 5068 GEARAspiWDM - ok
16:21:39.0041 5068 [ AD0C777CD05A4CA30100000AB9B3E30B ] gpsvc C:\Windows\System32\gpsvc.dll
16:21:39.0065 5068 gpsvc - ok
16:21:39.0144 5068 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
16:21:39.0147 5068 gupdate - ok
16:21:39.0166 5068 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
16:21:39.0169 5068 gupdatem - ok
16:21:39.0238 5068 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
16:21:39.0245 5068 gusvc - ok
16:21:39.0288 5068 [ CB04C744BE0A61B1D648FAED182C3B59 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
16:21:39.0295 5068 HdAudAddService - ok
16:21:39.0324 5068 [ 0DB613A7E427B5663563677796FD5258 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
16:21:39.0326 5068 HDAudBus - ok
16:21:39.0344 5068 [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth C:\Windows\system32\drivers\hidbth.sys
16:21:39.0347 5068 HidBth - ok
16:21:39.0371 5068 [ F24393C44FDFE2E5E9F416FD3BDF98E2 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
16:21:39.0374 5068 HidIr - ok
16:21:39.0417 5068 [ 8FA640195279ACE21BEA91396A0054FC ] hidserv C:\Windows\system32\hidserv.dll
16:21:39.0423 5068 hidserv - ok
16:21:39.0456 5068 [ 01E7971E9F4BD6AC6A08DB52D0EA0418 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
16:21:39.0459 5068 HidUsb - ok
16:21:39.0519 5068 [ D40AA05E29BF6ED29B139F044B461E9B ] hkmsvc C:\Windows\system32\kmsvc.dll
16:21:39.0526 5068 hkmsvc - ok
16:21:39.0561 5068 [ DF353B401001246853763C4B7AAA6F50 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
16:21:39.0564 5068 HpCISSs - ok
16:21:39.0691 5068 [ 0A3C6AA4A9FC38C20BA4EAC2C3351C05 ] hpqcxs08 C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
16:21:39.0695 5068 hpqcxs08 - ok
16:21:39.0727 5068 [ EE4C7A4CF2316701FFDE90F404520265 ] hpqddsvc C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
16:21:39.0730 5068 hpqddsvc - ok
16:21:39.0840 5068 [ 6F9CB6539A1B2508BD1C53D29334431A ] HPSLPSVC C:\Program Files\HP\Digital Imaging\bin\HPSLPSVC32.DLL
16:21:39.0850 5068 HPSLPSVC - ok
16:21:39.0921 5068 [ 481B86E8939289F77FBCEA1B24CEC687 ] HTTP C:\Windows\system32\drivers\HTTP.sys
16:21:39.0933 5068 HTTP - ok
16:21:39.0975 5068 hwdatacard - ok
16:21:39.0992 5068 hwusbdev - ok
16:21:40.0063 5068 [ 324C2152FF2C61ABAE92D09F3CCA4D63 ] i2omp C:\Windows\system32\drivers\i2omp.sys
16:21:40.0066 5068 i2omp - ok
16:21:40.0112 5068 [ BEA9838CD25D36BEBA3F94386A761D60 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
16:21:40.0116 5068 i8042prt - ok
16:21:40.0185 5068 [ FD7F9D74C2B35DBDA400804A3F5ED5D8 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
16:21:40.0189 5068 iaStor - ok
16:21:40.0223 5068 [ C957BF4B5D80B46C5017BF0101E6C906 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
16:21:40.0230 5068 iaStorV - ok
16:21:40.0350 5068 [ 7B630ACAED64FEF0C3E1CF255CB56686 ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
16:21:40.0383 5068 idsvc - ok
16:21:40.0416 5068 [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp C:\Windows\system32\drivers\iirsp.sys
16:21:40.0419 5068 iirsp - ok
16:21:40.0468 5068 [ 4456E314E60177B03E5CBE64CD6A337E ] IKEEXT C:\Windows\System32\ikeext.dll
16:21:40.0478 5068 IKEEXT - ok
16:21:40.0646 5068 [ 4FA59A84069D9D0991BAE34CC4AFF99C ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
16:21:40.0735 5068 IntcAzAudAddService - ok
16:21:40.0779 5068 [ 4A6B4C4FAB7716C869FA9D19AC8CA5A5 ] intelide C:\Windows\system32\drivers\intelide.sys
16:21:40.0782 5068 intelide - ok
16:21:40.0813 5068 [ CE44CC04262F28216DD4341E9E36A16F ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
16:21:40.0815 5068 intelppm - ok
16:21:40.0873 5068 [ A6D67306A3E9E526A8AEFEB9680A90EA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
16:21:40.0879 5068 IPBusEnum - ok
16:21:40.0939 5068 [ 880C6F86CC3F551B8FEA2C11141268C0 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:21:40.0942 5068 IpFilterDriver - ok
16:21:41.0026 5068 [ ECC9AD72CFC4AB41CF6A9BCC11F9FEF6 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
16:21:41.0035 5068 iphlpsvc - ok
16:21:41.0045 5068 IpInIp - ok
16:21:41.0081 5068 [ 40F34F8ABA2A015D780E4B09138B6C17 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
16:21:41.0084 5068 IPMIDRV - ok
16:21:41.0107 5068 [ 10077C35845101548037DF04FD1A420B ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
16:21:41.0112 5068 IPNAT - ok
16:21:41.0242 5068 [ 49918803B661367023BF325CF602AFDC ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
16:21:41.0276 5068 iPod Service - ok
16:21:41.0323 5068 [ A82F328F4792304184642D6D397BB1E3 ] IRENUM C:\Windows\system32\drivers\irenum.sys
16:21:41.0326 5068 IRENUM - ok
16:21:41.0349 5068 [ CE2997A0C3B0049A3188C4F0C7A04BC9 ] isapnp C:\Windows\system32\drivers\isapnp.sys
16:21:41.0352 5068 isapnp - ok
16:21:41.0404 5068 [ 4DCA456D4D5723F8FA9C6760D240B0DF ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
16:21:41.0410 5068 iScsiPrt - ok
16:21:41.0430 5068 [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
16:21:41.0434 5068 iteatapi - ok
16:21:41.0472 5068 [ E4B04A0D8B237ECF026D849439F1BCCE ] itecir C:\Windows\system32\DRIVERS\itecir.sys
16:21:41.0475 5068 itecir - ok
16:21:41.0500 5068 [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid C:\Windows\system32\drivers\iteraid.sys
16:21:41.0502 5068 iteraid - ok
16:21:41.0521 5068 [ C1632FE31D1824A43DEA29725312E3FA ] JRAID C:\Windows\system32\drivers\jraid.sys
16:21:41.0524 5068 JRAID - ok
16:21:41.0547 5068 [ C9B0CF786D5F151A43C7BE8E243F2819 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
16:21:41.0550 5068 kbdclass - ok
16:21:41.0585 5068 [ 97AB2FB84E8E77D93CEE85550F4CF7F9 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
16:21:41.0588 5068 kbdhid - ok
16:21:41.0626 5068 [ D09A5DA84B7C9CA9B02EBCD7FAE41C8D ] KeyIso C:\Windows\system32\lsass.exe
16:21:41.0633 5068 KeyIso - ok
16:21:41.0703 5068 [ B6FAC1FF7D4A05C06DA9E53DBF5E9E7A ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
16:21:41.0737 5068 KSecDD - ok
16:21:41.0810 5068 [ 45C537FE5DDE9A0146AEFF76E615737D ] KtmRm C:\Windows\system32\msdtckrm.dll
16:21:41.0816 5068 KtmRm - ok
16:21:41.0837 5068 [ 53D1482FC1AA36AC015A85E6CF2146BD ] LanmanServer C:\Windows\system32\srvsvc.dll
16:21:41.0843 5068 LanmanServer - ok
16:21:41.0883 5068 [ 435F0F6DC87A4B5DA78F1FA309884189 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
16:21:41.0890 5068 LanmanWorkstation - ok
16:21:41.0947 5068 [ FD015B4F95DAA2B712F0E372A116FBAD ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
16:21:41.0950 5068 lltdio - ok
16:21:41.0990 5068 [ 7450DBCF754391DD6363FFFD5EF0E789 ] lltdsvc C:\Windows\System32\lltdsvc.dll
16:21:41.0996 5068 lltdsvc - ok
16:21:42.0018 5068 [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts C:\Windows\System32\lmhsvc.dll
16:21:42.0022 5068 lmhosts - ok
16:21:42.0043 5068 [ A2262FB9F28935E862B4DB46438C80D2 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
16:21:42.0046 5068 LSI_FC - ok
16:21:42.0066 5068 [ 30D73327D390F72A62F32C103DAF1D6D ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
16:21:42.0069 5068 LSI_SAS - ok
16:21:42.0087 5068 [ E1E36FEFD45849A95F1AB81DE0159FE3 ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
16:21:42.0090 5068 LSI_SCSI - ok
16:21:42.0110 5068 [ 42885BB44B6E065B8575A8DD6C430C52 ] luafv C:\Windows\system32\drivers\luafv.sys
16:21:42.0114 5068 luafv - ok
16:21:42.0172 5068 [ 65E794E86468B61F2BC79ABC48BC4433 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
16:21:42.0175 5068 MBAMProtector - ok
16:21:42.0223 5068 [ 0DCF16B1449811EFA47AB52CAC84093C ] MBAMScheduler C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
16:21:42.0230 5068 MBAMScheduler - ok
16:21:42.0269 5068 [ 9EAABA4D601004BEA4DAA6E146E19A96 ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
16:21:42.0289 5068 MBAMService - ok
16:21:42.0396 5068 [ 22A7776C5D8EB5930EDF9C8DD0884259 ] McComponentHostService C:\Program Files\McAfee Security Scan\3.0.207\McCHSvc.exe
16:21:42.0403 5068 McComponentHostService - ok
16:21:42.0478 5068 [ BF8426A8E3F3856389E26E94A8F1B588 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
16:21:42.0485 5068 Mcx2Svc - ok
16:21:42.0551 5068 [ D153B14FC6598EAE8422A2037553ADCE ] megasas C:\Windows\system32\drivers\megasas.sys
16:21:42.0553 5068 megasas - ok
16:21:42.0583 5068 [ 9DFA3A459AF0954AA85B4F7622AD87BB ] MMCSS C:\Windows\system32\mmcss.dll
16:21:42.0590 5068 MMCSS - ok
16:21:42.0646 5068 [ 21755967298A46FB6ADFEC9DB6012211 ] Modem C:\Windows\system32\drivers\modem.sys
16:21:42.0648 5068 Modem - ok
16:21:42.0702 5068 [ EE05F7A5E2CEFB275B08F3E3FCC2A8EB ] monitor C:\Windows\system32\DRIVERS\monitor.sys
16:21:42.0703 5068 monitor - ok
16:21:42.0709 5068 [ 4A00B3CF90AD075193CA5AEECE71154C ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
16:21:42.0711 5068 mouclass - ok
16:21:42.0765 5068 [ 8D9B701D716843C39E93B3432CB721FC ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
16:21:42.0766 5068 mouhid - ok
16:21:42.0779 5068 [ 01F1E5A3E4877C931CBB31613FEC16A6 ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
16:21:42.0781 5068 MountMgr - ok
16:21:42.0831 5068 [ CB8AF049AC9BE419A77ADAE288673359 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
16:21:42.0834 5068 MozillaMaintenance - ok
16:21:42.0853 5068 [ 583A41F26278D9E0EA548163D6139397 ] mpio C:\Windows\system32\drivers\mpio.sys
16:21:42.0856 5068 mpio - ok
16:21:42.0881 5068 [ 6E7A7F0C1193EE5648443FE2D4B789EC ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
16:21:42.0883 5068 mpsdrv - ok
16:21:42.0917 5068 [ 563ED845885C6A7C09A7715D8BD0585C ] MpsSvc C:\Windows\system32\mpssvc.dll
16:21:42.0923 5068 MpsSvc - ok
16:21:42.0951 5068 [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
16:21:42.0953 5068 Mraid35x - ok
16:21:42.0972 5068 [ 08F0C494A69CF3106EE7FFC48D8E5AC7 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
16:21:42.0975 5068 MRxDAV - ok
16:21:43.0014 5068 [ BBB0D31B477CFF3B4F737ED0367F635F ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
16:21:43.0017 5068 mrxsmb - ok
16:21:43.0085 5068 [ A6130566AC4178473B5DAC8F8F74407D ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:21:43.0091 5068 mrxsmb10 - ok
16:21:43.0109 5068 [ 3D475E770D3AB2D0C5E3E1386871F9DA ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:21:43.0112 5068 mrxsmb20 - ok
16:21:43.0143 5068 [ 13FA01D10C95762E3E191BB023DFA8CC ] msahci C:\Windows\system32\drivers\msahci.sys
16:21:43.0145 5068 msahci - ok
16:21:43.0169 5068 [ 3FC82A2AE4CC149165A94699183D3028 ] msdsm C:\Windows\system32\drivers\msdsm.sys
16:21:43.0172 5068 msdsm - ok
16:21:43.0190 5068 [ BC64A92D821EFEA8BAB8E8CAF1B668BC ] MSDTC C:\Windows\System32\msdtc.exe
16:21:43.0195 5068 MSDTC - ok
16:21:43.0225 5068 [ 729EAFEFD4E7417165F353A18DBE947D ] Msfs C:\Windows\system32\drivers\Msfs.sys
16:21:43.0227 5068 Msfs - ok
16:21:43.0294 5068 [ 0A64168B63535520ADFD6B959695404A ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
16:21:43.0296 5068 msisadrv - ok
16:21:43.0338 5068 [ 8ACF956D9154E893E789881430C12632 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
16:21:43.0343 5068 MSiSCSI - ok
16:21:43.0348 5068 msiserver - ok
16:21:43.0376 5068 [ 892CEDEFA7E0FFE7BE8DA651B651D047 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
16:21:43.0378 5068 MSKSSRV - ok
16:21:43.0391 5068 [ AE2CB1DA69B2676B4CEE2A501AF5871C ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
16:21:43.0393 5068 MSPCLOCK - ok
16:21:43.0410 5068 [ F910DA84FA90C44A3ADDB7CD874463FD ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
16:21:43.0412 5068 MSPQM - ok
16:21:43.0437 5068 [ 84571C0AE07647BA38D493F5F0015DF7 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
16:21:43.0442 5068 MsRPC - ok
16:21:43.0498 5068 [ E09CEDB1BCA303B7F6AE22F512E56969 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
16:21:43.0499 5068 mssmbios - ok
16:21:43.0514 5068 [ C826DD1373F38AFD9CA46EC3C436A14E ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
16:21:43.0515 5068 MSTEE - ok
16:21:43.0540 5068 [ FA7AA70050CF5E2D15DE00941E5665E5 ] Mup C:\Windows\system32\Drivers\mup.sys
16:21:43.0542 5068 Mup - ok
16:21:43.0571 5068 [ 1CDBB5D002FE2BC5300AA20550D8A52E ] napagent C:\Windows\system32\qagentRT.dll
16:21:43.0580 5068 napagent - ok
16:21:43.0620 5068 [ BE8C26E61BE5C5A49A6BABD17AEED1B7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
16:21:43.0625 5068 NativeWifiP - ok
16:21:43.0659 5068 [ 6E8DFFACE597629CEF5DF7D69217628F ] NDIS C:\Windows\system32\drivers\ndis.sys
16:21:43.0668 5068 NDIS - ok
16:21:43.0694 5068 [ 81659CDCBD0F9A9E07E6878AD8C78D3F ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
16:21:43.0696 5068 NdisTapi - ok
16:21:43.0707 5068 [ 5DE5EE546BF40838EBE0E01CB629DF64 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
16:21:43.0709 5068 Ndisuio - ok
16:21:43.0721 5068 [ 397402ADCBB8946223A1950101F6CD94 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
16:21:43.0725 5068 NdisWan - ok
16:21:43.0735 5068 [ 1B24FA907AF283199A81B3BB37E5E526 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
16:21:43.0737 5068 NDProxy - ok
16:21:43.0771 5068 [ 949941E4DE88DF1FAF49A4B3CFFB756F ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
16:21:43.0774 5068 Net Driver HPZ12 - ok
16:21:43.0790 5068 [ 356DBB9F98E8DC1028DD3092FCEEB877 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
16:21:43.0791 5068 NetBIOS - ok
16:21:43.0805 5068 [ 231F6CCFDB7A604221F18FB0852C8560 ] netbt C:\Windows\system32\DRIVERS\netbt.sys
16:21:43.0810 5068 netbt - ok
16:21:43.0818 5068 [ D09A5DA84B7C9CA9B02EBCD7FAE41C8D ] Netlogon C:\Windows\system32\lsass.exe
16:21:43.0821 5068 Netlogon - ok
16:21:43.0853 5068 [ 90A4DAE28B94497F83BEA0F2A3B77092 ] Netman C:\Windows\System32\netman.dll
16:21:43.0859 5068 Netman - ok
16:21:43.0874 5068 [ 7C5C3D9CEEE838856B828AB6F98A2857 ] netprofm C:\Windows\System32\netprofm.dll
16:21:43.0884 5068 netprofm - ok
16:21:43.0935 5068 [ 0AD5876EF4E9EB77C8F93EB5B2FFF386 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
16:21:43.0940 5068 NetTcpPortSharing - ok
16:21:44.0015 5068 [ A15F219208843A5A210C8CB391384453 ] NETw3v32 C:\Windows\system32\DRIVERS\NETw3v32.sys
16:21:44.0125 5068 NETw3v32 - ok
16:21:44.0238 5068 [ 1D73499A6664B4DA05D750FF83FDB274 ] NETw4v32 C:\Windows\system32\DRIVERS\NETw4v32.sys
16:21:44.0336 5068 NETw4v32 - ok
16:21:44.0365 5068 [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
16:21:44.0369 5068 nfrd960 - ok
16:21:44.0425 5068 [ C424117A562F2DE37A42266894C79AEB ] NlaSvc C:\Windows\System32\nlasvc.dll
16:21:44.0437 5068 NlaSvc - ok
16:21:44.0546 5068 [ 7B273501C59D52978B761F82BEBADB06 ] NMIndexingService C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
16:21:44.0556 5068 NMIndexingService - ok
16:21:44.0581 5068 [ 4F9832BEB9FAFD8CEB0E541F1323B26E ] Npfs C:\Windows\system32\drivers\Npfs.sys
16:21:44.0584 5068 Npfs - ok
16:21:44.0596 5068 [ 23B8201A363DE0E649FC75EE9874DEE2 ] nsi C:\Windows\system32\nsisvc.dll
16:21:44.0605 5068 nsi - ok
16:21:44.0647 5068 [ B488DFEC274DE1FC9D653870EF2587BE ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
16:21:44.0650 5068 nsiproxy - ok
16:21:44.0720 5068 [ F08824715CA6076F5E73E005AB83B9C8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
16:21:44.0766 5068 Ntfs - ok
16:21:44.0795 5068 [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi C:\Windows\system32\drivers\ntrigdigi.sys
16:21:44.0798 5068 ntrigdigi - ok
16:21:44.0821 5068 [ EC5EFB3C60F1B624648344A328BCE596 ] Null C:\Windows\system32\drivers\Null.sys
16:21:44.0824 5068 Null - ok
16:21:44.0838 5068 [ E69E946F80C1C31C53003BFBF50CBB7C ] nvraid C:\Windows\system32\drivers\nvraid.sys
16:21:44.0842 5068 nvraid - ok
16:21:44.0878 5068 [ ED399014A8029DE02BA5AE01DA8CC9EE ] nvrd32 C:\Windows\system32\drivers\nvrd32.sys
16:21:44.0883 5068 nvrd32 - ok
16:21:44.0912 5068 [ 9E0BA19A28C498A6D323D065DB76DFFC ] nvstor C:\Windows\system32\drivers\nvstor.sys
16:21:44.0916 5068 nvstor - ok
16:21:44.0938 5068 [ 703E3A7093B0FAC0EEBADBB8E931ECAF ] nvstor32 C:\Windows\system32\drivers\nvstor32.sys
16:21:44.0943 5068 nvstor32 - ok
16:21:44.0977 5068 [ 925EB9E53ECA4473A2D156A02B7418E3 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
16:21:44.0981 5068 nv_agp - ok
16:21:44.0990 5068 NwlnkFlt - ok
16:21:45.0003 5068 NwlnkFwd - ok
16:21:45.0111 5068 [ 1F0E05DFF4F5A833168E49BE1256F002 ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
16:21:45.0133 5068 odserv - ok
16:21:45.0183 5068 [ BE32DA025A0BE1878F0EE8D6D9386CD5 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
16:21:45.0187 5068 ohci1394 - ok
16:21:45.0245 5068 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
16:21:45.0250 5068 ose - ok
16:21:45.0307 5068 [ 016D01D3B8FB976A193C7434BED8DCCF ] p2pimsvc C:\Windows\system32\p2psvc.dll
16:21:45.0316 5068 p2pimsvc - ok
16:21:45.0352 5068 [ 016D01D3B8FB976A193C7434BED8DCCF ] p2psvc C:\Windows\system32\p2psvc.dll
16:21:45.0360 5068 p2psvc - ok
16:21:45.0374 5068 [ 0FA9B5055484649D63C303FE404E5F4D ] Parport C:\Windows\system32\drivers\parport.sys
16:21:45.0377 5068 Parport - ok
16:21:45.0394 5068 [ 555A5B2C8022983BC7467BC925B222EE ] partmgr C:\Windows\system32\drivers\partmgr.sys
16:21:45.0398 5068 partmgr - ok
16:21:45.0426 5068 [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm C:\Windows\system32\drivers\parvdm.sys
16:21:45.0427 5068 Parvdm - ok
16:21:45.0458 5068 [ D8C5C215C932233A4F1D7F368F4E4E65 ] PcaSvc C:\Windows\System32\pcasvc.dll
16:21:45.0462 5068 PcaSvc - ok
16:21:45.0516 5068 [ A48C4D0ACC933F7A37E52AB0761811AD ] pci C:\Windows\system32\drivers\pci.sys
16:21:45.0519 5068 pci - ok
16:21:45.0541 5068 [ 353968946BCB766F6C5C01717686B382 ] pciide C:\Windows\system32\drivers\pciide.sys
16:21:45.0542 5068 pciide - ok
16:21:45.0572 5068 [ E6F3FB1B86AA519E7698AD05E58B04E5 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
16:21:45.0577 5068 pcmcia - ok
16:21:45.0621 5068 [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
16:21:45.0655 5068 PEAUTH - ok
16:21:45.0716 5068 [ CD05A38D166BEADE18030BAFC0C0A939 ] pla C:\Windows\system32\pla.dll
16:21:45.0731 5068 pla - ok
16:21:45.0839 5068 [ 747BB4C31F3B6E8D1B5ED0AD61518CB5 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
16:21:45.0846 5068 PlugPlay - ok
16:21:45.0887 5068 [ 2F4CA141A609CAF5C98F6E4760EF1B9B ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
16:21:45.0891 5068 Pml Driver HPZ12 - ok
16:21:45.0965 5068 [ 016D01D3B8FB976A193C7434BED8DCCF ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
16:21:45.0976 5068 PNRPAutoReg - ok
16:21:46.0026 5068 [ 016D01D3B8FB976A193C7434BED8DCCF ] PNRPsvc C:\Windows\system32\p2psvc.dll
16:21:46.0037 5068 PNRPsvc - ok
16:21:46.0095 5068 [ 5EBDEC613BD377CE9A85382BE5C6B83B ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
16:21:46.0119 5068 PolicyAgent - ok
16:21:46.0171 5068 [ C04DEC5ACE67C5247B150C4223970BB7 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
16:21:46.0174 5068 PptpMiniport - ok
16:21:46.0209 5068 [ 0E3CEF5D28B40CF273281D620C50700A ] Processor C:\Windows\system32\drivers\processr.sys
16:21:46.0213 5068 Processor - ok
16:21:46.0257 5068 [ 8B8E8F4734C5C576E3B910DB73756CF1 ] ProfSvc C:\Windows\system32\profsvc.dll
16:21:46.0268 5068 ProfSvc - ok
16:21:46.0321 5068 [ D09A5DA84B7C9CA9B02EBCD7FAE41C8D ] ProtectedStorage C:\Windows\system32\lsass.exe
16:21:46.0328 5068 ProtectedStorage - ok
16:21:46.0350 5068 [ 2C8BAE55247C4E09352E870292E4D1AB ] PSched C:\Windows\system32\DRIVERS\pacer.sys
16:21:46.0353 5068 PSched - ok
16:21:46.0385 5068 [ D86B4A68565E444D76457F14172C875A ] PxHelp20 C:\Windows\system32\Drivers\PxHelp20.sys
16:21:46.0389 5068 PxHelp20 - ok
16:21:46.0474 5068 [ CCDAC889326317792480C0A67156A1EC ] ql2300 C:\Windows\system32\drivers\ql2300.sys
16:21:46.0508 5068 ql2300 - ok
16:21:46.0529 5068 [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
16:21:46.0532 5068 ql40xx - ok
16:21:46.0563 5068 [ CA61BDFD3713A7CE75F2812AFC431594 ] QWAVE C:\Windows\system32\qwave.dll
16:21:46.0570 5068 QWAVE - ok
16:21:46.0586 5068 [ D2B3E2B7426DC23E185FBC73C8936C12 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
16:21:46.0588 5068 QWAVEdrv - ok
16:21:46.0608 5068 [ BD7B30F55B3649506DD8B3D38F571D2A ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
16:21:46.0610 5068 RasAcd - ok
16:21:46.0631 5068 [ F14F4AAB9F54D099FE99192BDB100AC9 ] RasAuto C:\Windows\System32\rasauto.dll
16:21:46.0638 5068 RasAuto - ok
16:21:46.0655 5068 [ 68B0019FEE429EC49D29017AF937E482 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
16:21:46.0658 5068 Rasl2tp - ok
16:21:46.0679 5068 [ 6A43A313B384CA0B1ACCBA47EE504764 ] RasMan C:\Windows\System32\rasmans.dll
16:21:46.0686 5068 RasMan - ok
16:21:46.0714 5068 [ CCF4E9C6CBBAC81437F88CB2AE0B6C96 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
16:21:46.0716 5068 RasPppoe - ok
16:21:46.0781 5068 [ 54129C5D9581BBEC8BD1EBD3BA813F47 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
16:21:46.0786 5068 rdbss - ok
16:21:46.0795 5068 [ 794585276B5D7FCA9F3FC15543F9F0B9 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
16:21:46.0797 5068 RDPCDD - ok
16:21:46.0823 5068 [ 87EE019FE9FBFF071D76CCF9EC794646 ] rdpdr C:\Windows\system32\drivers\rdpdr.sys
16:21:46.0829 5068 rdpdr - ok
16:21:46.0835 5068 [ 980B56E2E273E19D3A9D72D5C420F008 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
16:21:46.0836 5068 RDPENCDD - ok
16:21:46.0858 5068 [ E2AFAC98FC6CA2AD2D09F2DE1BC71AD9 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
16:21:46.0862 5068 RDPWD - ok
16:21:46.0894 5068 [ 6C1A43C589EE8011A1EBFD51C01B77CE ] RemoteAccess C:\Windows\System32\mprdim.dll
16:21:46.0898 5068 RemoteAccess - ok
16:21:46.0912 5068 [ 9A043808667C8C1893DA7275AF373F0E ] RemoteRegistry C:\Windows\system32\regsvc.dll
16:21:46.0920 5068 RemoteRegistry - ok
16:21:47.0010 5068 [ C1C132455200AD4704142442C89D0FA4 ] RichVideo C:\Program Files\CyberLink\Shared Files\RichVideo.exe
16:21:47.0013 5068 RichVideo - ok
16:21:47.0035 5068 [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator C:\Windows\system32\locator.exe
16:21:47.0039 5068 RpcLocator - ok
16:21:47.0062 5068 [ B1BB45E24717A7F790B4411C4446EF5E ] RpcSs C:\Windows\system32\rpcss.dll
16:21:47.0070 5068 RpcSs - ok
16:21:47.0173 5068 [ 97E939D2128FEC5D5A3E6E79B290A2F4 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
16:21:47.0176 5068 rspndr - ok
16:21:47.0213 5068 [ 904FD29EC1FF2709099AE2CD1C09A913 ] RTL8169 C:\Windows\system32\DRIVERS\Rtlh86.sys
16:21:47.0216 5068 RTL8169 - ok
16:21:47.0278 5068 [ D09A5DA84B7C9CA9B02EBCD7FAE41C8D ] SamSs C:\Windows\system32\lsass.exe
16:21:47.0284 5068 SamSs - ok
16:21:47.0307 5068 [ 3CE8F073A557E172B330109436984E30 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
16:21:47.0312 5068 sbp2port - ok
16:21:47.0395 5068 [ 565B4B9E5AD2F2F18A4F8AAFA6C06BBB ] SCardSvr C:\Windows\System32\SCardSvr.dll
16:21:47.0405 5068 SCardSvr - ok
16:21:47.0451 5068 [ BF17DA9F25A4F84C2577AC13EE126CB7 ] Schedule C:\Windows\system32\schedsvc.dll
16:21:47.0531 5068 Schedule - ok
16:21:47.0552 5068 [ 0600E04315FE543802A379D5D23C8BE0 ] SCPolicySvc C:\Windows\System32\certprop.dll
16:21:47.0555 5068 SCPolicySvc - ok
16:21:47.0566 5068 [ F7B6BF02240D0A764ADF8C8966735552 ] SDRSVC C:\Windows\System32\SDRSVC.dll
16:21:47.0579 5068 SDRSVC - ok
16:21:47.0622 5068 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
16:21:47.0625 5068 secdrv - ok
16:21:47.0641 5068 [ 8388C4133DDBE62AD7BC3EC9F14271ED ] seclogon C:\Windows\system32\seclogon.dll
16:21:47.0651 5068 seclogon - ok
16:21:47.0671 5068 [ 34350AE2C1D33D21C7305F861BD8DAD8 ] SENS C:\Windows\System32\sens.dll
16:21:47.0682 5068 SENS - ok
16:21:47.0702 5068 [ 68E44E331D46F0FB38F0863A84CD1A31 ] Serenum C:\Windows\system32\drivers\serenum.sys
16:21:47.0706 5068 Serenum - ok
16:21:47.0740 5068 [ C70D69A918B178D3C3B06339B40C2E1B ] Serial C:\Windows\system32\drivers\serial.sys
16:21:47.0744 5068 Serial - ok
16:21:47.0800 5068 [ 2BAF2ABC0DA0D50EBE8289C720977052 ] sermouse C:\Windows\system32\drivers\sermouse.sys
16:21:47.0803 5068 sermouse - ok
16:21:47.0848 5068 [ 78878235DA4DF0D116E86837A0A21DF8 ] SessionEnv C:\Windows\system32\sessenv.dll
16:21:47.0859 5068 SessionEnv - ok
16:21:47.0872 5068 [ 55B145D4248012D306DA8E92FA9FDC20 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
16:21:47.0875 5068 sffdisk - ok
16:21:47.0888 5068 [ B86DFCD55294A0495571A27B861E6EF3 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
16:21:47.0891 5068 sffp_mmc - ok
16:21:47.0900 5068 [ 5B327B59FAE2B01C34690D91ED03786E ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
16:21:47.0905 5068 sffp_sd - ok
16:21:47.0915 5068 [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
16:21:47.0919 5068 sfloppy - ok
16:21:47.0970 5068 [ 9A82BF4C90B00A63150A606A1E2FD82B ] SharedAccess C:\Windows\System32\ipnathlp.dll
16:21:47.0978 5068 SharedAccess - ok
16:21:48.0018 5068 [ B264DFA21677728613267FE63802B332 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
16:21:48.0031 5068 ShellHWDetection - ok
16:21:48.0077 5068 [ E5773C4CFF310D00A59DB01EF4074135 ] sisagp C:\Windows\system32\drivers\sisagp.sys
16:21:48.0081 5068 sisagp - ok
16:21:48.0130 5068 [ CEDD6F4E7D84E9F98B34B3FE988373AA ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
16:21:48.0133 5068 SiSRaid2 - ok
16:21:48.0167 5068 [ DF843C528C4F69D12CE41CE462E973A7 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
16:21:48.0172 5068 SiSRaid4 - ok
16:21:48.0277 5068 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
16:21:48.0280 5068 SkypeUpdate - ok
16:21:48.0426 5068 [ A1DCD30534835CB67733AD00175125A6 ] slsvc C:\Windows\system32\SLsvc.exe
16:21:48.0568 5068 slsvc - ok
16:21:48.0618 5068 [ 56DA296E7B376A727E7BDC5AC7FBEE02 ] SLUINotify C:\Windows\system32\SLUINotify.dll
16:21:48.0630 5068 SLUINotify - ok
16:21:48.0646 5068 [ 46BAF398809A0F3B2D3300A1760E4B91 ] Smb C:\Windows\system32\DRIVERS\smb.sys
16:21:48.0650 5068 Smb - ok
16:21:48.0711 5068 [ C8A58FC905C9184FA70E37F71060C64D ] smserial C:\Windows\system32\DRIVERS\smserial.sys
16:21:48.0766 5068 smserial - ok
16:21:48.0830 5068 [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
16:21:48.0841 5068 SNMPTRAP - ok
16:21:48.0898 5068 [ 426F9B029AA9162CECCF65369457D046 ] spldr C:\Windows\system32\drivers\spldr.sys
16:21:48.0900 5068 spldr - ok
16:21:48.0921 5068 [ DA612EF2556776DF2630B68BF2D48935 ] Spooler C:\Windows\System32\spoolsv.exe
16:21:48.0929 5068 Spooler - ok
16:21:48.0961 5068 [ 081BE0D7A95AF38D2AA238AFCFC103AA ] srv C:\Windows\system32\DRIVERS\srv.sys
16:21:48.0967 5068 srv - ok
16:21:48.0990 5068 [ 6971A757AF8CB5E2CBCBB76CC530DB6C ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
16:21:48.0994 5068 srv2 - ok
16:21:49.0006 5068 [ 3D2CA9F958FB6E28447DA61F65B9DEBA ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
16:21:49.0009 5068 srvnet - ok
16:21:49.0031 5068 [ 8D3E4BAFF8B3997138C38EB1B600519A ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
16:21:49.0040 5068 SSDPSRV - ok
16:21:49.0093 5068 [ DF5C19F053EFF7F8BA25D73AEA899656 ] ssm_bus C:\Windows\system32\DRIVERS\ssm_bus.sys
16:21:49.0096 5068 ssm_bus - ok
16:21:49.0128 5068 [ 7A95B5DEB594616F1693486B8161411E ] StillCam C:\Windows\system32\DRIVERS\serscan.sys
16:21:49.0130 5068 StillCam - ok
16:21:49.0159 5068 [ A941E099EF46E3CC12F898CBE1C39910 ] stisvc C:\Windows\System32\wiaservc.dll
16:21:49.0179 5068 stisvc - ok
16:21:49.0206 5068 [ 9C539AAFFB0B6D7BCE984C74317FF29F ] swenum C:\Windows\system32\DRIVERS\swenum.sys
16:21:49.0208 5068 swenum - ok
16:21:49.0225 5068 [ 749ADA8D6C18A08ADFEDE69CBF5DB2E0 ] swprv C:\Windows\System32\swprv.dll
16:21:49.0236 5068 swprv - ok
16:21:49.0259 5068 [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
16:21:49.0261 5068 Symc8xx - ok
16:21:49.0296 5068 [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
16:21:49.0298 5068 Sym_hi - ok
16:21:49.0336 5068 [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
16:21:49.0338 5068 Sym_u3 - ok
16:21:49.0379 5068 [ 8F2B5FEDE18BD3C4C926CBF88E6F1264 ] SysMain C:\Windows\system32\sysmain.dll
16:21:49.0401 5068 SysMain - ok
16:21:49.0451 5068 [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll
16:21:49.0458 5068 TabletInputService - ok
16:21:49.0536 5068 [ 9C574F1879936F5761F5322A5962E4F1 ] TapiSrv C:\Windows\System32\tapisrv.dll
16:21:49.0542 5068 TapiSrv - ok
16:21:49.0568 5068 [ 68FA52794AE9ACC61BDE16FE0956B414 ] TBS C:\Windows\System32\tbssvc.dll
16:21:49.0575 5068 TBS - ok
16:21:49.0633 5068 [ 2C1F7005AA3B62721BFDB307BD5F5010 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
16:21:49.0665 5068 Tcpip - ok
16:21:49.0689 5068 [ 2C1F7005AA3B62721BFDB307BD5F5010 ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
16:21:49.0696 5068 Tcpip6 - ok
16:21:49.0729 5068 [ 5CE0C4A7B12D0067DAD527D72B68C726 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
16:21:49.0731 5068 tcpipreg - ok
16:21:49.0761 5068 [ 964248AEF49C31FA6A93201A73FFAF50 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
16:21:49.0763 5068 TDPIPE - ok
16:21:49.0795 5068 [ 7D2C1AE1648A60FCE4AA0F7982E419D3 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
16:21:49.0797 5068 TDTCP - ok
16:21:49.0817 5068 [ 7973F7239486800CD79E4FDBAB6A07DF ] tdx C:\Windows\system32\DRIVERS\tdx.sys
16:21:49.0820 5068 tdx - ok
16:21:49.0949 5068 [ 0835A6C3C951A440AD03FB3DAB953D16 ] TeamViewer6 C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe
16:21:49.0968 5068 TeamViewer6 - ok
16:21:49.0986 5068 [ CFE870506361BAC80A549749116AD870 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
16:21:49.0988 5068 TermDD - ok
16:21:50.0032 5068 [ FAD71C1E8E4047B154E899AE31EB8CAA ] TermService C:\Windows\System32\termsrv.dll
16:21:50.0054 5068 TermService - ok
16:21:50.0113 5068 [ 8C80A73A5D77B2208CA91E4FA269981D ] TestHandler C:\firststeps\OnlineDiagnostic\TestManager\TestHandler.exe
16:21:50.0116 5068 TestHandler - ok
16:21:50.0131 5068 [ B264DFA21677728613267FE63802B332 ] Themes C:\Windows\system32\shsvcs.dll
16:21:50.0138 5068 Themes - ok
16:21:50.0149 5068 [ 9DFA3A459AF0954AA85B4F7622AD87BB ] THREADORDER C:\Windows\system32\mmcss.dll
16:21:50.0153 5068 THREADORDER - ok
16:21:50.0171 5068 [ 6BBA0582C0025D43729A1112D3B57897 ] TrkWks C:\Windows\System32\trkwks.dll
16:21:50.0178 5068 TrkWks - ok
16:21:50.0237 5068 [ 34E388A395FEDBA1D0511ED39BBF4074 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
16:21:50.0238 5068 TrustedInstaller - ok
16:21:50.0260 5068 [ 29F0ECA726F0D51F7E048BDB0B372F29 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
16:21:50.0262 5068 tssecsrv - ok
16:21:50.0328 5068 [ 82E6EBF3AA91C54B86F8A0C4A010BDBD ] TuneUp.Defrag C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe
16:21:50.0336 5068 TuneUp.Defrag - ok
16:21:50.0388 5068 [ D9230F155742E47EC7AD87FBCB070665 ] TuneUp.UtilitiesSvc C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
16:21:50.0421 5068 TuneUp.UtilitiesSvc - ok
16:21:50.0460 5068 [ F2107C9D85EC0DF116939CCCE06AE697 ] TuneUpUtilitiesDrv C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys
16:21:50.0462 5068 TuneUpUtilitiesDrv - ok
16:21:50.0507 5068 [ 65E953BC0084D44498B51F59784D2A82 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
16:21:50.0509 5068 tunmp - ok
16:21:50.0520 5068 [ 4A39BDA5E0FD30BDF4884F9D33AE6105 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
16:21:50.0522 5068 tunnel - ok
16:21:50.0555 5068 [ C3ADE15414120033A36C0F293D4A4121 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
16:21:50.0557 5068 uagp35 - ok
16:21:50.0580 5068 [ DEEA398A92952CCC421BA5B39662CABE ] udfs C:\Windows\system32\DRIVERS\udfs.sys
16:21:50.0586 5068 udfs - ok
16:21:50.0631 5068 [ 24A333F4F14DCFB6FF6D5A1B9E5D79DD ] UI0Detect C:\Windows\system32\UI0Detect.exe
16:21:50.0638 5068 UI0Detect - ok
16:21:50.0668 5068 [ 5895EF4D0F1424392EE6439250E25677 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
16:21:50.0670 5068 uliagpkx - ok
16:21:50.0701 5068 [ 3CD4EA35A6221B85DCC25DAA46313F8D ] uliahci C:\Windows\system32\drivers\uliahci.sys
16:21:50.0706 5068 uliahci - ok
16:21:50.0729 5068 [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata C:\Windows\system32\drivers\ulsata.sys
16:21:50.0732 5068 UlSata - ok
16:21:50.0760 5068 [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
16:21:50.0764 5068 ulsata2 - ok
16:21:50.0787 5068 [ DC8828971D997DE009647FCE59E0CE8F ] umbus C:\Windows\system32\DRIVERS\umbus.sys
16:21:50.0789 5068 umbus - ok
16:21:50.0814 5068 [ 8EB871A3DEB6B3D5A85EB6DDFC390B59 ] upnphost C:\Windows\System32\upnphost.dll
16:21:50.0825 5068 upnphost - ok
16:21:50.0862 5068 [ 3F795D59734259A00D385FBD65191BF4 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
16:21:50.0866 5068 usbccgp - ok
16:21:50.0878 5068 [ E9476E6C486E76BC4898074768FB7131 ] usbcir C:\Windows\system32\drivers\usbcir.sys
16:21:50.0881 5068 usbcir - ok
16:21:50.0912 5068 [ 5555F6DF13A1A1C327D67E9DA7B99AEE ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
16:21:50.0914 5068 usbehci - ok
16:21:50.0929 5068 [ 8DABB8CB47E0736930CF6492AED361A6 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
16:21:50.0934 5068 usbhub - ok
16:21:50.0959 5068 [ 38DBC7DD6CC5A72011F187425384388B ] usbohci C:\Windows\system32\drivers\usbohci.sys
16:21:50.0961 5068 usbohci - ok
16:21:51.0000 5068 [ B51E52ACF758BE00EF3A58EA452FE360 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
16:21:51.0002 5068 usbprint - ok
16:21:51.0060 5068 [ B1F95285C08DDFE00C0B955462637EC7 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
16:21:51.0062 5068 usbscan - ok
16:21:51.0105 5068 [ 7887CE56934E7F104E98C975F47353C5 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
16:21:51.0107 5068 USBSTOR - ok
16:21:51.0136 5068 [ 718FDF0B0F16E1D3B992F95EADF1AF75 ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
16:21:51.0137 5068 usbuhci - ok
16:21:51.0179 5068 [ 9392A75BB21F22391C28274DBCAAD410 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
16:21:51.0183 5068 usbvideo - ok
16:21:51.0226 5068 [ EF1DB5ED65199A8A75D06F965DF25F32 ] UxSms C:\Windows\System32\uxsms.dll
16:21:51.0232 5068 UxSms - ok
16:21:51.0268 5068 [ E3EA22C677D1F808D833862422D09702 ] UxTuneUp C:\Windows\System32\uxtuneup.dll
16:21:51.0275 5068 UxTuneUp - ok
16:21:51.0307 5068 [ C9D0BAFEE0D0A2681F048CA61BC0DA96 ] vds C:\Windows\System32\vds.exe
16:21:51.0328 5068 vds - ok
16:21:51.0373 5068 [ 7D92BE0028ECDEDEC74617009084B5EF ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
16:21:51.0375 5068 vga - ok
16:21:51.0403 5068 [ 17A8F877314E4067F8C8172CC6D9101C ] VgaSave C:\Windows\System32\drivers\vga.sys
16:21:51.0406 5068 VgaSave - ok
16:21:51.0444 5068 [ 66E64D5CBEB047C90E65F0962483A5B2 ] viaagp C:\Windows\system32\drivers\viaagp.sys
16:21:51.0446 5068 viaagp - ok
16:21:51.0474 5068 [ 56A4DE5F02F2E88182B0981119B4DD98 ] ViaC7 C:\Windows\system32\drivers\viac7.sys
16:21:51.0476 5068 ViaC7 - ok
16:21:51.0500 5068 [ 7100B56688C5D6D7695D18FD001F0CD6 ] viaide C:\Windows\system32\drivers\viaide.sys
16:21:51.0502 5068 viaide - ok
16:21:51.0527 5068 [ 7DC3E1DC6E4F8BE381C31BFEA578412A ] viamraid C:\Windows\system32\drivers\viamraid.sys
16:21:51.0530 5068 viamraid - ok
16:21:51.0558 5068 [ CC8A64A532FD2844EE68F4061ED8A7FD ] volmgr C:\Windows\system32\drivers\volmgr.sys
16:21:51.0561 5068 volmgr - ok
16:21:51.0576 5068 [ 294DA8D3F965F6A8DB934A83C7B461FF ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
16:21:51.0583 5068 volmgrx - ok
16:21:51.0603 5068 [ 11EF6C1CAEF76B685233450A126125D6 ] volsnap C:\Windows\system32\drivers\volsnap.sys
16:21:51.0608 5068 volsnap - ok
16:21:51.0630 5068 [ D984439746D42B30FC65A4C3546C6829 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
16:21:51.0633 5068 vsmraid - ok
16:21:51.0692 5068 [ E0E29D9EF2524ABD11749C7C2FD7F607 ] VSS C:\Windows\system32\vssvc.exe
16:21:51.0729 5068 VSS - ok
16:21:51.0756 5068 [ 62B0D0F6F5580D9D0DFA5E0B466FF2ED ] W32Time C:\Windows\system32\w32time.dll
16:21:51.0767 5068 W32Time - ok
16:21:51.0796 5068 [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
16:21:51.0798 5068 WacomPen - ok
16:21:51.0831 5068 [ 6798C1209A53B5A0DED8D437C45145FF ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
16:21:51.0834 5068 Wanarp - ok
16:21:51.0844 5068 [ 6798C1209A53B5A0DED8D437C45145FF ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
16:21:51.0847 5068 Wanarpv6 - ok
16:21:51.0868 5068 [ C1B19162E0509CEAB4CDF664E139D956 ] wcncsvc C:\Windows\System32\wcncsvc.dll
16:21:51.0879 5068 wcncsvc - ok
16:21:51.0895 5068 [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
16:21:51.0902 5068 WcsPlugInService - ok
16:21:51.0923 5068 [ AFC5AD65B991C1E205CF25CFDBF7A6F4 ] Wd C:\Windows\system32\drivers\wd.sys
16:21:51.0925 5068 Wd - ok
16:21:51.0954 5068 [ 7B5F66E4A2219C7D9DAF9E738480E534 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
16:21:51.0965 5068 Wdf01000 - ok
16:21:51.0983 5068 [ 2A424B89B14EF17A3D06BCB5A8F79601 ] WdiServiceHost C:\Windows\system32\wdi.dll
16:21:51.0989 5068 WdiServiceHost - ok
16:21:51.0994 5068 [ 2A424B89B14EF17A3D06BCB5A8F79601 ] WdiSystemHost C:\Windows\system32\wdi.dll
16:21:52.0001 5068 WdiSystemHost - ok
16:21:52.0025 5068 [ E6D41C3809FEE6473090F3200DF95680 ] WebClient C:\Windows\System32\webclnt.dll
16:21:52.0032 5068 WebClient - ok
16:21:52.0052 5068 [ 9CF67FF7F8D34CBF115D0C278B9F74AA ] Wecsvc C:\Windows\system32\wecsvc.dll
16:21:52.0059 5068 Wecsvc - ok
16:21:52.0074 5068 [ B68CAB45DB1DAB59D92ACADFAD6364A8 ] wercplsupport C:\Windows\System32\wercplsupport.dll
16:21:52.0082 5068 wercplsupport - ok
16:21:52.0095 5068 [ 36BA0707680EF4236FD752BEE982CC25 ] WerSvc C:\Windows\System32\WerSvc.dll
16:21:52.0104 5068 WerSvc - ok
16:21:52.0152 5068 [ 0D5AD0E71FF5DDAC5DD2F443B499ABD0 ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
16:21:52.0158 5068 WinDefend - ok
16:21:52.0172 5068 WinHttpAutoProxySvc - ok
16:21:52.0219 5068 [ 38A7B89DE4E3417C122317949667FDD8 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
16:21:52.0223 5068 Winmgmt - ok
16:21:52.0254 5068 [ 3F6823040030C3E4DA1CF11CD40B7534 ] WinRM C:\Windows\system32\WsmSvc.dll
16:21:52.0263 5068 WinRM - ok
16:21:52.0313 5068 [ B410476A00961BF3FC368A346D8EA6A7 ] Wlansvc C:\Windows\System32\wlansvc.dll
16:21:52.0322 5068 Wlansvc - ok
16:21:52.0349 5068 [ 17EAC0D023A65FA9B02114CC2BAACAD5 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
16:21:52.0351 5068 WmiAcpi - ok
16:21:52.0385 5068 [ A279323BEE5FFFAFDA222910BCE92132 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
16:21:52.0389 5068 wmiApSrv - ok
16:21:52.0466 5068 [ ACB2E63D50157E3EA7140F29D9E76A48 ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
16:21:52.0496 5068 WMPNetworkSvc - ok
16:21:52.0525 5068 [ 3D3B3B80C12ABE506F56930C46422C28 ] WPCSvc C:\Windows\System32\wpcsvc.dll
16:21:52.0535 5068 WPCSvc - ok
16:21:52.0555 5068 [ C24844A1D0D9528B19D5BC266B8CD572 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
16:21:52.0562 5068 WPDBusEnum - ok
16:21:52.0619 5068 [ 2D27171B16A577EF14C1273668753485 ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys
16:21:52.0621 5068 WpdUsb - ok
16:21:52.0655 5068 [ 84620AECDCFD2A7A14E6263927D8C0ED ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
16:21:52.0657 5068 ws2ifsl - ok
16:21:52.0678 5068 [ F97CBB919AF6D0A6643D1A59C15014D1 ] wscsvc C:\Windows\System32\wscsvc.dll
16:21:52.0684 5068 wscsvc - ok
16:21:52.0689 5068 WSearch - ok
16:21:52.0768 5068 [ 6298277B73C77FA99106B271A7525163 ] wuauserv C:\Windows\system32\wuaueng.dll
16:21:52.0788 5068 wuauserv - ok
16:21:52.0812 5068 [ EE0974D4042DA9CF4C569AC4ECA8C9C0 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
16:21:52.0815 5068 WUDFRd - ok
16:21:52.0832 5068 [ BCBF4873ECC317A6FC950E36383FC082 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
16:21:52.0840 5068 wudfsvc - ok
16:21:52.0863 5068 ZTEusbmdm6k - ok
16:21:52.0884 5068 ZTEusbnmea - ok
16:21:52.0896 5068 ZTEusbser6k - ok
16:21:52.0910 5068 ================ Scan global ===============================
16:21:52.0947 5068 [ 8CD98A8EC9CADAF4E051CDCAC15C96C4 ] C:\Windows\system32\basesrv.dll
16:21:52.0967 5068 [ E3F137ADC0A9D7F3A2E4F557272FE6B3 ] C:\Windows\system32\winsrv.dll
16:21:53.0001 5068 [ E3F137ADC0A9D7F3A2E4F557272FE6B3 ] C:\Windows\system32\winsrv.dll
16:21:53.0033 5068 [ 329CF3C97CE4C19375C8ABCABAE258B0 ] C:\Windows\system32\services.exe
16:21:53.0043 5068 [Global] - ok
16:21:53.0047 5068 ================ Scan MBR ==================================
16:21:53.0060 5068 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
16:21:53.0443 5068 \Device\Harddisk0\DR0 - ok
16:21:53.0446 5068 ================ Scan VBR ==================================
16:21:53.0450 5068 [ 53111F4321985347925FED138DF74E93 ] \Device\Harddisk0\DR0\Partition1
16:21:53.0452 5068 \Device\Harddisk0\DR0\Partition1 - ok
16:21:53.0481 5068 [ AF75E230717B96EFE6AC65236F47CE46 ] \Device\Harddisk0\DR0\Partition2
16:21:53.0483 5068 \Device\Harddisk0\DR0\Partition2 - ok
16:21:53.0487 5068 ============================================================
16:21:53.0487 5068 Scan finished
16:21:53.0487 5068 ============================================================
16:21:53.0500 3216 Detected object count: 0
16:21:53.0500 3216 Actual detected object count: 0
16:22:31.0818 1380 ============================================================
16:22:31.0818 1380 Scan started
16:22:31.0818 1380 Mode: Manual; SigCheck; TDLFS;
16:22:31.0818 1380 ============================================================
16:22:32.0058 1380 ================ Scan system memory ========================
16:22:32.0058 1380 System memory - ok
16:22:32.0059 1380 ================ Scan services =============================
16:22:32.0213 1380 [ 84FC6DF81212D16BE5C4F441682FECCC ] ACPI C:\Windows\system32\drivers\acpi.sys
16:22:32.0359 1380 ACPI - ok
16:22:32.0448 1380 [ 3FD8DC2C9735C2AA70155102CFB93EDA ] AdobeActiveFileMonitor7.0 C:\Program Files\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe
16:22:32.0460 1380 AdobeActiveFileMonitor7.0 - ok
16:22:32.0570 1380 [ B2B64AF436FACCFA854DD397027C5360 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
16:22:32.0589 1380 AdobeFlashPlayerUpdateSvc - ok
16:22:32.0637 1380 [ 2EDC5BBAC6C651ECE337BDE8ED97C9FB ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
16:22:32.0664 1380 adp94xx - ok
16:22:32.0726 1380 [ B84088CA3CDCA97DA44A984C6CE1CCAD ] adpahci C:\Windows\system32\drivers\adpahci.sys
16:22:32.0741 1380 adpahci - ok
16:22:32.0778 1380 [ 7880C67BCCC27C86FD05AA2AFB5EA469 ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
16:22:32.0790 1380 adpu160m - ok
16:22:32.0820 1380 [ 9AE713F8E30EFC2ABCCD84904333DF4D ] adpu320 C:\Windows\system32\drivers\adpu320.sys
16:22:32.0833 1380 adpu320 - ok
16:22:32.0864 1380 [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
16:22:32.0971 1380 AeLookupSvc - ok
16:22:33.0019 1380 [ 5D24CAF8EFD924A875698FF28384DB8B ] AFD C:\Windows\system32\drivers\afd.sys
16:22:33.0087 1380 AFD - ok
16:22:33.0109 1380 [ 198636E76971EBC96404547EC0FD5E75 ] agp440 C:\Windows\system32\drivers\agp440.sys
16:22:33.0123 1380 agp440 - ok
16:22:33.0149 1380 [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx C:\Windows\system32\drivers\djsvs.sys
16:22:33.0160 1380 aic78xx - ok
16:22:33.0176 1380 [ E69FB0E3112C40FDC0EF7D21A52DC951 ] ALG C:\Windows\System32\alg.exe
16:22:33.0207 1380 ALG - ok
16:22:33.0237 1380 [ 0B3B337A68D9A75CC8D787DC98B53D79 ] aliide C:\Windows\system32\drivers\aliide.sys
16:22:33.0251 1380 aliide - ok
16:22:33.0279 1380 [ 2363ABC8989A14FD7247CA6F4E89D397 ] amdagp C:\Windows\system32\drivers\amdagp.sys
16:22:33.0290 1380 amdagp - ok
16:22:33.0315 1380 [ 468A204966D09F327A662C35F4B15DD3 ] amdide C:\Windows\system32\drivers\amdide.sys
16:22:33.0326 1380 amdide - ok
16:22:33.0354 1380 [ DC487885BCEF9F28EECE6FAC0E5DDFC5 ] AmdK7 C:\Windows\system32\drivers\amdk7.sys
16:22:33.0426 1380 AmdK7 - ok
16:22:33.0447 1380 [ 0CA0071DA4315B00FC1328CA86B425DA ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
16:22:33.0519 1380 AmdK8 - ok
16:22:33.0554 1380 [ CFA455816879F06F1C4E5BBF9E8AEF7D ] Appinfo C:\Windows\System32\appinfo.dll
16:22:33.0616 1380 Appinfo - ok
16:22:33.0724 1380 [ 7EF47644B74EBE721CC32211D3C35E76 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
16:22:33.0733 1380 Apple Mobile Device - ok
16:22:33.0755 1380 [ 5F673180268BB1FDB69C99B6619FE379 ] arc C:\Windows\system32\drivers\arc.sys
16:22:33.0766 1380 arc - ok
16:22:33.0791 1380 [ 957F7540B5E7F602E44648C7DE5A1C05 ] arcsas C:\Windows\system32\drivers\arcsas.sys
16:22:33.0806 1380 arcsas - ok
16:22:33.0841 1380 [ F5DC168BF77572D51BE28BA261B30CB4 ] aswFsBlk C:\Windows\system32\drivers\aswFsBlk.sys
16:22:33.0890 1380 aswFsBlk - ok
16:22:33.0941 1380 [ F76E51561562AC4105DBBE53FC99BC10 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
16:22:33.0952 1380 aswMonFlt - ok
16:22:33.0972 1380 [ B7D5E4486BA658ED08624D8084ABB830 ] aswRdr C:\Windows\system32\drivers\aswRdr.sys
16:22:33.0983 1380 aswRdr - ok
16:22:34.0092 1380 [ 30E45AF8B4D83176CA850FC9699E860B ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
16:22:34.0128 1380 aswSnx - ok
16:22:34.0179 1380 [ F04BDBCB965C05C51F4A7DE7B62063D6 ] aswSP C:\Windows\system32\drivers\aswSP.sys
16:22:34.0195 1380 aswSP - ok
16:22:34.0212 1380 [ DFE9152ABFA89BB8CFDC057409B2D4DA ] aswTdi C:\Windows\system32\drivers\aswTdi.sys
16:22:34.0222 1380 aswTdi - ok
16:22:34.0259 1380 [ E86CF7CE67D5DE898F27EF884DC357D8 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
16:22:34.0331 1380 AsyncMac - ok
16:22:34.0374 1380 [ 0B77F93AB73798F97E8E0A0AA4CCBEEF ] atapi C:\Windows\system32\drivers\atapi.sys
16:22:34.0385 1380 atapi - ok
16:22:34.0478 1380 [ ADFD93663D3BAE4FADC19AD1AE519EE4 ] Ati External Event Utility C:\Windows\system32\Ati2evxx.exe
16:22:34.0523 1380 Ati External Event Utility - ok
16:22:34.0669 1380 [ 389A2668E0C0C6698A6B565632C7F43A ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys
16:22:34.0858 1380 atikmdag - ok
16:22:34.0900 1380 [ 0B5302314A77100A930249F0BE9AB2D2 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
16:22:34.0958 1380 AudioEndpointBuilder - ok
16:22:34.0978 1380 [ 0B5302314A77100A930249F0BE9AB2D2 ] Audiosrv C:\Windows\System32\Audiosrv.dll
16:22:35.0000 1380 Audiosrv - ok
16:22:35.0112 1380 [ 04AC21E821F259845BD7367CEE057290 ] avast! Antivirus C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
16:22:35.0131 1380 avast! Antivirus - ok
16:22:35.0157 1380 [ AC3DD1708B22761EBD7CBE14DCC3B5D7 ] Beep C:\Windows\system32\drivers\Beep.sys
16:22:35.0275 1380 Beep - ok
16:22:35.0310 1380 [ 96B73CC64BD905EA6CC4E44384ABD8C9 ] BFE C:\Windows\System32\bfe.dll
16:22:35.0363 1380 BFE - ok
16:22:35.0425 1380 [ DA551697E34D2B9943C8B1C8EAFFE89A ] BITS C:\Windows\System32\qmgr.dll
16:22:35.0492 1380 BITS - ok
16:22:35.0510 1380 blbdrive - ok
16:22:35.0583 1380 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
16:22:35.0614 1380 Bonjour Service - ok
16:22:35.0637 1380 [ 913CD06FBE9105CE6077E90FD4418561 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
16:22:35.0710 1380 bowser - ok
16:22:35.0728 1380 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
16:22:35.0873 1380 BrFiltLo - ok
16:22:35.0937 1380 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
16:22:36.0048 1380 BrFiltUp - ok
16:22:36.0082 1380 [ BEB6470532B7461D7BB426E3FACB424F ] Browser C:\Windows\System32\browser.dll
16:22:36.0155 1380 Browser - ok
16:22:36.0209 1380 [ B304E75CFF293029EDDF094246747113 ] Brserid C:\Windows\system32\drivers\brserid.sys
16:22:36.0292 1380 Brserid - ok
16:22:36.0310 1380 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
16:22:36.0398 1380 BrSerWdm - ok
16:22:36.0419 1380 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
16:22:36.0507 1380 BrUsbMdm - ok
16:22:36.0525 1380 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
16:22:36.0608 1380 BrUsbSer - ok
16:22:36.0627 1380 [ AD07C1EC6665B8B35741AB91200C6B68 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
16:22:36.0711 1380 BTHMODEM - ok
16:22:36.0773 1380 [ 6C3A437FC873C6F6A4FC620B6888CB86 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
16:22:36.0864 1380 cdfs - ok
16:22:36.0900 1380 [ 8D1866E61AF096AE8B582454F5E4D303 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
16:22:36.0982 1380 cdrom - ok
16:22:37.0030 1380 [ 0600E04315FE543802A379D5D23C8BE0 ] CertPropSvc C:\Windows\System32\certprop.dll
16:22:37.0092 1380 CertPropSvc - ok
16:22:37.0099 1380 [ DA8E0AFC7BAA226C538EF53AC2F90897 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
16:22:37.0156 1380 circlass - ok
16:22:37.0206 1380 [ 1B84FD0937D3B99AF9BA38DDFF3DAF54 ] CLFS C:\Windows\system32\CLFS.sys
16:22:37.0222 1380 CLFS - ok
16:22:37.0301 1380 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:22:37.0311 1380 clr_optimization_v2.0.50727_32 - ok
16:22:37.0345 1380 CLTNetCnService - ok
16:22:37.0373 1380 [ ED97AD3DF1B9005989EAF149BF06C821 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
16:22:37.0402 1380 CmBatt - ok
16:22:37.0430 1380 [ 2AC0C92B29EC21838F4CB46ADB26BCC0 ] cmdide C:\Windows\system32\drivers\cmdide.sys
16:22:37.0444 1380 cmdide - ok
16:22:37.0468 1380 [ 722936AFB75A7F509662B69B5632F48A ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
16:22:37.0488 1380 Compbatt - ok
16:22:37.0499 1380 COMSysApp - ok
16:22:37.0511 1380 [ 2A213AE086BBEC5E937553C7D9A2B22C ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
16:22:37.0532 1380 crcdisk - ok
16:22:37.0554 1380 [ 22A7F883508176489F559EE745B5BF5D ] Crusoe C:\Windows\system32\drivers\crusoe.sys
16:22:37.0633 1380 Crusoe - ok
16:22:37.0686 1380 [ 1C26FB097170A2A91066D1E3A24366E3 ] CryptSvc C:\Windows\system32\cryptsvc.dll
16:22:37.0740 1380 CryptSvc - ok
16:22:37.0786 1380 [ B1BB45E24717A7F790B4411C4446EF5E ] DcomLaunch C:\Windows\system32\rpcss.dll
16:22:37.0817 1380 DcomLaunch - ok
16:22:37.0834 1380 [ A7179DE59AE269AB70345527894CCD7C ] DfsC C:\Windows\system32\Drivers\dfsc.sys
16:22:37.0906 1380 DfsC - ok
16:22:37.0989 1380 [ E0D584AA76C7D845BA9F3A788260528F ] DFSR C:\Windows\system32\DFSR.exe
16:22:38.0138 1380 DFSR - ok
16:22:38.0181 1380 [ DC45739BC22D528D2B3E50D3F6761750 ] Dhcp C:\Windows\System32\dhcpcsvc.dll
16:22:38.0212 1380 Dhcp - ok
16:22:38.0223 1380 [ 841AF4C4D41D3E3B2F244E976B0F7963 ] disk C:\Windows\system32\drivers\disk.sys
16:22:38.0234 1380 disk - ok
16:22:38.0270 1380 [ 05D7E62FD2EABAD579EB4D0C29245EEC ] Dnscache C:\Windows\System32\dnsrslvr.dll
16:22:38.0285 1380 Dnscache - ok
16:22:38.0303 1380 [ 32A15AF277E287E5A3AAEC67EDDB258C ] dot3svc C:\Windows\System32\dot3svc.dll
16:22:38.0332 1380 dot3svc - ok
16:22:38.0386 1380 [ 57B2D433A08B95E4F1B53A919937F3E5 ] Dot4 C:\Windows\system32\DRIVERS\Dot4.sys
16:22:38.0476 1380 Dot4 - ok
16:22:38.0500 1380 [ D93FA484BB62FBE7E5EF335C5415D3CF ] Dot4Print C:\Windows\system32\DRIVERS\Dot4Prt.sys
16:22:38.0579 1380 Dot4Print - ok
16:22:38.0598 1380 [ 599742C4260FB3E8EDB3BE148B8CE856 ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys
16:22:38.0668 1380 dot4usb - ok
16:22:38.0696 1380 [ 032C90AD677BF7B7A8013D6087C7A921 ] DPS C:\Windows\system32\dps.dll
16:22:38.0730 1380 DPS - ok
16:22:38.0764 1380 [ EE472CD2C01F6F8E8AA1FA06FFEF61B6 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
16:22:38.0841 1380 drmkaud - ok
16:22:38.0877 1380 [ 2D13D9E98CAF6321F219B28921AF214C ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
16:22:38.0932 1380 DXGKrnl - ok
16:22:38.0968 1380 [ F88FB26547FD2CE6D0A5AF2985892C48 ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys
16:22:39.0040 1380 E1G60 - ok
16:22:39.0090 1380 [ 90A0A875642E18618010645311B4E89E ] EapHost C:\Windows\System32\eapsvc.dll
16:22:39.0162 1380 EapHost - ok
16:22:39.0188 1380 [ 38573398F734B71B06CD2411494F234A ] Ecache C:\Windows\system32\drivers\ecache.sys
16:22:39.0201 1380 Ecache - ok
16:22:39.0257 1380 [ 8EA277BDA2730C9B34ADD67CDD593D64 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
16:22:39.0289 1380 ehRecvr - ok
16:22:39.0309 1380 [ AD1870C8E5D6DD340C829E6074BF3C3F ] ehSched C:\Windows\ehome\ehsched.exe
16:22:39.0325 1380 ehSched - ok
16:22:39.0341 1380 [ C27C4EE8926E74AA72EFCAB24C5242C3 ] ehstart C:\Windows\ehome\ehstart.dll
16:22:39.0355 1380 ehstart - ok
16:22:39.0399 1380 [ E8F3F21A71720C84BCF423B80028359F ] elxstor C:\Windows\system32\drivers\elxstor.sys
16:22:39.0414 1380 elxstor - ok
16:22:39.0462 1380 [ 902CDDD9CD94AD1B4688D96FF8F2EDB8 ] EMDMgmt C:\Windows\system32\emdmgmt.dll
16:22:39.0501 1380 EMDMgmt - ok
16:22:39.0558 1380 [ 7B4971C3D43525175A4EA0D143E0412E ] EventSystem C:\Windows\system32\es.dll
16:22:39.0582 1380 EventSystem - ok
16:22:39.0588 1380 ewusbnet - ok
16:22:39.0618 1380 [ 84A317CB0B3954D3768CDCD018DBF670 ] fastfat C:\Windows\system32\drivers\fastfat.sys
16:22:39.0742 1380 fastfat - ok
16:22:39.0767 1380 [ 63BDADA84951B9C03E641800E176898A ] fdc C:\Windows\system32\DRIVERS\fdc.sys
16:22:39.0874 1380 fdc - ok
16:22:39.0890 1380 [ E43BCE1A77D6FD4ED5F8E0482B9E7DF1 ] fdPHost C:\Windows\system32\fdPHost.dll
16:22:39.0956 1380 fdPHost - ok
16:22:40.0058 1380 [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub C:\Windows\system32\fdrespub.dll
16:22:40.0117 1380 FDResPub - ok
16:22:40.0134 1380 [ 65773D6115C037FFD7EF8280AE85EB9D ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
16:22:40.0145 1380 FileInfo - ok
16:22:40.0195 1380 [ C226DD0DE060745F3E042F58DCF78402 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
16:22:40.0271 1380 Filetrace - ok
16:22:40.0339 1380 [ F76D04F7413B07DAA029F6520B64B4E8 ] FLEXnet Licensing Service C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
16:22:40.0405 1380 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - warning
16:22:40.0405 1380 FLEXnet Licensing Service - detected UnsignedFile.Multi.Generic (1)
16:22:40.0448 1380 [ 6603957EFF5EC62D25075EA8AC27DE68 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
16:22:40.0550 1380 flpydisk - ok
16:22:40.0605 1380 [ A6A8DA7AE4D53394AB22AC3AB6D3F5D3 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
16:22:40.0618 1380 FltMgr - ok
16:22:40.0720 1380 [ C9BE08664611DDAF98E2331E9288B00B ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
16:22:40.0729 1380 FontCache3.0.0.0 - ok
16:22:40.0805 1380 [ 6A4125EDBE6D5907D4B1E4514F1F5675 ] FSCLBaseUpdaterService C:\Program Files\Fujitsu Siemens Computers\FSCLounge\FSCWBaseUpdaterService\2\FSCWBaseUpdaterService.exe
16:22:40.0826 1380 FSCLBaseUpdaterService ( UnsignedFile.Multi.Generic ) - warning
16:22:40.0826 1380 FSCLBaseUpdaterService - detected UnsignedFile.Multi.Generic (1)
16:22:40.0946 1380 [ 66A078591208BAA210C7634B11EB392C ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
16:22:40.0969 1380 Fs_Rec - ok
16:22:41.0120 1380 [ 4E1CD0A45C50A8882616CAE5BF82F3C5 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
16:22:41.0134 1380 gagp30kx - ok
16:22:41.0303 1380 [ 8182FF89C65E4D38B2DE4BB0FB18564E ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
16:22:41.0311 1380 GEARAspiWDM - ok
16:22:41.0379 1380 [ AD0C777CD05A4CA30100000AB9B3E30B ] gpsvc C:\Windows\System32\gpsvc.dll
16:22:41.0410 1380 gpsvc - ok
16:22:41.0506 1380 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
16:22:41.0519 1380 gupdate - ok
16:22:41.0539 1380 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
16:22:41.0551 1380 gupdatem - ok
16:22:41.0588 1380 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
16:22:41.0603 1380 gusvc - ok
16:22:41.0649 1380 [ CB04C744BE0A61B1D648FAED182C3B59 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
16:22:41.0742 1380 HdAudAddService - ok
16:22:41.0775 1380 [ 0DB613A7E427B5663563677796FD5258 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
16:22:41.0806 1380 HDAudBus - ok
16:22:41.0828 1380 [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth C:\Windows\system32\drivers\hidbth.sys
16:22:41.0893 1380 HidBth - ok
16:22:41.0912 1380 [ F24393C44FDFE2E5E9F416FD3BDF98E2 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
16:22:41.0925 1380 HidIr - ok
16:22:41.0946 1380 [ 8FA640195279ACE21BEA91396A0054FC ] hidserv C:\Windows\system32\hidserv.dll
16:22:42.0007 1380 hidserv - ok
16:22:42.0019 1380 [ 01E7971E9F4BD6AC6A08DB52D0EA0418 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
16:22:42.0043 1380 HidUsb - ok
16:22:42.0070 1380 [ D40AA05E29BF6ED29B139F044B461E9B ] hkmsvc C:\Windows\system32\kmsvc.dll
16:22:42.0128 1380 hkmsvc - ok
16:22:42.0179 1380 [ DF353B401001246853763C4B7AAA6F50 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
16:22:42.0189 1380 HpCISSs - ok
16:22:42.0308 1380 [ 0A3C6AA4A9FC38C20BA4EAC2C3351C05 ] hpqcxs08 C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
16:22:42.0333 1380 hpqcxs08 ( UnsignedFile.Multi.Generic ) - warning
16:22:42.0333 1380 hpqcxs08 - detected UnsignedFile.Multi.Generic (1)
16:22:42.0366 1380 [ EE4C7A4CF2316701FFDE90F404520265 ] hpqddsvc C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
16:22:42.0375 1380 hpqddsvc ( UnsignedFile.Multi.Generic ) - warning
16:22:42.0375 1380 hpqddsvc - detected UnsignedFile.Multi.Generic (1)
16:22:42.0411 1380 [ 6F9CB6539A1B2508BD1C53D29334431A ] HPSLPSVC C:\Program Files\HP\Digital Imaging\bin\HPSLPSVC32.DLL
16:22:42.0462 1380 HPSLPSVC ( UnsignedFile.Multi.Generic ) - warning
16:22:42.0462 1380 HPSLPSVC - detected UnsignedFile.Multi.Generic (1)
16:22:42.0493 1380 [ 481B86E8939289F77FBCEA1B24CEC687 ] HTTP C:\Windows\system32\drivers\HTTP.sys
16:22:42.0523 1380 HTTP - ok
16:22:42.0536 1380 hwdatacard - ok
16:22:42.0548 1380 hwusbdev - ok
16:22:42.0592 1380 [ 324C2152FF2C61ABAE92D09F3CCA4D63 ] i2omp C:\Windows\system32\drivers\i2omp.sys
16:22:42.0603 1380 i2omp - ok
16:22:42.0618 1380 [ BEA9838CD25D36BEBA3F94386A761D60 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
16:22:42.0632 1380 i8042prt - ok
16:22:42.0679 1380 [ FD7F9D74C2B35DBDA400804A3F5ED5D8 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
16:22:42.0692 1380 iaStor - ok
16:22:42.0717 1380 [ C957BF4B5D80B46C5017BF0101E6C906 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
16:22:42.0731 1380 iaStorV - ok
16:22:42.0808 1380 [ 7B630ACAED64FEF0C3E1CF255CB56686 ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
16:22:42.0871 1380 idsvc - ok
16:22:42.0890 1380 [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp C:\Windows\system32\drivers\iirsp.sys
16:22:42.0903 1380 iirsp - ok
16:22:42.0951 1380 [ 4456E314E60177B03E5CBE64CD6A337E ] IKEEXT C:\Windows\System32\ikeext.dll
16:22:43.0007 1380 IKEEXT - ok
16:22:43.0127 1380 [ 4FA59A84069D9D0991BAE34CC4AFF99C ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
16:22:43.0253 1380 IntcAzAudAddService - ok
16:22:43.0275 1380 [ 4A6B4C4FAB7716C869FA9D19AC8CA5A5 ] intelide C:\Windows\system32\drivers\intelide.sys
16:22:43.0295 1380 intelide - ok
16:22:43.0320 1380 [ CE44CC04262F28216DD4341E9E36A16F ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
16:22:43.0437 1380 intelppm - ok
16:22:43.0568 1380 [ A6D67306A3E9E526A8AEFEB9680A90EA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
16:22:43.0584 1380 IPBusEnum - ok
16:22:43.0601 1380 [ 880C6F86CC3F551B8FEA2C11141268C0 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:22:43.0675 1380 IpFilterDriver - ok
16:22:43.0709 1380 [ ECC9AD72CFC4AB41CF6A9BCC11F9FEF6 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
16:22:43.0735 1380 iphlpsvc - ok
16:22:43.0740 1380 IpInIp - ok
16:22:43.0765 1380 [ 40F34F8ABA2A015D780E4B09138B6C17 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
16:22:43.0849 1380 IPMIDRV - ok
16:22:43.0924 1380 [ 10077C35845101548037DF04FD1A420B ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
16:22:43.0993 1380 IPNAT - ok
16:22:44.0091 1380 [ 49918803B661367023BF325CF602AFDC ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
16:22:44.0126 1380 iPod Service - ok
16:22:44.0175 1380 [ A82F328F4792304184642D6D397BB1E3 ] IRENUM C:\Windows\system32\drivers\irenum.sys
16:22:44.0297 1380 IRENUM - ok
16:22:44.0323 1380 [ CE2997A0C3B0049A3188C4F0C7A04BC9 ] isapnp C:\Windows\system32\drivers\isapnp.sys
16:22:44.0346 1380 isapnp - ok
16:22:44.0379 1380 [ 4DCA456D4D5723F8FA9C6760D240B0DF ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
16:22:44.0403 1380 iScsiPrt - ok
16:22:44.0427 1380 [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
16:22:44.0447 1380 iteatapi - ok
16:22:44.0480 1380 [ E4B04A0D8B237ECF026D849439F1BCCE ] itecir C:\Windows\system32\DRIVERS\itecir.sys
16:22:44.0520 1380 itecir - ok
16:22:44.0541 1380 [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid C:\Windows\system32\drivers\iteraid.sys
16:22:44.0561 1380 iteraid - ok
16:22:44.0584 1380 [ C1632FE31D1824A43DEA29725312E3FA ] JRAID C:\Windows\system32\drivers\jraid.sys
16:22:44.0611 1380 JRAID - ok
16:22:44.0632 1380 [ C9B0CF786D5F151A43C7BE8E243F2819 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
16:22:44.0654 1380 kbdclass - ok
16:22:44.0671 1380 [ 97AB2FB84E8E77D93CEE85550F4CF7F9 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
16:22:44.0697 1380 kbdhid - ok
16:22:44.0734 1380 [ D09A5DA84B7C9CA9B02EBCD7FAE41C8D ] KeyIso C:\Windows\system32\lsass.exe
16:22:44.0769 1380 KeyIso - ok
16:22:44.0810 1380 [ B6FAC1FF7D4A05C06DA9E53DBF5E9E7A ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
16:22:44.0855 1380 KSecDD - ok
16:22:44.0908 1380 [ 45C537FE5DDE9A0146AEFF76E615737D ] KtmRm C:\Windows\system32\msdtckrm.dll
16:22:45.0036 1380 KtmRm - ok
16:22:45.0235 1380 [ 53D1482FC1AA36AC015A85E6CF2146BD ] LanmanServer C:\Windows\system32\srvsvc.dll
16:22:45.0376 1380 LanmanServer - ok
16:22:45.0436 1380 [ 435F0F6DC87A4B5DA78F1FA309884189 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
16:22:45.0470 1380 LanmanWorkstation - ok
16:22:45.0523 1380 [ FD015B4F95DAA2B712F0E372A116FBAD ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
16:22:45.0594 1380 lltdio - ok
16:22:45.0643 1380 [ 7450DBCF754391DD6363FFFD5EF0E789 ] lltdsvc C:\Windows\System32\lltdsvc.dll
16:22:45.0728 1380 lltdsvc - ok
16:22:45.0749 1380 [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts C:\Windows\System32\lmhsvc.dll
16:22:45.0830 1380 lmhosts - ok
16:22:45.0852 1380 [ A2262FB9F28935E862B4DB46438C80D2 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
16:22:45.0867 1380 LSI_FC - ok
16:22:45.0908 1380 [ 30D73327D390F72A62F32C103DAF1D6D ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
16:22:45.0919 1380 LSI_SAS - ok
16:22:45.0962 1380 [ E1E36FEFD45849A95F1AB81DE0159FE3 ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
16:22:45.0973 1380 LSI_SCSI - ok
16:22:45.0997 1380 [ 42885BB44B6E065B8575A8DD6C430C52 ] luafv C:\Windows\system32\drivers\luafv.sys
16:22:46.0050 1380 luafv - ok
16:22:46.0192 1380 [ 65E794E86468B61F2BC79ABC48BC4433 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
16:22:46.0203 1380 MBAMProtector - ok
16:22:46.0534 1380 [ 0DCF16B1449811EFA47AB52CAC84093C ] MBAMScheduler C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
16:22:46.0565 1380 MBAMScheduler - ok
16:22:46.0626 1380 [ 9EAABA4D601004BEA4DAA6E146E19A96 ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
16:22:46.0671 1380 MBAMService - ok
16:22:46.0750 1380 [ 22A7776C5D8EB5930EDF9C8DD0884259 ] McComponentHostService C:\Program Files\McAfee Security Scan\3.0.207\McCHSvc.exe
16:22:46.0773 1380 McComponentHostService - ok
16:22:46.0832 1380 [ BF8426A8E3F3856389E26E94A8F1B588 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
16:22:46.0900 1380 Mcx2Svc - ok
16:22:46.0949 1380 [ D153B14FC6598EAE8422A2037553ADCE ] megasas C:\Windows\system32\drivers\megasas.sys
16:22:46.0969 1380 megasas - ok
16:22:46.0993 1380 [ 9DFA3A459AF0954AA85B4F7622AD87BB ] MMCSS C:\Windows\system32\mmcss.dll
16:22:47.0139 1380 MMCSS - ok
16:22:47.0167 1380 [ 21755967298A46FB6ADFEC9DB6012211 ] Modem C:\Windows\system32\drivers\modem.sys
16:22:47.0219 1380 Modem - ok
16:22:47.0256 1380 [ EE05F7A5E2CEFB275B08F3E3FCC2A8EB ] monitor C:\Windows\system32\DRIVERS\monitor.sys
16:22:47.0285 1380 monitor - ok
16:22:47.0291 1380 [ 4A00B3CF90AD075193CA5AEECE71154C ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
16:22:47.0302 1380 mouclass - ok
16:22:47.0319 1380 [ 8D9B701D716843C39E93B3432CB721FC ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
16:22:47.0333 1380 mouhid - ok
16:22:47.0378 1380 [ 01F1E5A3E4877C931CBB31613FEC16A6 ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
16:22:47.0388 1380 MountMgr - ok
16:22:47.0474 1380 [ CB8AF049AC9BE419A77ADAE288673359 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
16:22:47.0485 1380 MozillaMaintenance - ok
16:22:47.0518 1380 [ 583A41F26278D9E0EA548163D6139397 ] mpio C:\Windows\system32\drivers\mpio.sys
16:22:47.0529 1380 mpio - ok
16:22:47.0547 1380 [ 6E7A7F0C1193EE5648443FE2D4B789EC ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
16:22:47.0578 1380 mpsdrv - ok
16:22:47.0605 1380 [ 563ED845885C6A7C09A7715D8BD0585C ] MpsSvc C:\Windows\system32\mpssvc.dll
16:22:47.0661 1380 MpsSvc - ok
16:22:47.0683 1380 [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
16:22:47.0693 1380 Mraid35x - ok
16:22:47.0715 1380 [ 08F0C494A69CF3106EE7FFC48D8E5AC7 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
16:22:47.0731 1380 MRxDAV - ok
16:22:47.0769 1380 [ BBB0D31B477CFF3B4F737ED0367F635F ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
16:22:47.0804 1380 mrxsmb - ok
16:22:47.0828 1380 [ A6130566AC4178473B5DAC8F8F74407D ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:22:47.0859 1380 mrxsmb10 - ok
16:22:47.0885 1380 [ 3D475E770D3AB2D0C5E3E1386871F9DA ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:22:47.0913 1380 mrxsmb20 - ok
16:22:47.0942 1380 [ 13FA01D10C95762E3E191BB023DFA8CC ] msahci C:\Windows\system32\drivers\msahci.sys
16:22:47.0956 1380 msahci - ok
16:22:47.0980 1380 [ 3FC82A2AE4CC149165A94699183D3028 ] msdsm C:\Windows\system32\drivers\msdsm.sys
16:22:47.0996 1380 msdsm - ok
16:22:48.0034 1380 [ BC64A92D821EFEA8BAB8E8CAF1B668BC ] MSDTC C:\Windows\System32\msdtc.exe
16:22:48.0056 1380 MSDTC - ok
16:22:48.0080 1380 [ 729EAFEFD4E7417165F353A18DBE947D ] Msfs C:\Windows\system32\drivers\Msfs.sys
16:22:48.0162 1380 Msfs - ok
16:22:48.0182 1380 [ 0A64168B63535520ADFD6B959695404A ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
16:22:48.0196 1380 msisadrv - ok
16:22:48.0237 1380 [ 8ACF956D9154E893E789881430C12632 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
16:22:48.0332 1380 MSiSCSI - ok
16:22:48.0337 1380 msiserver - ok
16:22:48.0398 1380 [ 892CEDEFA7E0FFE7BE8DA651B651D047 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
16:22:48.0464 1380 MSKSSRV - ok
16:22:48.0480 1380 [ AE2CB1DA69B2676B4CEE2A501AF5871C ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
16:22:48.0539 1380 MSPCLOCK - ok
16:22:48.0554 1380 [ F910DA84FA90C44A3ADDB7CD874463FD ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
16:22:48.0607 1380 MSPQM - ok
16:22:48.0637 1380 [ 84571C0AE07647BA38D493F5F0015DF7 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
16:22:48.0649 1380 MsRPC - ok
16:22:48.0686 1380 [ E09CEDB1BCA303B7F6AE22F512E56969 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
16:22:48.0697 1380 mssmbios - ok
16:22:48.0714 1380 [ C826DD1373F38AFD9CA46EC3C436A14E ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
16:22:48.0776 1380 MSTEE - ok
16:22:48.0795 1380 [ FA7AA70050CF5E2D15DE00941E5665E5 ] Mup C:\Windows\system32\Drivers\mup.sys
16:22:48.0805 1380 Mup - ok
16:22:48.0837 1380 [ 1CDBB5D002FE2BC5300AA20550D8A52E ] napagent C:\Windows\system32\qagentRT.dll
16:22:48.0897 1380 napagent - ok
16:22:48.0942 1380 [ BE8C26E61BE5C5A49A6BABD17AEED1B7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
16:22:48.0964 1380 NativeWifiP - ok
16:22:49.0025 1380 [ 6E8DFFACE597629CEF5DF7D69217628F ] NDIS C:\Windows\system32\drivers\ndis.sys
16:22:49.0047 1380 NDIS - ok
16:22:49.0072 1380 [ 81659CDCBD0F9A9E07E6878AD8C78D3F ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
16:22:49.0090 1380 NdisTapi - ok
16:22:49.0107 1380 [ 5DE5EE546BF40838EBE0E01CB629DF64 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
16:22:49.0185 1380 Ndisuio - ok
16:22:49.0210 1380 [ 397402ADCBB8946223A1950101F6CD94 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
16:22:49.0278 1380 NdisWan - ok
16:22:49.0290 1380 [ 1B24FA907AF283199A81B3BB37E5E526 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
16:22:49.0315 1380 NDProxy - ok
16:22:49.0360 1380 [ 949941E4DE88DF1FAF49A4B3CFFB756F ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
16:22:49.0379 1380 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
16:22:49.0380 1380 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
16:22:49.0385 1380 [ 356DBB9F98E8DC1028DD3092FCEEB877 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
16:22:49.0438 1380 NetBIOS - ok
16:22:49.0461 1380 [ 231F6CCFDB7A604221F18FB0852C8560 ] netbt C:\Windows\system32\DRIVERS\netbt.sys
16:22:49.0478 1380 netbt - ok
16:22:49.0485 1380 [ D09A5DA84B7C9CA9B02EBCD7FAE41C8D ] Netlogon C:\Windows\system32\lsass.exe
16:22:49.0501 1380 Netlogon - ok
16:22:49.0544 1380 [ 90A4DAE28B94497F83BEA0F2A3B77092 ] Netman C:\Windows\System32\netman.dll
16:22:49.0621 1380 Netman - ok
16:22:49.0663 1380 [ 7C5C3D9CEEE838856B828AB6F98A2857 ] netprofm C:\Windows\System32\netprofm.dll
16:22:49.0734 1380 netprofm - ok
16:22:49.0791 1380 [ 0AD5876EF4E9EB77C8F93EB5B2FFF386 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
16:22:49.0802 1380 NetTcpPortSharing - ok
16:22:49.0880 1380 [ A15F219208843A5A210C8CB391384453 ] NETw3v32 C:\Windows\system32\DRIVERS\NETw3v32.sys
16:22:50.0001 1380 NETw3v32 - ok
|
|
24.09.2012, 21:06
| #20 |
| | Avast blockiert URL bei Google ChromeCode:
ATTFilter 16:22:50.0106 1380 [ 1D73499A6664B4DA05D750FF83FDB274 ] NETw4v32 C:\Windows\system32\DRIVERS\NETw4v32.sys
16:22:50.0218 1380 NETw4v32 - ok
16:22:50.0243 1380 [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
16:22:50.0257 1380 nfrd960 - ok
16:22:50.0291 1380 [ C424117A562F2DE37A42266894C79AEB ] NlaSvc C:\Windows\System32\nlasvc.dll
16:22:50.0348 1380 NlaSvc - ok
16:22:50.0423 1380 [ 7B273501C59D52978B761F82BEBADB06 ] NMIndexingService C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
16:22:50.0435 1380 NMIndexingService - ok
16:22:50.0448 1380 [ 4F9832BEB9FAFD8CEB0E541F1323B26E ] Npfs C:\Windows\system32\drivers\Npfs.sys
16:22:50.0510 1380 Npfs - ok
16:22:50.0530 1380 [ 23B8201A363DE0E649FC75EE9874DEE2 ] nsi C:\Windows\system32\nsisvc.dll
16:22:50.0586 1380 nsi - ok
16:22:50.0603 1380 [ B488DFEC274DE1FC9D653870EF2587BE ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
16:22:50.0659 1380 nsiproxy - ok
16:22:50.0737 1380 [ F08824715CA6076F5E73E005AB83B9C8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
16:22:50.0801 1380 Ntfs - ok
16:22:50.0840 1380 [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi C:\Windows\system32\drivers\ntrigdigi.sys
16:22:50.0948 1380 ntrigdigi - ok
16:22:50.0978 1380 [ EC5EFB3C60F1B624648344A328BCE596 ] Null C:\Windows\system32\drivers\Null.sys
16:22:51.0042 1380 Null - ok
16:22:51.0049 1380 [ E69E946F80C1C31C53003BFBF50CBB7C ] nvraid C:\Windows\system32\drivers\nvraid.sys
16:22:51.0060 1380 nvraid - ok
16:22:51.0088 1380 [ ED399014A8029DE02BA5AE01DA8CC9EE ] nvrd32 C:\Windows\system32\drivers\nvrd32.sys
16:22:51.0099 1380 nvrd32 - ok
16:22:51.0113 1380 [ 9E0BA19A28C498A6D323D065DB76DFFC ] nvstor C:\Windows\system32\drivers\nvstor.sys
16:22:51.0125 1380 nvstor - ok
16:22:51.0161 1380 [ 703E3A7093B0FAC0EEBADBB8E931ECAF ] nvstor32 C:\Windows\system32\drivers\nvstor32.sys
16:22:51.0170 1380 nvstor32 - ok
16:22:51.0199 1380 [ 925EB9E53ECA4473A2D156A02B7418E3 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
16:22:51.0212 1380 nv_agp - ok
16:22:51.0217 1380 NwlnkFlt - ok
16:22:51.0224 1380 NwlnkFwd - ok
16:22:51.0322 1380 [ 1F0E05DFF4F5A833168E49BE1256F002 ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
16:22:51.0347 1380 odserv - ok
16:22:51.0373 1380 [ BE32DA025A0BE1878F0EE8D6D9386CD5 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
16:22:51.0495 1380 ohci1394 - ok
16:22:51.0534 1380 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
16:22:51.0567 1380 ose - ok
16:22:51.0609 1380 [ 016D01D3B8FB976A193C7434BED8DCCF ] p2pimsvc C:\Windows\system32\p2psvc.dll
16:22:51.0640 1380 p2pimsvc - ok
16:22:51.0664 1380 [ 016D01D3B8FB976A193C7434BED8DCCF ] p2psvc C:\Windows\system32\p2psvc.dll
16:22:51.0694 1380 p2psvc - ok
16:22:51.0720 1380 [ 0FA9B5055484649D63C303FE404E5F4D ] Parport C:\Windows\system32\drivers\parport.sys
16:22:51.0789 1380 Parport - ok
16:22:51.0873 1380 [ 555A5B2C8022983BC7467BC925B222EE ] partmgr C:\Windows\system32\drivers\partmgr.sys
16:22:51.0884 1380 partmgr - ok
16:22:51.0927 1380 [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm C:\Windows\system32\drivers\parvdm.sys
16:22:51.0981 1380 Parvdm - ok
16:22:52.0004 1380 [ D8C5C215C932233A4F1D7F368F4E4E65 ] PcaSvc C:\Windows\System32\pcasvc.dll
16:22:52.0039 1380 PcaSvc - ok
16:22:52.0073 1380 [ A48C4D0ACC933F7A37E52AB0761811AD ] pci C:\Windows\system32\drivers\pci.sys
16:22:52.0086 1380 pci - ok
16:22:52.0120 1380 [ 353968946BCB766F6C5C01717686B382 ] pciide C:\Windows\system32\drivers\pciide.sys
16:22:52.0131 1380 pciide - ok
16:22:52.0174 1380 [ E6F3FB1B86AA519E7698AD05E58B04E5 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
16:22:52.0187 1380 pcmcia - ok
16:22:52.0234 1380 [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
16:22:52.0348 1380 PEAUTH - ok
16:22:52.0431 1380 [ CD05A38D166BEADE18030BAFC0C0A939 ] pla C:\Windows\system32\pla.dll
16:22:52.0575 1380 pla - ok
16:22:52.0607 1380 [ 747BB4C31F3B6E8D1B5ED0AD61518CB5 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
16:22:52.0629 1380 PlugPlay - ok
16:22:52.0666 1380 [ 2F4CA141A609CAF5C98F6E4760EF1B9B ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
16:22:52.0674 1380 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
16:22:52.0674 1380 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
16:22:52.0710 1380 [ 016D01D3B8FB976A193C7434BED8DCCF ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
16:22:52.0740 1380 PNRPAutoReg - ok
16:22:52.0800 1380 [ 016D01D3B8FB976A193C7434BED8DCCF ] PNRPsvc C:\Windows\system32\p2psvc.dll
16:22:52.0837 1380 PNRPsvc - ok
16:22:52.0863 1380 [ 5EBDEC613BD377CE9A85382BE5C6B83B ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
16:22:52.0920 1380 PolicyAgent - ok
16:22:52.0961 1380 [ C04DEC5ACE67C5247B150C4223970BB7 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
16:22:52.0994 1380 PptpMiniport - ok
16:22:53.0022 1380 [ 0E3CEF5D28B40CF273281D620C50700A ] Processor C:\Windows\system32\drivers\processr.sys
16:22:53.0112 1380 Processor - ok
16:22:53.0148 1380 [ 8B8E8F4734C5C576E3B910DB73756CF1 ] ProfSvc C:\Windows\system32\profsvc.dll
16:22:53.0183 1380 ProfSvc - ok
16:22:53.0201 1380 [ D09A5DA84B7C9CA9B02EBCD7FAE41C8D ] ProtectedStorage C:\Windows\system32\lsass.exe
16:22:53.0218 1380 ProtectedStorage - ok
16:22:53.0229 1380 [ 2C8BAE55247C4E09352E870292E4D1AB ] PSched C:\Windows\system32\DRIVERS\pacer.sys
16:22:53.0243 1380 PSched - ok
16:22:53.0253 1380 [ D86B4A68565E444D76457F14172C875A ] PxHelp20 C:\Windows\system32\Drivers\PxHelp20.sys
16:22:53.0262 1380 PxHelp20 - ok
16:22:53.0298 1380 [ CCDAC889326317792480C0A67156A1EC ] ql2300 C:\Windows\system32\drivers\ql2300.sys
16:22:53.0343 1380 ql2300 - ok
16:22:53.0364 1380 [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
16:22:53.0376 1380 ql40xx - ok
16:22:53.0398 1380 [ CA61BDFD3713A7CE75F2812AFC431594 ] QWAVE C:\Windows\system32\qwave.dll
16:22:53.0430 1380 QWAVE - ok
16:22:53.0443 1380 [ D2B3E2B7426DC23E185FBC73C8936C12 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
16:22:53.0469 1380 QWAVEdrv - ok
16:22:53.0488 1380 [ BD7B30F55B3649506DD8B3D38F571D2A ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
16:22:53.0541 1380 RasAcd - ok
16:22:53.0555 1380 [ F14F4AAB9F54D099FE99192BDB100AC9 ] RasAuto C:\Windows\System32\rasauto.dll
16:22:53.0627 1380 RasAuto - ok
16:22:53.0646 1380 [ 68B0019FEE429EC49D29017AF937E482 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
16:22:53.0690 1380 Rasl2tp - ok
16:22:53.0715 1380 [ 6A43A313B384CA0B1ACCBA47EE504764 ] RasMan C:\Windows\System32\rasmans.dll
16:22:53.0735 1380 RasMan - ok
16:22:53.0749 1380 [ CCF4E9C6CBBAC81437F88CB2AE0B6C96 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
16:22:53.0803 1380 RasPppoe - ok
16:22:53.0828 1380 [ 54129C5D9581BBEC8BD1EBD3BA813F47 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
16:22:53.0884 1380 rdbss - ok
16:22:53.0897 1380 [ 794585276B5D7FCA9F3FC15543F9F0B9 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
16:22:53.0952 1380 RDPCDD - ok
16:22:53.0981 1380 [ 87EE019FE9FBFF071D76CCF9EC794646 ] rdpdr C:\Windows\system32\drivers\rdpdr.sys
16:22:54.0013 1380 rdpdr - ok
16:22:54.0018 1380 [ 980B56E2E273E19D3A9D72D5C420F008 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
16:22:54.0070 1380 RDPENCDD - ok
16:22:54.0094 1380 [ E2AFAC98FC6CA2AD2D09F2DE1BC71AD9 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
16:22:54.0122 1380 RDPWD - ok
16:22:54.0140 1380 [ 6C1A43C589EE8011A1EBFD51C01B77CE ] RemoteAccess C:\Windows\System32\mprdim.dll
16:22:54.0195 1380 RemoteAccess - ok
16:22:54.0226 1380 [ 9A043808667C8C1893DA7275AF373F0E ] RemoteRegistry C:\Windows\system32\regsvc.dll
16:22:54.0283 1380 RemoteRegistry - ok
16:22:54.0346 1380 [ C1C132455200AD4704142442C89D0FA4 ] RichVideo C:\Program Files\CyberLink\Shared Files\RichVideo.exe
16:22:54.0354 1380 RichVideo ( UnsignedFile.Multi.Generic ) - warning
16:22:54.0354 1380 RichVideo - detected UnsignedFile.Multi.Generic (1)
16:22:54.0382 1380 [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator C:\Windows\system32\locator.exe
16:22:54.0414 1380 RpcLocator - ok
16:22:54.0442 1380 [ B1BB45E24717A7F790B4411C4446EF5E ] RpcSs C:\Windows\system32\rpcss.dll
16:22:54.0471 1380 RpcSs - ok
16:22:54.0509 1380 [ 97E939D2128FEC5D5A3E6E79B290A2F4 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
16:22:54.0564 1380 rspndr - ok
16:22:54.0604 1380 [ 904FD29EC1FF2709099AE2CD1C09A913 ] RTL8169 C:\Windows\system32\DRIVERS\Rtlh86.sys
16:22:54.0643 1380 RTL8169 - ok
16:22:54.0659 1380 [ D09A5DA84B7C9CA9B02EBCD7FAE41C8D ] SamSs C:\Windows\system32\lsass.exe
16:22:54.0677 1380 SamSs - ok
16:22:54.0698 1380 [ 3CE8F073A557E172B330109436984E30 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
16:22:54.0710 1380 sbp2port - ok
16:22:54.0763 1380 [ 565B4B9E5AD2F2F18A4F8AAFA6C06BBB ] SCardSvr C:\Windows\System32\SCardSvr.dll
16:22:54.0840 1380 SCardSvr - ok
16:22:54.0873 1380 [ BF17DA9F25A4F84C2577AC13EE126CB7 ] Schedule C:\Windows\system32\schedsvc.dll
16:22:54.0904 1380 Schedule - ok
16:22:54.0921 1380 [ 0600E04315FE543802A379D5D23C8BE0 ] SCPolicySvc C:\Windows\System32\certprop.dll
16:22:54.0976 1380 SCPolicySvc - ok
16:22:54.0983 1380 [ F7B6BF02240D0A764ADF8C8966735552 ] SDRSVC C:\Windows\System32\SDRSVC.dll
16:22:55.0001 1380 SDRSVC - ok
16:22:55.0025 1380 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
16:22:55.0096 1380 secdrv - ok
16:22:55.0122 1380 [ 8388C4133DDBE62AD7BC3EC9F14271ED ] seclogon C:\Windows\system32\seclogon.dll
16:22:55.0185 1380 seclogon - ok
16:22:55.0196 1380 [ 34350AE2C1D33D21C7305F861BD8DAD8 ] SENS C:\Windows\System32\sens.dll
16:22:55.0267 1380 SENS - ok
16:22:55.0283 1380 [ 68E44E331D46F0FB38F0863A84CD1A31 ] Serenum C:\Windows\system32\drivers\serenum.sys
16:22:55.0349 1380 Serenum - ok
16:22:55.0376 1380 [ C70D69A918B178D3C3B06339B40C2E1B ] Serial C:\Windows\system32\drivers\serial.sys
16:22:55.0431 1380 Serial - ok
16:22:55.0447 1380 [ 2BAF2ABC0DA0D50EBE8289C720977052 ] sermouse C:\Windows\system32\drivers\sermouse.sys
16:22:55.0478 1380 sermouse - ok
16:22:55.0506 1380 [ 78878235DA4DF0D116E86837A0A21DF8 ] SessionEnv C:\Windows\system32\sessenv.dll
16:22:55.0571 1380 SessionEnv - ok
16:22:55.0577 1380 [ 55B145D4248012D306DA8E92FA9FDC20 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
16:22:55.0591 1380 sffdisk - ok
16:22:55.0599 1380 [ B86DFCD55294A0495571A27B861E6EF3 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
16:22:55.0618 1380 sffp_mmc - ok
16:22:55.0631 1380 [ 5B327B59FAE2B01C34690D91ED03786E ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
16:22:55.0652 1380 sffp_sd - ok
16:22:55.0659 1380 [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
16:22:55.0713 1380 sfloppy - ok
16:22:55.0749 1380 [ 9A82BF4C90B00A63150A606A1E2FD82B ] SharedAccess C:\Windows\System32\ipnathlp.dll
16:22:55.0768 1380 SharedAccess - ok
16:22:55.0820 1380 [ B264DFA21677728613267FE63802B332 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
16:22:55.0861 1380 ShellHWDetection - ok
16:22:55.0891 1380 [ E5773C4CFF310D00A59DB01EF4074135 ] sisagp C:\Windows\system32\drivers\sisagp.sys
16:22:55.0902 1380 sisagp - ok
16:22:55.0922 1380 [ CEDD6F4E7D84E9F98B34B3FE988373AA ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
16:22:55.0932 1380 SiSRaid2 - ok
16:22:55.0959 1380 [ DF843C528C4F69D12CE41CE462E973A7 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
16:22:55.0970 1380 SiSRaid4 - ok
16:22:56.0035 1380 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
16:22:56.0045 1380 SkypeUpdate - ok
16:22:56.0141 1380 [ A1DCD30534835CB67733AD00175125A6 ] slsvc C:\Windows\system32\SLsvc.exe
16:22:56.0269 1380 slsvc - ok
16:22:56.0299 1380 [ 56DA296E7B376A727E7BDC5AC7FBEE02 ] SLUINotify C:\Windows\system32\SLUINotify.dll
16:22:56.0317 1380 SLUINotify - ok
16:22:56.0326 1380 [ 46BAF398809A0F3B2D3300A1760E4B91 ] Smb C:\Windows\system32\DRIVERS\smb.sys
16:22:56.0351 1380 Smb - ok
16:22:56.0397 1380 [ C8A58FC905C9184FA70E37F71060C64D ] smserial C:\Windows\system32\DRIVERS\smserial.sys
16:22:56.0505 1380 smserial - ok
16:22:56.0521 1380 [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
16:22:56.0557 1380 SNMPTRAP - ok
16:22:56.0579 1380 [ 426F9B029AA9162CECCF65369457D046 ] spldr C:\Windows\system32\drivers\spldr.sys
16:22:56.0589 1380 spldr - ok
16:22:56.0613 1380 [ DA612EF2556776DF2630B68BF2D48935 ] Spooler C:\Windows\System32\spoolsv.exe
16:22:56.0633 1380 Spooler - ok
16:22:56.0664 1380 [ 081BE0D7A95AF38D2AA238AFCFC103AA ] srv C:\Windows\system32\DRIVERS\srv.sys
16:22:56.0712 1380 srv - ok
16:22:56.0769 1380 [ 6971A757AF8CB5E2CBCBB76CC530DB6C ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
16:22:56.0800 1380 srv2 - ok
16:22:56.0808 1380 [ 3D2CA9F958FB6E28447DA61F65B9DEBA ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
16:22:56.0837 1380 srvnet - ok
16:22:56.0857 1380 [ 8D3E4BAFF8B3997138C38EB1B600519A ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
16:22:56.0916 1380 SSDPSRV - ok
16:22:56.0974 1380 [ DF5C19F053EFF7F8BA25D73AEA899656 ] ssm_bus C:\Windows\system32\DRIVERS\ssm_bus.sys
16:22:57.0003 1380 ssm_bus - ok
16:22:57.0031 1380 [ 7A95B5DEB594616F1693486B8161411E ] StillCam C:\Windows\system32\DRIVERS\serscan.sys
16:22:57.0083 1380 StillCam - ok
16:22:57.0129 1380 [ A941E099EF46E3CC12F898CBE1C39910 ] stisvc C:\Windows\System32\wiaservc.dll
16:22:57.0159 1380 stisvc - ok
16:22:57.0187 1380 [ 9C539AAFFB0B6D7BCE984C74317FF29F ] swenum C:\Windows\system32\DRIVERS\swenum.sys
16:22:57.0201 1380 swenum - ok
16:22:57.0214 1380 [ 749ADA8D6C18A08ADFEDE69CBF5DB2E0 ] swprv C:\Windows\System32\swprv.dll
16:22:57.0303 1380 swprv - ok
16:22:57.0329 1380 [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
16:22:57.0343 1380 Symc8xx - ok
16:22:57.0377 1380 [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
16:22:57.0391 1380 Sym_hi - ok
16:22:57.0417 1380 [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
16:22:57.0431 1380 Sym_u3 - ok
16:22:57.0461 1380 [ 8F2B5FEDE18BD3C4C926CBF88E6F1264 ] SysMain C:\Windows\system32\sysmain.dll
16:22:57.0496 1380 SysMain - ok
16:22:57.0521 1380 [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll
16:22:57.0559 1380 TabletInputService - ok
16:22:57.0583 1380 [ 9C574F1879936F5761F5322A5962E4F1 ] TapiSrv C:\Windows\System32\tapisrv.dll
16:22:57.0611 1380 TapiSrv - ok
16:22:57.0635 1380 [ 68FA52794AE9ACC61BDE16FE0956B414 ] TBS C:\Windows\System32\tbssvc.dll
16:22:57.0701 1380 TBS - ok
16:22:57.0748 1380 [ 2C1F7005AA3B62721BFDB307BD5F5010 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
16:22:57.0779 1380 Tcpip - ok
16:22:57.0825 1380 [ 2C1F7005AA3B62721BFDB307BD5F5010 ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
16:22:57.0857 1380 Tcpip6 - ok
16:22:57.0889 1380 [ 5CE0C4A7B12D0067DAD527D72B68C726 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
16:22:57.0949 1380 tcpipreg - ok
16:22:57.0976 1380 [ 964248AEF49C31FA6A93201A73FFAF50 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
16:22:58.0029 1380 TDPIPE - ok
16:22:58.0055 1380 [ 7D2C1AE1648A60FCE4AA0F7982E419D3 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
16:22:58.0121 1380 TDTCP - ok
16:22:58.0143 1380 [ 7973F7239486800CD79E4FDBAB6A07DF ] tdx C:\Windows\system32\DRIVERS\tdx.sys
16:22:58.0157 1380 tdx - ok
16:22:58.0275 1380 [ 0835A6C3C951A440AD03FB3DAB953D16 ] TeamViewer6 C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe
16:22:58.0382 1380 TeamViewer6 - ok
16:22:58.0412 1380 [ CFE870506361BAC80A549749116AD870 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
16:22:58.0427 1380 TermDD - ok
16:22:58.0469 1380 [ FAD71C1E8E4047B154E899AE31EB8CAA ] TermService C:\Windows\System32\termsrv.dll
16:22:58.0535 1380 TermService - ok
16:22:58.0595 1380 [ 8C80A73A5D77B2208CA91E4FA269981D ] TestHandler C:\firststeps\OnlineDiagnostic\TestManager\TestHandler.exe
16:22:58.0603 1380 TestHandler ( UnsignedFile.Multi.Generic ) - warning
16:22:58.0603 1380 TestHandler - detected UnsignedFile.Multi.Generic (1)
16:22:58.0625 1380 [ B264DFA21677728613267FE63802B332 ] Themes C:\Windows\system32\shsvcs.dll
16:22:58.0648 1380 Themes - ok
16:22:58.0664 1380 [ 9DFA3A459AF0954AA85B4F7622AD87BB ] THREADORDER C:\Windows\system32\mmcss.dll
16:22:58.0739 1380 THREADORDER - ok
16:22:58.0764 1380 [ 6BBA0582C0025D43729A1112D3B57897 ] TrkWks C:\Windows\System32\trkwks.dll
16:22:58.0858 1380 TrkWks - ok
16:22:58.0942 1380 [ 34E388A395FEDBA1D0511ED39BBF4074 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
16:22:58.0963 1380 TrustedInstaller - ok
16:22:58.0987 1380 [ 29F0ECA726F0D51F7E048BDB0B372F29 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
16:22:59.0040 1380 tssecsrv - ok
16:22:59.0099 1380 [ 82E6EBF3AA91C54B86F8A0C4A010BDBD ] TuneUp.Defrag C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe
16:22:59.0118 1380 TuneUp.Defrag - ok
16:22:59.0192 1380 [ D9230F155742E47EC7AD87FBCB070665 ] TuneUp.UtilitiesSvc C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
16:22:59.0227 1380 TuneUp.UtilitiesSvc - ok
16:22:59.0254 1380 [ F2107C9D85EC0DF116939CCCE06AE697 ] TuneUpUtilitiesDrv C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys
16:22:59.0262 1380 TuneUpUtilitiesDrv - ok
16:22:59.0312 1380 [ 65E953BC0084D44498B51F59784D2A82 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
16:22:59.0331 1380 tunmp - ok
16:22:59.0339 1380 [ 4A39BDA5E0FD30BDF4884F9D33AE6105 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
16:22:59.0375 1380 tunnel - ok
16:22:59.0404 1380 [ C3ADE15414120033A36C0F293D4A4121 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
16:22:59.0418 1380 uagp35 - ok
16:22:59.0452 1380 [ DEEA398A92952CCC421BA5B39662CABE ] udfs C:\Windows\system32\DRIVERS\udfs.sys
16:22:59.0490 1380 udfs - ok
16:22:59.0524 1380 [ 24A333F4F14DCFB6FF6D5A1B9E5D79DD ] UI0Detect C:\Windows\system32\UI0Detect.exe
16:22:59.0548 1380 UI0Detect - ok
16:22:59.0572 1380 [ 5895EF4D0F1424392EE6439250E25677 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
16:22:59.0584 1380 uliagpkx - ok
16:22:59.0605 1380 [ 3CD4EA35A6221B85DCC25DAA46313F8D ] uliahci C:\Windows\system32\drivers\uliahci.sys
16:22:59.0619 1380 uliahci - ok
16:22:59.0645 1380 [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata C:\Windows\system32\drivers\ulsata.sys
16:22:59.0656 1380 UlSata - ok
16:22:59.0676 1380 [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
16:22:59.0688 1380 ulsata2 - ok
16:22:59.0703 1380 [ DC8828971D997DE009647FCE59E0CE8F ] umbus C:\Windows\system32\DRIVERS\umbus.sys
16:22:59.0718 1380 umbus - ok
16:22:59.0741 1380 [ 8EB871A3DEB6B3D5A85EB6DDFC390B59 ] upnphost C:\Windows\System32\upnphost.dll
16:22:59.0807 1380 upnphost - ok
16:22:59.0867 1380 [ 3F795D59734259A00D385FBD65191BF4 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
16:22:59.0901 1380 usbccgp - ok
16:22:59.0950 1380 [ E9476E6C486E76BC4898074768FB7131 ] usbcir C:\Windows\system32\drivers\usbcir.sys
16:23:00.0044 1380 usbcir - ok
16:23:00.0072 1380 [ 5555F6DF13A1A1C327D67E9DA7B99AEE ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
16:23:00.0091 1380 usbehci - ok
16:23:00.0134 1380 [ 8DABB8CB47E0736930CF6492AED361A6 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
16:23:00.0155 1380 usbhub - ok
16:23:00.0186 1380 [ 38DBC7DD6CC5A72011F187425384388B ] usbohci C:\Windows\system32\drivers\usbohci.sys
16:23:00.0256 1380 usbohci - ok
16:23:00.0283 1380 [ B51E52ACF758BE00EF3A58EA452FE360 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
16:23:00.0372 1380 usbprint - ok
16:23:00.0410 1380 [ B1F95285C08DDFE00C0B955462637EC7 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
16:23:00.0493 1380 usbscan - ok
16:23:00.0521 1380 [ 7887CE56934E7F104E98C975F47353C5 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
16:23:00.0540 1380 USBSTOR - ok
16:23:00.0574 1380 [ 718FDF0B0F16E1D3B992F95EADF1AF75 ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
16:23:00.0592 1380 usbuhci - ok
16:23:00.0629 1380 [ 9392A75BB21F22391C28274DBCAAD410 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
16:23:00.0670 1380 usbvideo - ok
16:23:00.0698 1380 [ EF1DB5ED65199A8A75D06F965DF25F32 ] UxSms C:\Windows\System32\uxsms.dll
16:23:00.0723 1380 UxSms - ok
16:23:00.0751 1380 [ E3EA22C677D1F808D833862422D09702 ] UxTuneUp C:\Windows\System32\uxtuneup.dll
16:23:00.0767 1380 UxTuneUp - ok
16:23:00.0791 1380 [ C9D0BAFEE0D0A2681F048CA61BC0DA96 ] vds C:\Windows\System32\vds.exe
16:23:00.0849 1380 vds - ok
16:23:00.0901 1380 [ 7D92BE0028ECDEDEC74617009084B5EF ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
16:23:00.0973 1380 vga - ok
16:23:00.0998 1380 [ 17A8F877314E4067F8C8172CC6D9101C ] VgaSave C:\Windows\System32\drivers\vga.sys
16:23:01.0069 1380 VgaSave - ok
16:23:01.0105 1380 [ 66E64D5CBEB047C90E65F0962483A5B2 ] viaagp C:\Windows\system32\drivers\viaagp.sys
16:23:01.0121 1380 viaagp - ok
16:23:01.0146 1380 [ 56A4DE5F02F2E88182B0981119B4DD98 ] ViaC7 C:\Windows\system32\drivers\viac7.sys
16:23:01.0209 1380 ViaC7 - ok
16:23:01.0228 1380 [ 7100B56688C5D6D7695D18FD001F0CD6 ] viaide C:\Windows\system32\drivers\viaide.sys
16:23:01.0239 1380 viaide - ok
16:23:01.0277 1380 [ 7DC3E1DC6E4F8BE381C31BFEA578412A ] viamraid C:\Windows\system32\drivers\viamraid.sys
16:23:01.0290 1380 viamraid - ok
16:23:01.0309 1380 [ CC8A64A532FD2844EE68F4061ED8A7FD ] volmgr C:\Windows\system32\drivers\volmgr.sys
16:23:01.0320 1380 volmgr - ok
16:23:01.0330 1380 [ 294DA8D3F965F6A8DB934A83C7B461FF ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
16:23:01.0346 1380 volmgrx - ok
16:23:01.0364 1380 [ 11EF6C1CAEF76B685233450A126125D6 ] volsnap C:\Windows\system32\drivers\volsnap.sys
16:23:01.0378 1380 volsnap - ok
16:23:01.0389 1380 [ D984439746D42B30FC65A4C3546C6829 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
16:23:01.0401 1380 vsmraid - ok
16:23:01.0454 1380 [ E0E29D9EF2524ABD11749C7C2FD7F607 ] VSS C:\Windows\system32\vssvc.exe
16:23:01.0520 1380 VSS - ok
16:23:01.0551 1380 [ 62B0D0F6F5580D9D0DFA5E0B466FF2ED ] W32Time C:\Windows\system32\w32time.dll
16:23:01.0612 1380 W32Time - ok
16:23:01.0635 1380 [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
16:23:01.0705 1380 WacomPen - ok
16:23:01.0726 1380 [ 6798C1209A53B5A0DED8D437C45145FF ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
16:23:01.0740 1380 Wanarp - ok
16:23:01.0746 1380 [ 6798C1209A53B5A0DED8D437C45145FF ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
16:23:01.0760 1380 Wanarpv6 - ok
16:23:01.0785 1380 [ C1B19162E0509CEAB4CDF664E139D956 ] wcncsvc C:\Windows\System32\wcncsvc.dll
16:23:01.0817 1380 wcncsvc - ok
16:23:01.0834 1380 [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
16:23:01.0892 1380 WcsPlugInService - ok
16:23:01.0907 1380 [ AFC5AD65B991C1E205CF25CFDBF7A6F4 ] Wd C:\Windows\system32\drivers\wd.sys
16:23:01.0917 1380 Wd - ok
16:23:01.0971 1380 [ 7B5F66E4A2219C7D9DAF9E738480E534 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
16:23:01.0994 1380 Wdf01000 - ok
16:23:02.0033 1380 [ 2A424B89B14EF17A3D06BCB5A8F79601 ] WdiServiceHost C:\Windows\system32\wdi.dll
16:23:02.0054 1380 WdiServiceHost - ok
16:23:02.0059 1380 [ 2A424B89B14EF17A3D06BCB5A8F79601 ] WdiSystemHost C:\Windows\system32\wdi.dll
16:23:02.0082 1380 WdiSystemHost - ok
16:23:02.0110 1380 [ E6D41C3809FEE6473090F3200DF95680 ] WebClient C:\Windows\System32\webclnt.dll
16:23:02.0131 1380 WebClient - ok
16:23:02.0147 1380 [ 9CF67FF7F8D34CBF115D0C278B9F74AA ] Wecsvc C:\Windows\system32\wecsvc.dll
16:23:02.0206 1380 Wecsvc - ok
16:23:02.0225 1380 [ B68CAB45DB1DAB59D92ACADFAD6364A8 ] wercplsupport C:\Windows\System32\wercplsupport.dll
16:23:02.0297 1380 wercplsupport - ok
16:23:02.0313 1380 [ 36BA0707680EF4236FD752BEE982CC25 ] WerSvc C:\Windows\System32\WerSvc.dll
16:23:02.0384 1380 WerSvc - ok
16:23:02.0437 1380 [ 0D5AD0E71FF5DDAC5DD2F443B499ABD0 ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
16:23:02.0453 1380 WinDefend - ok
16:23:02.0462 1380 WinHttpAutoProxySvc - ok
16:23:02.0503 1380 [ 38A7B89DE4E3417C122317949667FDD8 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
16:23:02.0566 1380 Winmgmt - ok
16:23:02.0594 1380 [ 3F6823040030C3E4DA1CF11CD40B7534 ] WinRM C:\Windows\system32\WsmSvc.dll
16:23:02.0682 1380 WinRM - ok
16:23:02.0732 1380 [ B410476A00961BF3FC368A346D8EA6A7 ] Wlansvc C:\Windows\System32\wlansvc.dll
16:23:02.0770 1380 Wlansvc - ok
16:23:02.0811 1380 [ 17EAC0D023A65FA9B02114CC2BAACAD5 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
16:23:02.0848 1380 WmiAcpi - ok
16:23:02.0861 1380 [ A279323BEE5FFFAFDA222910BCE92132 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
16:23:02.0882 1380 wmiApSrv - ok
16:23:02.0960 1380 [ ACB2E63D50157E3EA7140F29D9E76A48 ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
16:23:03.0049 1380 WMPNetworkSvc - ok
16:23:03.0088 1380 [ 3D3B3B80C12ABE506F56930C46422C28 ] WPCSvc C:\Windows\System32\wpcsvc.dll
16:23:03.0163 1380 WPCSvc - ok
16:23:03.0184 1380 [ C24844A1D0D9528B19D5BC266B8CD572 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
16:23:03.0212 1380 WPDBusEnum - ok
16:23:03.0259 1380 [ 2D27171B16A577EF14C1273668753485 ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys
16:23:03.0313 1380 WpdUsb - ok
16:23:03.0340 1380 [ 84620AECDCFD2A7A14E6263927D8C0ED ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
16:23:03.0394 1380 ws2ifsl - ok
16:23:03.0418 1380 [ F97CBB919AF6D0A6643D1A59C15014D1 ] wscsvc C:\Windows\System32\wscsvc.dll
16:23:03.0455 1380 wscsvc - ok
16:23:03.0461 1380 WSearch - ok
16:23:03.0542 1380 [ 6298277B73C77FA99106B271A7525163 ] wuauserv C:\Windows\system32\wuaueng.dll
16:23:03.0663 1380 wuauserv - ok
16:23:03.0686 1380 [ EE0974D4042DA9CF4C569AC4ECA8C9C0 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
16:23:03.0718 1380 WUDFRd - ok
16:23:03.0739 1380 [ BCBF4873ECC317A6FC950E36383FC082 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
16:23:03.0782 1380 wudfsvc - ok
16:23:03.0799 1380 ZTEusbmdm6k - ok
16:23:03.0831 1380 ZTEusbnmea - ok
16:23:03.0844 1380 ZTEusbser6k - ok
16:23:03.0864 1380 ================ Scan global ===============================
16:23:03.0888 1380 [ 8CD98A8EC9CADAF4E051CDCAC15C96C4 ] C:\Windows\system32\basesrv.dll
16:23:03.0908 1380 [ E3F137ADC0A9D7F3A2E4F557272FE6B3 ] C:\Windows\system32\winsrv.dll
16:23:03.0942 1380 [ E3F137ADC0A9D7F3A2E4F557272FE6B3 ] C:\Windows\system32\winsrv.dll
16:23:03.0985 1380 [ 329CF3C97CE4C19375C8ABCABAE258B0 ] C:\Windows\system32\services.exe
16:23:03.0991 1380 [Global] - ok
16:23:03.0992 1380 ================ Scan MBR ==================================
16:23:04.0012 1380 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
16:23:04.0623 1380 \Device\Harddisk0\DR0 - ok
16:23:04.0624 1380 ================ Scan VBR ==================================
16:23:04.0627 1380 [ 53111F4321985347925FED138DF74E93 ] \Device\Harddisk0\DR0\Partition1
16:23:04.0629 1380 \Device\Harddisk0\DR0\Partition1 - ok
16:23:04.0656 1380 [ AF75E230717B96EFE6AC65236F47CE46 ] \Device\Harddisk0\DR0\Partition2
16:23:04.0658 1380 \Device\Harddisk0\DR0\Partition2 - ok
16:23:04.0658 1380 ============================================================
16:23:04.0658 1380 Scan finished
16:23:04.0658 1380 ============================================================
16:23:04.0670 2240 Detected object count: 9
16:23:04.0670 2240 Actual detected object count: 9
16:23:34.0731 2240 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - skipped by user
16:23:34.0731 2240 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:23:34.0735 2240 FSCLBaseUpdaterService ( UnsignedFile.Multi.Generic ) - skipped by user
16:23:34.0735 2240 FSCLBaseUpdaterService ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:23:34.0738 2240 hpqcxs08 ( UnsignedFile.Multi.Generic ) - skipped by user
16:23:34.0738 2240 hpqcxs08 ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:23:34.0741 2240 hpqddsvc ( UnsignedFile.Multi.Generic ) - skipped by user
16:23:34.0741 2240 hpqddsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:23:34.0744 2240 HPSLPSVC ( UnsignedFile.Multi.Generic ) - skipped by user
16:23:34.0744 2240 HPSLPSVC ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:23:34.0747 2240 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
16:23:34.0747 2240 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:23:34.0751 2240 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
16:23:34.0751 2240 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:23:34.0754 2240 RichVideo ( UnsignedFile.Multi.Generic ) - skipped by user
16:23:34.0754 2240 RichVideo ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:23:34.0755 2240 TestHandler ( UnsignedFile.Multi.Generic ) - skipped by user
16:23:34.0755 2240 TestHandler ( UnsignedFile.Multi.Generic ) - User select action: Skip
|
|
25.09.2012, 10:54
| #21 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Avast blockiert URL bei Google Chrome Dann bitte jetzt CF ausführen: ComboFix Ein Leitfaden und Tutorium zur Nutzung von ComboFix
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat! Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie Zitat:
__________________ --> Avast blockiert URL bei Google Chrome |
|
25.09.2012, 12:26
| #22 |
| | Avast blockiert URL bei Google Chrome Combofix Logfile: Code:
ATTFilter ComboFix 12-09-24.03 - Possehl 25.09.2012 13:08:16.1.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6000.0.1252.49.1031.18.2046.1107 [GMT 2:00]
ausgeführt von:: c:\users\Possehl\Downloads\ComboFix.exe
* Neuer Wiederherstellungspunkt wurde erstellt
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\prefs.js
c:\program files\Incredibar.com
c:\program files\Incredibar.com\incredibar\1.5.3.27\bh\incredibar.dll
c:\program files\Incredibar.com\incredibar\1.5.3.27\incredibar.crx
c:\program files\Incredibar.com\incredibar\1.5.3.27\incredibarApp.dll
c:\program files\Incredibar.com\incredibar\1.5.3.27\incredibarEng.dll
c:\program files\Incredibar.com\incredibar\1.5.3.27\incredibarsrv.exe
c:\program files\Incredibar.com\incredibar\1.5.3.27\incredibarTlbr.dll
c:\program files\Incredibar.com\incredibar\1.5.3.27\uninstall.exe
c:\programdata\100
c:\programdata\ntuser.dat
c:\windows\system32\DEBUG.log
.
.
((((((((((((((((((((((( Dateien erstellt von 2012-08-25 bis 2012-09-25 ))))))))))))))))))))))))))))))
.
.
2012-09-25 11:17 . 2012-09-25 11:18 -------- d-----w- c:\users\Possehl\AppData\Local\temp
2012-09-25 11:17 . 2012-09-25 11:17 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-09-23 20:47 . 2012-09-23 20:47 -------- d-----w- C:\_OTL
2012-09-19 22:13 . 2012-09-19 22:13 -------- d-----w- c:\program files\ESET
2012-09-17 23:18 . 2012-09-17 23:18 73696 ----a-w- c:\program files\Mozilla Firefox\breakpadinjector.dll
2012-09-17 21:28 . 2012-09-17 21:28 -------- d-----w- c:\users\Possehl\AppData\Roaming\Malwarebytes
2012-09-17 21:28 . 2012-09-17 21:28 -------- d-----w- c:\programdata\Malwarebytes
2012-09-17 21:28 . 2012-09-07 15:04 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-09-17 21:28 . 2012-09-17 21:28 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-09-17 18:34 . 2012-09-17 18:34 -------- d-----w- c:\programdata\McAfee Security Scan
2012-09-17 18:33 . 2012-09-17 19:13 -------- d-----w- c:\program files\McAfee Security Scan
2012-08-31 14:21 . 2012-08-31 14:21 -------- d-----w- c:\program files\Common Files\Java
2012-08-31 14:21 . 2012-08-31 14:19 821736 ----a-w- c:\windows\system32\npDeployJava1.dll
2012-08-31 14:20 . 2012-08-31 14:20 93672 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-09-17 18:33 . 2012-04-30 10:32 696520 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-09-17 18:33 . 2011-08-02 14:29 73416 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-08-31 14:19 . 2010-10-06 17:39 746984 ----a-w- c:\windows\system32\deployJava1.dll
2012-08-21 09:13 . 2011-05-17 13:41 729752 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-08-21 09:13 . 2010-08-02 12:07 355632 ----a-w- c:\windows\system32\drivers\aswSP.sys
2012-08-21 09:13 . 2010-08-02 12:07 54232 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2012-08-21 09:13 . 2010-08-02 12:07 35928 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2012-08-21 09:13 . 2010-08-02 12:07 58680 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2012-08-21 09:13 . 2010-08-02 12:07 21256 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2012-08-21 09:12 . 2010-08-02 12:07 41224 ----a-w- c:\windows\avastSS.scr
2012-08-21 09:12 . 2010-08-02 12:07 227648 ----a-w- c:\windows\system32\aswBoot.exe
2012-09-17 23:18 . 2011-09-27 18:40 266720 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-08-21 09:12 121528 ----a-w- c:\program files\Alwil Software\Avast5\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Facebook Update"="c:\users\Possehl\AppData\Local\Facebook\Update\FacebookUpdate.exe" [2012-08-26 138096]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2006-11-02 125440]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="RtHDVCpl.exe" [2007-04-10 4431872]
"NBAgent"="c:\program files\Nero\Nero BackItUp & Burn\Nero BackItUp\NBAgent.exe" [2010-06-08 1086760]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-20 59240]
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2008-3-25 214360]
McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\3.0.207\SSScheduler.exe [2011-6-17 272528]
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"fsc-reg"=c:\programdata\fsc-reg\fscreg.exe 20101230
"ehTray.exe"=c:\windows\ehome\ehTray.exe
"Skype"="c:\program files\Skype\\Phone\Skype.exe" /nosplash /minimized
"Sidebar"=c:\program files\Windows Sidebar\sidebar.exe /autoRun
"Google Update"="c:\users\Possehl\AppData\Local\Google\Update\GoogleUpdate.exe" /c
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"HP Software Update"=c:\program files\HP\HP Software Update\HPWuSchd2.exe
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe"
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
"NeroFilterCheck"=c:\program files\Common Files\Ahead\Lib\NeroCheck.exe
"recinfo409"=c:\recinfo\RecInfo.exe
"Windows Defender"=%ProgramFiles%\Windows Defender\MSASCui.exe -hide
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
.
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [x]
S2 AdobeActiveFileMonitor7.0;Adobe Active File Monitor V7;c:\program files\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe [x]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
HPService REG_MULTI_SZ HPSLPSVC
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Inhalt des "geplante Tasks" Ordners
.
2012-09-25 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-30 18:33]
.
2012-09-23 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-314716326-1652771346-1621271911-1000Core.job
- c:\users\Possehl\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-09-29 15:31]
.
2012-09-23 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-314716326-1652771346-1621271911-1000UA.job
- c:\users\Possehl\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-09-29 15:31]
.
2012-09-25 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-08-02 12:07]
.
2012-09-25 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-08-02 12:07]
.
2012-09-24 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-314716326-1652771346-1621271911-1000Core.job
- c:\users\Possehl\AppData\Local\Google\Update\GoogleUpdate.exe [2012-09-17 14:59]
.
2012-09-25 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-314716326-1652771346-1621271911-1000UA.job
- c:\users\Possehl\AppData\Local\Google\Update\GoogleUpdate.exe [2012-09-17 14:59]
.
2012-09-25 c:\windows\Tasks\User_Feed_Synchronization-{07D65CD1-F8C0-49BB-8F7A-9619CFE32AEA}.job
- c:\windows\system32\msfeedssync.exe [2010-08-14 04:56]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.google.com/
mStart Page = hxxp://www.google.com
uInternet Settings,ProxyOverride = *.local
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Free YouTube to Mp3 Converter - c:\users\Possehl\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: Nach Microsoft E&xel exportieren - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.2.1
TCP: Interfaces\{0D890DC5-25F4-4637-9D85-AD800ECA6428}: NameServer = 192.168.200.126,212.49.70.22
FF - ProfilePath - c:\users\Possehl\AppData\Roaming\Mozilla\Firefox\Profiles\hr5jdbu4.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.de/
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
AddRemove-vShare.tv plugin - c:\program files\vShare.tv plugin\uninst.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, hxxp://www.gmer.net
Rootkit scan 2012-09-25 13:17
Windows 6.0.6000 NTFS
.
Scanne versteckte Prozesse...
.
Scanne versteckte Autostarteinträge...
.
Scanne versteckte Dateien...
.
Scan erfolgreich abgeschlossen
versteckte Dateien: 0
.
**************************************************************************
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_4_402_265_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_4_402_265_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
Zeit der Fertigstellung: 2012-09-25 13:23:29
ComboFix-quarantined-files.txt 2012-09-25 11:23
.
Vor Suchlauf: 8.384.245.760 Bytes frei
Nach Suchlauf: 8.211.611.648 Bytes frei
.
- - End Of File - - 9E36CDEE7E92BF22493F2AA33914A1DA
|
|
25.09.2012, 14:42
| #23 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Avast blockiert URL bei Google Chrome Bitte nun Logs mit GMER und OSAM erstellen und posten. GMER stürzt häufiger ab, wenn das Tool auch beim 2. Mal nicht will, lass es einfach weg und führ nur OSAM aus - die Online-Abfrage durch OSAM bitte überspringen. Bei OSAM bitte darauf auch achten, dass Du das Log auch als *.log und nicht *.html oder so abspeicherst. Hinweis: Zum Entpacken von OSAM bitte WinRAR oder 7zip verwenden! Stell auch unbedingt den Virenscanner ab, besonders der Scanner von McAfee meldet oft einen Fehalarm in OSAM! Downloade dir bitte  aswMBR.exe und speichere die Datei auf deinem Desktop.
Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none). Noch ein Hinweis: Sollte aswMBR abstürzen und es kommt eine Meldung wie "aswMBR.exe funktioniert nicht mehr, dann mach Folgendes: Starte aswMBR neu, wähle unten links im Drop-Down-Menü (unten links im Fenster von aswMBR) bei "AV scan" (none) aus und klick nochmal auf den Scan-Button.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
25.09.2012, 23:25
| #24 |
| | Avast blockiert URL bei Google Chrome GMER logfile Code:
ATTFilter GMER 1.0.15.15641 - hxxp://www.gmer.net
Rootkit scan 2012-09-26 00:10:54
Windows 6.0.6000 Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0 WDC_WD25 rev.01.0
Running: 7fvpumgp.exe; Driver: C:\Users\Possehl\AppData\Local\Temp\uftdyfoc.sys
---- System - GMER 1.0.15 ----
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwAddBootEntry [0x8D961708]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwAllocateVirtualMemory [0x8DC347C8]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwAssignProcessToJobObject [0x8D96211C]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwCreateEvent [0x8D96CF28]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwCreateEventPair [0x8D96CF74]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwCreateIoCompletion [0x8D96D0F6]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwCreateMutant [0x8D96CE96]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwCreateSection [0x8DC34BBA]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwCreateSemaphore [0x8D96CEDE]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwCreateThread [0x8D962310]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwCreateTimer [0x8D96D0B0]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwDebugActiveProcess [0x8D962A9C]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwDeleteBootEntry [0x8D961756]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwDuplicateObject [0x8DC3F808]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwFreeVirtualMemory [0x8DC348AC]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwLoadDriver [0x8D9613BE]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwModifyBootEntry [0x8D9617A4]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwNotifyChangeKey [0x8D966456]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwNotifyChangeMultipleKeys [0x8D963464]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwOpenEvent [0x8D96CF52]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwOpenEventPair [0x8D96CF96]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwOpenIoCompletion [0x8D96D11A]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwOpenMutant [0x8D96CEBC]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwOpenProcess [0x8DC3F70C]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwOpenSection [0x8D96D03A]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwOpenSemaphore [0x8D96CF06]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwOpenThread [0x8DC3F78A]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwOpenTimer [0x8D96D0D4]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwProtectVirtualMemory [0x8DC34A2C]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwQueryObject [0x8D963330]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwQueueApcThread [0x8D962EDA]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwSetBootEntryOrder [0x8D9617F2]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwSetBootOptions [0x8D961840]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwSetContextThread [0x8D96291C]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwSetSystemInformation [0x8D961448]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwSetSystemPowerState [0x8D9615F8]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwShutdownSystem [0x8D96159E]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwSuspendProcess [0x8D962BFE]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwSuspendThread [0x8D962D5A]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwSystemDebugControl [0x8D961668]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwTerminateProcess [0x8DC34AF6]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwTerminateThread [0x8D962794]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwVdmControl [0x8D96188E]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwWriteVirtualMemory [0x8DC34962]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwCreateThreadEx [0x8D962498]
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwCreateProcessEx [0x8DC4C966]
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ObInsertObject
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ObMakeTemporaryObject
---- Kernel code sections - GMER 1.0.15 ----
.text ntkrnlpa.exe!ZwCallbackReturn + 734 824811B8 12 Bytes [F2, 17, 96, 8D, 40, 18, 96, ...]
.text ntkrnlpa.exe!ZwCallbackReturn + 7E0 82481264 12 Bytes [FE, 2B, 96, 8D, 5A, 2D, 96, ...]
PAGE ntkrnlpa.exe!ZwReplyWaitReceivePortEx + 110 825BFD69 4 Bytes CALL 8D963B07 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
PAGE ntkrnlpa.exe!ZwAlpcSendWaitReceivePort + 121 825C77DC 4 Bytes CALL 8D963B1D \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
PAGE ntkrnlpa.exe!ObMakeTemporaryObject 825F2D4B 5 Bytes JMP 8DC49806 \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)
PAGE ntkrnlpa.exe!ObInsertObject 825F8882 5 Bytes JMP 8DC4B320 \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)
PAGE ntkrnlpa.exe!ZwCreateProcessEx 8261381D 7 Bytes JMP 8DC4C96A \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)
.text win32k.sys!EngMultiByteToUnicodeN + 2B73 95A210FF 1 Byte [E9]
.text win32k.sys!EngMultiByteToUnicodeN + 2B73 95A210FF 5 Bytes JMP 8D966F20 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!EngGetRgnData + C9D 95A24F75 5 Bytes JMP 8D966DDA \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!EngSetRectRgn + 3DB 95A25536 5 Bytes JMP 8D966C00 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!EngTransparentBlt + 4E6 95A52E56 5 Bytes JMP 8D967D3E \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!EngTransparentBlt + 37CC 95A5613C 5 Bytes JMP 8D966592 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!XFORMOBJ_iGetXform + 323E 95A5BADD 5 Bytes JMP 8D966FB2 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!XFORMOBJ_iGetXform + 33D0 95A5BC6F 5 Bytes JMP 8D9670A4 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!EngStretchBltROP + 273B 95A5EA94 5 Bytes JMP 8D966866 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!EngStretchBltROP + A684 95A669DD 5 Bytes JMP 8D9679A8 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!EngStretchBltROP + 11666 95A6D9BF 5 Bytes JMP 8D96648C \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!EngStretchBltROP + 118A7 95A6DC00 5 Bytes JMP 8D966B40 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!EngStretchBltROP + 1197A 95A6DCD3 5 Bytes JMP 8D966E06 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text ...
.text win32k.sys!EngMapFontFileFD + F726 95A80E8E 5 Bytes JMP 8D9666E6 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!EngPaint + 3291 95A865F3 5 Bytes JMP 8D967BD8 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!EngPaint + 69B2 95A89D14 5 Bytes JMP 8D966756 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!EngEraseSurface + 5C5 95A8D88B 5 Bytes JMP 8D96708C \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!XLATEOBJ_iXlate + 44F5 95AAD01C 5 Bytes JMP 8D9665AA \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!EngLpkInstalled + FD1 95AC5B69 5 Bytes JMP 8D96795E \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!EngStretchBlt + 3BF8 95AD2D59 5 Bytes JMP 8D967DE0 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!EngStretchBlt + 5E54 95AD4FB5 5 Bytes JMP 8D966FCA \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!PATHOBJ_bEnum + AA 95AD57BE 5 Bytes JMP 8D967B20 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!EngStrokePath + CE82 95AE2DC9 5 Bytes JMP 8D967918 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!EngCopyBits + 1DC3 95AE9FE1 5 Bytes JMP 8D967A6E \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!EngFindImageProcAddress + 1A09 95AF585B 5 Bytes JMP 8D966A6A \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!EngDeleteClip + 5A16 95B0B735 5 Bytes JMP 8D966812 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!PATHOBJ_bPolyBezierTo + 62D 95B13A3F 5 Bytes JMP 8D96693E \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!EngFillPath + 1661 95B2959C 5 Bytes JMP 8D966FE2 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!EngDeleteSemaphore + 3868 95B313B1 5 Bytes JMP 8D966682 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!EngDeleteSemaphore + 658D 95B340D6 5 Bytes JMP 8D9669D4 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!EngPlgBlt + 1A89 95B6F6AA 5 Bytes JMP 8D967C96 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
---- User code sections - GMER 1.0.15 ----
.text C:\Program Files\Fujitsu Siemens Computers\FSCLounge\FSCWBaseUpdaterService\2\FSCWBaseUpdaterService.exe[12] KERNEL32.dll!GetBinaryTypeW + 70 76E8714D 1 Byte [62]
.text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[288] kernel32.dll!GetBinaryTypeW + 70 76E8714D 1 Byte [62]
.text C:\Program Files\Bonjour\mDNSResponder.exe[408] kernel32.dll!GetBinaryTypeW + 70 76E8714D 1 Byte [62]
.text C:\Windows\system32\csrss.exe[580] KERNEL32.dll!GetBinaryTypeW + 70 76E8714D 1 Byte [62]
.text C:\Windows\system32\wininit.exe[636] kernel32.dll!GetBinaryTypeW + 70 76E8714D 1 Byte [62]
.text ...
.text C:\Program Files\McAfee Security Scan\3.0.207\SSScheduler.exe[964] ntdll.dll!LdrLoadDll 775CEB00 5 Bytes JMP 001501F8
.text C:\Program Files\McAfee Security Scan\3.0.207\SSScheduler.exe[964] ntdll.dll!LdrUnloadDll 775DBF0A 5 Bytes JMP 001503FC
.text C:\Program Files\McAfee Security Scan\3.0.207\SSScheduler.exe[964] kernel32.dll!GetBinaryTypeW + 70 76E8714D 1 Byte [62]
.text C:\Program Files\McAfee Security Scan\3.0.207\SSScheduler.exe[964] USER32.dll!UnhookWindowsHookEx 77507CE7 5 Bytes JMP 00170A08
.text C:\Program Files\McAfee Security Scan\3.0.207\SSScheduler.exe[964] USER32.dll!SetWindowsHookExA 7750891A 5 Bytes JMP 00170600
.text C:\Program Files\McAfee Security Scan\3.0.207\SSScheduler.exe[964] USER32.dll!SetWindowsHookExW 7750913D 5 Bytes JMP 00170804
.text C:\Program Files\McAfee Security Scan\3.0.207\SSScheduler.exe[964] USER32.dll!UnhookWinEvent 77512C03 5 Bytes JMP 001703FC
.text C:\Program Files\McAfee Security Scan\3.0.207\SSScheduler.exe[964] USER32.dll!SetWinEventHook 77519BFD 5 Bytes JMP 001701F8
.text C:\Program Files\McAfee Security Scan\3.0.207\SSScheduler.exe[964] ADVAPI32.dll!CreateServiceW 77768686 5 Bytes JMP 001803FC
.text C:\Program Files\McAfee Security Scan\3.0.207\SSScheduler.exe[964] ADVAPI32.dll!DeleteService 77768788 5 Bytes JMP 00180600
.text C:\Program Files\McAfee Security Scan\3.0.207\SSScheduler.exe[964] ADVAPI32.dll!ChangeServiceConfigW 7776A26A 5 Bytes JMP 00180A08
.text C:\Program Files\McAfee Security Scan\3.0.207\SSScheduler.exe[964] ADVAPI32.dll!SetServiceObjectSecurity 777A3791 5 Bytes JMP 00181014
.text C:\Program Files\McAfee Security Scan\3.0.207\SSScheduler.exe[964] ADVAPI32.dll!ChangeServiceConfigA 777A3891 5 Bytes JMP 00180804
.text C:\Program Files\McAfee Security Scan\3.0.207\SSScheduler.exe[964] ADVAPI32.dll!ChangeServiceConfig2A 777A3A39 5 Bytes JMP 00180C0C
.text C:\Program Files\McAfee Security Scan\3.0.207\SSScheduler.exe[964] ADVAPI32.dll!ChangeServiceConfig2W 777A3B81 5 Bytes JMP 00180E10
.text C:\Program Files\McAfee Security Scan\3.0.207\SSScheduler.exe[964] ADVAPI32.dll!CreateServiceA 777A3C41 5 Bytes JMP 001801F8
.text C:\Windows\system32\svchost.exe[968] kernel32.dll!GetBinaryTypeW + 70 76E8714D 1 Byte [62]
.text C:\Windows\system32\Ati2evxx.exe[1004] kernel32.dll!GetBinaryTypeW + 70 76E8714D 1 Byte [62]
.text C:\Windows\System32\svchost.exe[1048] kernel32.dll!GetBinaryTypeW + 70 76E8714D 1 Byte [62]
.text C:\Windows\System32\svchost.exe[1076] kernel32.dll!GetBinaryTypeW + 70 76E8714D 1 Byte [62]
.text C:\Windows\system32\svchost.exe[1092] kernel32.dll!GetBinaryTypeW + 70 76E8714D 1 Byte [62]
.text ...
.text C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[1556] kernel32.dll!SetUnhandledExceptionFilter 76E8D177 4 Bytes [C2, 04, 00, 90] {RET 0x4; NOP }
.text C:\Windows\ehome\ehtray.exe[1584] ntdll.dll!LdrLoadDll 775CEB00 5 Bytes JMP 000501F8
.text C:\Windows\ehome\ehtray.exe[1584] ntdll.dll!LdrUnloadDll 775DBF0A 5 Bytes JMP 000503FC
.text C:\Windows\ehome\ehtray.exe[1584] kernel32.dll!GetBinaryTypeW + 70 76E8714D 1 Byte [62]
.text C:\Windows\ehome\ehtray.exe[1584] ADVAPI32.dll!CreateServiceW 77768686 5 Bytes JMP 000703FC
.text C:\Windows\ehome\ehtray.exe[1584] ADVAPI32.dll!DeleteService 77768788 5 Bytes JMP 00070600
.text C:\Windows\ehome\ehtray.exe[1584] ADVAPI32.dll!ChangeServiceConfigW 7776A26A 5 Bytes JMP 00070A08
.text C:\Windows\ehome\ehtray.exe[1584] ADVAPI32.dll!SetServiceObjectSecurity 777A3791 5 Bytes JMP 00071014
.text C:\Windows\ehome\ehtray.exe[1584] ADVAPI32.dll!ChangeServiceConfigA 777A3891 5 Bytes JMP 00070804
.text C:\Windows\ehome\ehtray.exe[1584] ADVAPI32.dll!ChangeServiceConfig2A 777A3A39 5 Bytes JMP 00070C0C
.text C:\Windows\ehome\ehtray.exe[1584] ADVAPI32.dll!ChangeServiceConfig2W 777A3B81 5 Bytes JMP 00070E10
.text C:\Windows\ehome\ehtray.exe[1584] ADVAPI32.dll!CreateServiceA 777A3C41 5 Bytes JMP 000701F8
.text C:\Windows\ehome\ehtray.exe[1584] USER32.dll!UnhookWindowsHookEx 77507CE7 5 Bytes JMP 00080A08
.text C:\Windows\ehome\ehtray.exe[1584] USER32.dll!SetWindowsHookExA 7750891A 5 Bytes JMP 00080600
.text C:\Windows\ehome\ehtray.exe[1584] USER32.dll!SetWindowsHookExW 7750913D 5 Bytes JMP 00080804
.text C:\Windows\ehome\ehtray.exe[1584] USER32.dll!UnhookWinEvent 77512C03 5 Bytes JMP 000803FC
.text C:\Windows\ehome\ehtray.exe[1584] USER32.dll!SetWinEventHook 77519BFD 5 Bytes JMP 000801F8
.text C:\Windows\system32\Ati2evxx.exe[1624] kernel32.dll!GetBinaryTypeW + 70 76E8714D 1 Byte [62]
.text C:\Windows\System32\mobsync.exe[1720] ntdll.dll!LdrLoadDll 775CEB00 5 Bytes JMP 000501F8
.text C:\Windows\System32\mobsync.exe[1720] ntdll.dll!LdrUnloadDll 775DBF0A 5 Bytes JMP 000503FC
.text C:\Windows\System32\mobsync.exe[1720] kernel32.dll!GetBinaryTypeW + 70 76E8714D 1 Byte [62]
.text C:\Windows\System32\mobsync.exe[1720] ADVAPI32.dll!CreateServiceW 77768686 5 Bytes JMP 000703FC
.text C:\Windows\System32\mobsync.exe[1720] ADVAPI32.dll!DeleteService 77768788 5 Bytes JMP 00070600
.text C:\Windows\System32\mobsync.exe[1720] ADVAPI32.dll!ChangeServiceConfigW 7776A26A 5 Bytes JMP 00070A08
.text C:\Windows\System32\mobsync.exe[1720] ADVAPI32.dll!SetServiceObjectSecurity 777A3791 5 Bytes JMP 00071014
.text C:\Windows\System32\mobsync.exe[1720] ADVAPI32.dll!ChangeServiceConfigA 777A3891 5 Bytes JMP 00070804
.text C:\Windows\System32\mobsync.exe[1720] ADVAPI32.dll!ChangeServiceConfig2A 777A3A39 5 Bytes JMP 00070C0C
.text C:\Windows\System32\mobsync.exe[1720] ADVAPI32.dll!ChangeServiceConfig2W 777A3B81 5 Bytes JMP 00070E10
.text C:\Windows\System32\mobsync.exe[1720] ADVAPI32.dll!CreateServiceA 777A3C41 5 Bytes JMP 000701F8
.text C:\Windows\System32\mobsync.exe[1720] USER32.dll!UnhookWindowsHookEx 77507CE7 5 Bytes JMP 000A0A08
.text C:\Windows\System32\mobsync.exe[1720] USER32.dll!SetWindowsHookExA 7750891A 5 Bytes JMP 000A0600
.text C:\Windows\System32\mobsync.exe[1720] USER32.dll!SetWindowsHookExW 7750913D 5 Bytes JMP 000A0804
.text C:\Windows\System32\mobsync.exe[1720] USER32.dll!UnhookWinEvent 77512C03 5 Bytes JMP 000A03FC
.text C:\Windows\System32\mobsync.exe[1720] USER32.dll!SetWinEventHook 77519BFD 5 Bytes JMP 000A01F8
.text C:\Windows\System32\spoolsv.exe[1764] kernel32.dll!GetBinaryTypeW + 70 76E8714D 1 Byte [62]
.text C:\Windows\system32\svchost.exe[1788] kernel32.dll!GetBinaryTypeW + 70 76E8714D 1 Byte [62]
.text C:\Program Files\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe[1988] kernel32.dll!GetBinaryTypeW + 70 76E8714D 1 Byte [62]
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe[2056] kernel32.dll!GetBinaryTypeW + 70 76E8714D 1 Byte [62]
.text C:\Windows\system32\svchost.exe[2160] ntdll.dll!LdrLoadDll 775CEB00 5 Bytes JMP 000501F8
.text C:\Windows\system32\svchost.exe[2160] ntdll.dll!LdrUnloadDll 775DBF0A 5 Bytes JMP 000503FC
.text C:\Windows\system32\svchost.exe[2160] kernel32.dll!GetBinaryTypeW + 70 76E8714D 1 Byte [62]
.text C:\Windows\system32\svchost.exe[2160] ADVAPI32.dll!CreateServiceW 77768686 5 Bytes JMP 000703FC
.text C:\Windows\system32\svchost.exe[2160] ADVAPI32.dll!DeleteService 77768788 5 Bytes JMP 00070600
.text C:\Windows\system32\svchost.exe[2160] ADVAPI32.dll!ChangeServiceConfigW 7776A26A 5 Bytes JMP 00070A08
.text C:\Windows\system32\svchost.exe[2160] ADVAPI32.dll!SetServiceObjectSecurity 777A3791 5 Bytes JMP 00071014
.text C:\Windows\system32\svchost.exe[2160] ADVAPI32.dll!ChangeServiceConfigA 777A3891 5 Bytes JMP 00070804
.text C:\Windows\system32\svchost.exe[2160] ADVAPI32.dll!ChangeServiceConfig2A 777A3A39 5 Bytes JMP 00070C0C
.text C:\Windows\system32\svchost.exe[2160] ADVAPI32.dll!ChangeServiceConfig2W 777A3B81 5 Bytes JMP 00070E10
.text C:\Windows\system32\svchost.exe[2160] ADVAPI32.dll!CreateServiceA 777A3C41 5 Bytes JMP 000701F8
.text C:\Windows\system32\svchost.exe[2160] USER32.dll!UnhookWindowsHookEx 77507CE7 5 Bytes JMP 002A0A08
.text C:\Windows\system32\svchost.exe[2160] USER32.dll!SetWindowsHookExA 7750891A 5 Bytes JMP 002A0600
.text C:\Windows\system32\svchost.exe[2160] USER32.dll!SetWindowsHookExW 7750913D 5 Bytes JMP 002A0804
.text C:\Windows\system32\svchost.exe[2160] USER32.dll!UnhookWinEvent 77512C03 5 Bytes JMP 002A03FC
.text C:\Windows\system32\svchost.exe[2160] USER32.dll!SetWinEventHook 77519BFD 5 Bytes JMP 002A01F8
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[2268] ntdll.dll!LdrLoadDll 775CEB00 5 Bytes JMP 000501F8
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[2268] ntdll.dll!LdrUnloadDll 775DBF0A 5 Bytes JMP 000503FC
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[2268] kernel32.dll!GetBinaryTypeW + 70 76E8714D 1 Byte [62]
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[2268] ADVAPI32.dll!CreateServiceW 77768686 5 Bytes JMP 001A03FC
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[2268] ADVAPI32.dll!DeleteService 77768788 5 Bytes JMP 001A0600
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[2268] ADVAPI32.dll!ChangeServiceConfigW 7776A26A 5 Bytes JMP 001A0A08
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[2268] ADVAPI32.dll!SetServiceObjectSecurity 777A3791 5 Bytes JMP 001A1014
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[2268] ADVAPI32.dll!ChangeServiceConfigA 777A3891 5 Bytes JMP 001A0804
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[2268] ADVAPI32.dll!ChangeServiceConfig2A 777A3A39 5 Bytes JMP 001A0C0C
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[2268] ADVAPI32.dll!ChangeServiceConfig2W 777A3B81 5 Bytes JMP 001A0E10
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[2268] ADVAPI32.dll!CreateServiceA 777A3C41 5 Bytes JMP 001A01F8
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[2268] USER32.dll!UnhookWindowsHookEx 77507CE7 5 Bytes JMP 001B0A08
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[2268] USER32.dll!SetWindowsHookExA 7750891A 5 Bytes JMP 001B0600
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[2268] USER32.dll!SetWindowsHookExW 7750913D 5 Bytes JMP 001B0804
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[2268] USER32.dll!UnhookWinEvent 77512C03 5 Bytes JMP 001B03FC
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[2268] USER32.dll!SetWinEventHook 77519BFD 5 Bytes JMP 001B01F8
.text C:\Windows\System32\svchost.exe[2284] ntdll.dll!LdrLoadDll 775CEB00 5 Bytes JMP 000501F8
.text C:\Windows\System32\svchost.exe[2284] ntdll.dll!LdrUnloadDll 775DBF0A 5 Bytes JMP 000503FC
.text C:\Windows\System32\svchost.exe[2284] kernel32.dll!GetBinaryTypeW + 70 76E8714D 1 Byte [62]
.text C:\Windows\System32\svchost.exe[2284] ADVAPI32.dll!CreateServiceW 77768686 5 Bytes JMP 000703FC
.text C:\Windows\System32\svchost.exe[2284] ADVAPI32.dll!DeleteService 77768788 5 Bytes JMP 00070600
.text C:\Windows\System32\svchost.exe[2284] ADVAPI32.dll!ChangeServiceConfigW 7776A26A 5 Bytes JMP 00070A08
.text C:\Windows\System32\svchost.exe[2284] ADVAPI32.dll!SetServiceObjectSecurity 777A3791 5 Bytes JMP 00071014
.text C:\Windows\System32\svchost.exe[2284] ADVAPI32.dll!ChangeServiceConfigA 777A3891 5 Bytes JMP 00070804
.text C:\Windows\System32\svchost.exe[2284] ADVAPI32.dll!ChangeServiceConfig2A 777A3A39 5 Bytes JMP 00070C0C
.text C:\Windows\System32\svchost.exe[2284] ADVAPI32.dll!ChangeServiceConfig2W 777A3B81 5 Bytes JMP 00070E10
.text C:\Windows\System32\svchost.exe[2284] ADVAPI32.dll!CreateServiceA 777A3C41 5 Bytes JMP 000701F8
.text C:\Windows\System32\svchost.exe[2284] USER32.dll!UnhookWindowsHookEx 77507CE7 5 Bytes JMP 000C0A08
.text C:\Windows\System32\svchost.exe[2284] USER32.dll!SetWindowsHookExA 7750891A 5 Bytes JMP 000C0600
.text C:\Windows\System32\svchost.exe[2284] USER32.dll!SetWindowsHookExW 7750913D 5 Bytes JMP 000C0804
.text C:\Windows\System32\svchost.exe[2284] USER32.dll!UnhookWinEvent 77512C03 5 Bytes JMP 000C03FC
.text C:\Windows\System32\svchost.exe[2284] USER32.dll!SetWinEventHook 77519BFD 5 Bytes JMP 000C01F8
.text C:\Windows\System32\svchost.exe[2316] ntdll.dll!LdrLoadDll 775CEB00 5 Bytes JMP 000501F8
.text C:\Windows\System32\svchost.exe[2316] ntdll.dll!LdrUnloadDll 775DBF0A 5 Bytes JMP 000503FC
.text C:\Windows\System32\svchost.exe[2316] kernel32.dll!GetBinaryTypeW + 70 76E8714D 1 Byte [62]
.text C:\Windows\System32\svchost.exe[2316] ADVAPI32.dll!CreateServiceW 77768686 5 Bytes JMP 000703FC
.text C:\Windows\System32\svchost.exe[2316] ADVAPI32.dll!DeleteService 77768788 5 Bytes JMP 00070600
.text C:\Windows\System32\svchost.exe[2316] ADVAPI32.dll!ChangeServiceConfigW 7776A26A 5 Bytes JMP 00070A08
.text C:\Windows\System32\svchost.exe[2316] ADVAPI32.dll!SetServiceObjectSecurity 777A3791 5 Bytes JMP 00071014
.text C:\Windows\System32\svchost.exe[2316] ADVAPI32.dll!ChangeServiceConfigA 777A3891 5 Bytes JMP 00070804
.text C:\Windows\System32\svchost.exe[2316] ADVAPI32.dll!ChangeServiceConfig2A 777A3A39 5 Bytes JMP 00070C0C
.text C:\Windows\System32\svchost.exe[2316] ADVAPI32.dll!ChangeServiceConfig2W 777A3B81 5 Bytes JMP 00070E10
.text C:\Windows\System32\svchost.exe[2316] ADVAPI32.dll!CreateServiceA 777A3C41 5 Bytes JMP 000701F8
.text C:\Windows\system32\svchost.exe[2328] ntdll.dll!LdrLoadDll 775CEB00 5 Bytes JMP 000901F8
.text C:\Windows\system32\svchost.exe[2328] ntdll.dll!LdrUnloadDll 775DBF0A 5 Bytes JMP 000903FC
.text C:\Windows\system32\svchost.exe[2328] kernel32.dll!GetBinaryTypeW + 70 76E8714D 1 Byte [62]
.text C:\Windows\system32\svchost.exe[2328] ADVAPI32.dll!CreateServiceW 77768686 5 Bytes JMP 000B03FC
.text C:\Windows\system32\svchost.exe[2328] ADVAPI32.dll!DeleteService 77768788 5 Bytes JMP 000B0600
.text C:\Windows\system32\svchost.exe[2328] ADVAPI32.dll!ChangeServiceConfigW 7776A26A 5 Bytes JMP 000B0A08
.text C:\Windows\system32\svchost.exe[2328] ADVAPI32.dll!SetServiceObjectSecurity 777A3791 5 Bytes JMP 000B1014
.text C:\Windows\system32\svchost.exe[2328] ADVAPI32.dll!ChangeServiceConfigA 777A3891 5 Bytes JMP 000B0804
.text C:\Windows\system32\svchost.exe[2328] ADVAPI32.dll!ChangeServiceConfig2A 777A3A39 5 Bytes JMP 000B0C0C
.text C:\Windows\system32\svchost.exe[2328] ADVAPI32.dll!ChangeServiceConfig2W 777A3B81 5 Bytes JMP 000B0E10
.text C:\Windows\system32\svchost.exe[2328] ADVAPI32.dll!CreateServiceA 777A3C41 5 Bytes JMP 000B01F8
.text C:\Windows\system32\svchost.exe[2328] USER32.dll!UnhookWindowsHookEx 77507CE7 5 Bytes JMP 000E0A08
.text C:\Windows\system32\svchost.exe[2328] USER32.dll!SetWindowsHookExA 7750891A 5 Bytes JMP 000E0600
.text C:\Windows\system32\svchost.exe[2328] USER32.dll!SetWindowsHookExW 7750913D 5 Bytes JMP 000E0804
.text C:\Windows\system32\svchost.exe[2328] USER32.dll!UnhookWinEvent 77512C03 5 Bytes JMP 000E03FC
.text C:\Windows\system32\svchost.exe[2328] USER32.dll!SetWinEventHook 77519BFD 5 Bytes JMP 000E01F8
.text C:\Program Files\CyberLink\Shared Files\RichVideo.exe[2340] ntdll.dll!LdrLoadDll 775CEB00 5 Bytes JMP 001401F8
.text C:\Program Files\CyberLink\Shared Files\RichVideo.exe[2340] ntdll.dll!LdrUnloadDll 775DBF0A 5 Bytes JMP 001403FC
.text C:\Program Files\CyberLink\Shared Files\RichVideo.exe[2340] kernel32.dll!GetBinaryTypeW + 70 76E8714D 1 Byte [62]
.text C:\Program Files\CyberLink\Shared Files\RichVideo.exe[2340] USER32.dll!UnhookWindowsHookEx 77507CE7 5 Bytes JMP 00260A08
.text C:\Program Files\CyberLink\Shared Files\RichVideo.exe[2340] USER32.dll!SetWindowsHookExA 7750891A 5 Bytes JMP 00260600
.text C:\Program Files\CyberLink\Shared Files\RichVideo.exe[2340] USER32.dll!SetWindowsHookExW 7750913D 5 Bytes JMP 00260804
.text C:\Program Files\CyberLink\Shared Files\RichVideo.exe[2340] USER32.dll!UnhookWinEvent 77512C03 5 Bytes JMP 002603FC
.text C:\Program Files\CyberLink\Shared Files\RichVideo.exe[2340] USER32.dll!SetWinEventHook 77519BFD 5 Bytes JMP 002601F8
.text C:\Program Files\CyberLink\Shared Files\RichVideo.exe[2340] ADVAPI32.dll!CreateServiceW 77768686 5 Bytes JMP 002703FC
.text C:\Program Files\CyberLink\Shared Files\RichVideo.exe[2340] ADVAPI32.dll!DeleteService 77768788 5 Bytes JMP 00270600
.text C:\Program Files\CyberLink\Shared Files\RichVideo.exe[2340] ADVAPI32.dll!ChangeServiceConfigW 7776A26A 5 Bytes JMP 00270A08
.text C:\Program Files\CyberLink\Shared Files\RichVideo.exe[2340] ADVAPI32.dll!SetServiceObjectSecurity 777A3791 5 Bytes JMP 00271014
.text C:\Program Files\CyberLink\Shared Files\RichVideo.exe[2340] ADVAPI32.dll!ChangeServiceConfigA 777A3891 5 Bytes JMP 00270804
.text C:\Program Files\CyberLink\Shared Files\RichVideo.exe[2340] ADVAPI32.dll!ChangeServiceConfig2A 777A3A39 5 Bytes JMP 00270C0C
.text C:\Program Files\CyberLink\Shared Files\RichVideo.exe[2340] ADVAPI32.dll!ChangeServiceConfig2W 777A3B81 5 Bytes JMP 00270E10
.text C:\Program Files\CyberLink\Shared Files\RichVideo.exe[2340] ADVAPI32.dll!CreateServiceA 777A3C41 5 Bytes JMP 002701F8
.text C:\Windows\system32\svchost.exe[2612] ntdll.dll!LdrLoadDll 775CEB00 5 Bytes JMP 000501F8
.text C:\Windows\system32\svchost.exe[2612] ntdll.dll!LdrUnloadDll 775DBF0A 5 Bytes JMP 000503FC
.text C:\Windows\system32\svchost.exe[2612] kernel32.dll!GetBinaryTypeW + 70 76E8714D 1 Byte [62]
.text C:\Windows\system32\svchost.exe[2612] ADVAPI32.dll!CreateServiceW 77768686 5 Bytes JMP 000703FC
.text C:\Windows\system32\svchost.exe[2612] ADVAPI32.dll!DeleteService 77768788 5 Bytes JMP 00070600
.text C:\Windows\system32\svchost.exe[2612] ADVAPI32.dll!ChangeServiceConfigW 7776A26A 5 Bytes JMP 00070A08
.text C:\Windows\system32\svchost.exe[2612] ADVAPI32.dll!SetServiceObjectSecurity 777A3791 5 Bytes JMP 00071014
.text C:\Windows\system32\svchost.exe[2612] ADVAPI32.dll!ChangeServiceConfigA 777A3891 5 Bytes JMP 00070804
.text C:\Windows\system32\svchost.exe[2612] ADVAPI32.dll!ChangeServiceConfig2A 777A3A39 5 Bytes JMP 00070C0C
.text C:\Windows\system32\svchost.exe[2612] ADVAPI32.dll!ChangeServiceConfig2W 777A3B81 5 Bytes JMP 00070E10
.text C:\Windows\system32\svchost.exe[2612] ADVAPI32.dll!CreateServiceA 777A3C41 5 Bytes JMP 000701F8
.text C:\Windows\system32\svchost.exe[2612] USER32.dll!UnhookWindowsHookEx 77507CE7 5 Bytes JMP 00C00A08
.text C:\Windows\system32\svchost.exe[2612] USER32.dll!SetWindowsHookExA 7750891A 5 Bytes JMP 00C00600
.text C:\Windows\system32\svchost.exe[2612] USER32.dll!SetWindowsHookExW 7750913D 5 Bytes JMP 00C00804
.text C:\Windows\system32\svchost.exe[2612] USER32.dll!UnhookWinEvent 77512C03 5 Bytes JMP 00C003FC
.text C:\Windows\system32\svchost.exe[2612] USER32.dll!SetWinEventHook 77519BFD 5 Bytes JMP 00C001F8
.text C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe[2700] ntdll.dll!LdrLoadDll 775CEB00 5 Bytes JMP 001501F8
.text C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe[2700] ntdll.dll!LdrUnloadDll 775DBF0A 5 Bytes JMP 001503FC
.text C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe[2700] kernel32.dll!GetBinaryTypeW + 70 76E8714D 1 Byte [62]
.text C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe[2700] ADVAPI32.dll!CreateServiceW 77768686 5 Bytes JMP 001703FC
.text C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe[2700] ADVAPI32.dll!DeleteService 77768788 5 Bytes JMP 00170600
.text C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe[2700] ADVAPI32.dll!ChangeServiceConfigW 7776A26A 5 Bytes JMP 00170A08
.text C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe[2700] ADVAPI32.dll!SetServiceObjectSecurity 777A3791 5 Bytes JMP 00171014
.text C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe[2700] ADVAPI32.dll!ChangeServiceConfigA 777A3891 5 Bytes JMP 00170804
.text C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe[2700] ADVAPI32.dll!ChangeServiceConfig2A 777A3A39 5 Bytes JMP 00170C0C
.text C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe[2700] ADVAPI32.dll!ChangeServiceConfig2W 777A3B81 5 Bytes JMP 00170E10
.text C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe[2700] ADVAPI32.dll!CreateServiceA 777A3C41 5 Bytes JMP 001701F8
.text C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe[2700] USER32.dll!UnhookWindowsHookEx 77507CE7 5 Bytes JMP 00180A08
.text C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe[2700] USER32.dll!SetWindowsHookExA 7750891A 5 Bytes JMP 00180600
.text C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe[2700] USER32.dll!SetWindowsHookExW 7750913D 5 Bytes JMP 00180804
.text C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe[2700] USER32.dll!UnhookWinEvent 77512C03 5 Bytes JMP 001803FC
.text C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe[2700] USER32.dll!SetWinEventHook 77519BFD 5 Bytes JMP 001801F8
.text C:\firststeps\OnlineDiagnostic\TestManager\TestHandler.exe[2768] ntdll.dll!LdrLoadDll 775CEB00 5 Bytes JMP 001501F8
.text C:\firststeps\OnlineDiagnostic\TestManager\TestHandler.exe[2768] ntdll.dll!LdrUnloadDll 775DBF0A 5 Bytes JMP 001503FC
.text C:\firststeps\OnlineDiagnostic\TestManager\TestHandler.exe[2768] kernel32.dll!GetBinaryTypeW + 70 76E8714D 1 Byte [62]
.text C:\firststeps\OnlineDiagnostic\TestManager\TestHandler.exe[2768] USER32.dll!UnhookWindowsHookEx 77507CE7 5 Bytes JMP 00170A08
.text C:\firststeps\OnlineDiagnostic\TestManager\TestHandler.exe[2768] USER32.dll!SetWindowsHookExA 7750891A 5 Bytes JMP 00170600
.text C:\firststeps\OnlineDiagnostic\TestManager\TestHandler.exe[2768] USER32.dll!SetWindowsHookExW 7750913D 5 Bytes JMP 00170804
.text C:\firststeps\OnlineDiagnostic\TestManager\TestHandler.exe[2768] USER32.dll!UnhookWinEvent 77512C03 5 Bytes JMP 001703FC
.text C:\firststeps\OnlineDiagnostic\TestManager\TestHandler.exe[2768] USER32.dll!SetWinEventHook 77519BFD 5 Bytes JMP 001701F8
.text C:\firststeps\OnlineDiagnostic\TestManager\TestHandler.exe[2768] ADVAPI32.dll!CreateServiceW 77768686 5 Bytes JMP 001803FC
.text C:\firststeps\OnlineDiagnostic\TestManager\TestHandler.exe[2768] ADVAPI32.dll!DeleteService 77768788 5 Bytes JMP 00180600
.text C:\firststeps\OnlineDiagnostic\TestManager\TestHandler.exe[2768] ADVAPI32.dll!ChangeServiceConfigW 7776A26A 5 Bytes JMP 00180A08
.text C:\firststeps\OnlineDiagnostic\TestManager\TestHandler.exe[2768] ADVAPI32.dll!SetServiceObjectSecurity 777A3791 5 Bytes JMP 00181014
.text C:\firststeps\OnlineDiagnostic\TestManager\TestHandler.exe[2768] ADVAPI32.dll!ChangeServiceConfigA 777A3891 5 Bytes JMP 00180804
.text C:\firststeps\OnlineDiagnostic\TestManager\TestHandler.exe[2768] ADVAPI32.dll!ChangeServiceConfig2A 777A3A39 5 Bytes JMP 00180C0C
.text C:\firststeps\OnlineDiagnostic\TestManager\TestHandler.exe[2768] ADVAPI32.dll!ChangeServiceConfig2W 777A3B81 5 Bytes JMP 00180E10
.text C:\firststeps\OnlineDiagnostic\TestManager\TestHandler.exe[2768] ADVAPI32.dll!CreateServiceA 777A3C41 5 Bytes JMP 001801F8
.text C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe[2800] ntdll.dll!LdrLoadDll 775CEB00 5 Bytes JMP 000501F8
.text C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe[2800] ntdll.dll!LdrUnloadDll 775DBF0A 5 Bytes JMP 000503FC
.text C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe[2800] kernel32.dll!GetBinaryTypeW + 70 76E8714D 1 Byte [62]
.text C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe[2800] USER32.dll!UnhookWindowsHookEx 77507CE7 5 Bytes JMP 00070A08
.text C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe[2800] USER32.dll!SetWindowsHookExA 7750891A 5 Bytes JMP 00070600
.text C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe[2800] USER32.dll!SetWindowsHookExW 7750913D 5 Bytes JMP 00070804
.text C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe[2800] USER32.dll!UnhookWinEvent 77512C03 5 Bytes JMP 000703FC
.text C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe[2800] USER32.dll!SetWinEventHook 77519BFD 5 Bytes JMP 000701F8
.text C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe[2800] ADVAPI32.dll!CreateServiceW 77768686 5 Bytes JMP 000803FC
.text C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe[2800] ADVAPI32.dll!DeleteService 77768788 5 Bytes JMP 00080600
.text C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe[2800] ADVAPI32.dll!ChangeServiceConfigW 7776A26A 5 Bytes JMP 00080A08
.text C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe[2800] ADVAPI32.dll!SetServiceObjectSecurity 777A3791 5 Bytes JMP 00081014
.text C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe[2800] ADVAPI32.dll!ChangeServiceConfigA 777A3891 5 Bytes JMP 00080804
.text C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe[2800] ADVAPI32.dll!ChangeServiceConfig2A 777A3A39 5 Bytes JMP 00080C0C
.text C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe[2800] ADVAPI32.dll!ChangeServiceConfig2W 777A3B81 5 Bytes JMP 00080E10
.text C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe[2800] ADVAPI32.dll!CreateServiceA 777A3C41 5 Bytes JMP 000801F8
.text C:\Windows\System32\svchost.exe[2844] ntdll.dll!LdrLoadDll 775CEB00 5 Bytes JMP 000501F8
.text C:\Windows\System32\svchost.exe[2844] ntdll.dll!LdrUnloadDll 775DBF0A 5 Bytes JMP 000503FC
.text C:\Windows\System32\svchost.exe[2844] kernel32.dll!GetBinaryTypeW + 70 76E8714D 1 Byte [62]
.text C:\Windows\System32\svchost.exe[2844] ADVAPI32.dll!CreateServiceW 77768686 5 Bytes JMP 000B03FC
.text C:\Windows\System32\svchost.exe[2844] ADVAPI32.dll!DeleteService 77768788 5 Bytes JMP 000B0600
.text C:\Windows\System32\svchost.exe[2844] ADVAPI32.dll!ChangeServiceConfigW 7776A26A 5 Bytes JMP 000B0A08
.text C:\Windows\System32\svchost.exe[2844] ADVAPI32.dll!SetServiceObjectSecurity 777A3791 5 Bytes JMP 000B1014
.text C:\Windows\System32\svchost.exe[2844] ADVAPI32.dll!ChangeServiceConfigA 777A3891 5 Bytes JMP 000B0804
.text C:\Windows\System32\svchost.exe[2844] ADVAPI32.dll!ChangeServiceConfig2A 777A3A39 5 Bytes JMP 000B0C0C
.text C:\Windows\System32\svchost.exe[2844] ADVAPI32.dll!ChangeServiceConfig2W 777A3B81 5 Bytes JMP 000B0E10
.text C:\Windows\System32\svchost.exe[2844] ADVAPI32.dll!CreateServiceA 777A3C41 5 Bytes JMP 000B01F8
.text C:\Windows\system32\SearchIndexer.exe[2864] ntdll.dll!LdrLoadDll 775CEB00 5 Bytes JMP 000501F8
.text C:\Windows\system32\SearchIndexer.exe[2864] ntdll.dll!LdrUnloadDll 775DBF0A 5 Bytes JMP 000503FC
.text C:\Windows\system32\SearchIndexer.exe[2864] kernel32.dll!GetBinaryTypeW + 70 76E8714D 1 Byte [62]
.text C:\Windows\system32\SearchIndexer.exe[2864] ADVAPI32.dll!CreateServiceW 77768686 5 Bytes JMP 000703FC
.text C:\Windows\system32\SearchIndexer.exe[2864] ADVAPI32.dll!DeleteService 77768788 5 Bytes JMP 00070600
.text C:\Windows\system32\SearchIndexer.exe[2864] ADVAPI32.dll!ChangeServiceConfigW 7776A26A 5 Bytes JMP 00070A08
.text C:\Windows\system32\SearchIndexer.exe[2864] ADVAPI32.dll!SetServiceObjectSecurity 777A3791 5 Bytes JMP 00071014
.text C:\Windows\system32\SearchIndexer.exe[2864] ADVAPI32.dll!ChangeServiceConfigA 777A3891 5 Bytes JMP 00070804
.text C:\Windows\system32\SearchIndexer.exe[2864] ADVAPI32.dll!ChangeServiceConfig2A 777A3A39 5 Bytes JMP 00070C0C
.text C:\Windows\system32\SearchIndexer.exe[2864] ADVAPI32.dll!ChangeServiceConfig2W 777A3B81 5 Bytes JMP 00070E10
.text C:\Windows\system32\SearchIndexer.exe[2864] ADVAPI32.dll!CreateServiceA 777A3C41 5 Bytes JMP 000701F8
.text C:\Windows\system32\SearchIndexer.exe[2864] USER32.dll!UnhookWindowsHookEx 77507CE7 5 Bytes JMP 00080A08
.text C:\Windows\system32\SearchIndexer.exe[2864] USER32.dll!SetWindowsHookExA 7750891A 5 Bytes JMP 00080600
.text C:\Windows\system32\SearchIndexer.exe[2864] USER32.dll!SetWindowsHookExW 7750913D 5 Bytes JMP 00080804
.text C:\Windows\system32\SearchIndexer.exe[2864] USER32.dll!UnhookWinEvent 77512C03 5 Bytes JMP 000803FC
.text C:\Windows\system32\SearchIndexer.exe[2864] USER32.dll!SetWinEventHook 77519BFD 5 Bytes JMP 000801F8
.text C:\Windows\system32\taskeng.exe[2972] ntdll.dll!LdrLoadDll 775CEB00 5 Bytes JMP 000501F8
.text C:\Windows\system32\taskeng.exe[2972] ntdll.dll!LdrUnloadDll 775DBF0A 5 Bytes JMP 000503FC
.text C:\Windows\system32\taskeng.exe[2972] kernel32.dll!GetBinaryTypeW + 70 76E8714D 1 Byte [62]
.text C:\Windows\system32\taskeng.exe[2972] ADVAPI32.dll!CreateServiceW 77768686 5 Bytes JMP 000703FC
.text C:\Windows\system32\taskeng.exe[2972] ADVAPI32.dll!DeleteService 77768788 5 Bytes JMP 00070600
.text C:\Windows\system32\taskeng.exe[2972] ADVAPI32.dll!ChangeServiceConfigW 7776A26A 5 Bytes JMP 00070A08
.text C:\Windows\system32\taskeng.exe[2972] ADVAPI32.dll!SetServiceObjectSecurity 777A3791 5 Bytes JMP 00071014
.text C:\Windows\system32\taskeng.exe[2972] ADVAPI32.dll!ChangeServiceConfigA 777A3891 5 Bytes JMP 00070804
.text C:\Windows\system32\taskeng.exe[2972] ADVAPI32.dll!ChangeServiceConfig2A 777A3A39 5 Bytes JMP 00070C0C
.text C:\Windows\system32\taskeng.exe[2972] ADVAPI32.dll!ChangeServiceConfig2W 777A3B81 5 Bytes JMP 00070E10
.text C:\Windows\system32\taskeng.exe[2972] ADVAPI32.dll!CreateServiceA 777A3C41 5 Bytes JMP 000701F8
.text C:\Windows\system32\taskeng.exe[2972] USER32.dll!UnhookWindowsHookEx 77507CE7 5 Bytes JMP 00080A08
.text C:\Windows\system32\taskeng.exe[2972] USER32.dll!SetWindowsHookExA 7750891A 5 Bytes JMP 00080600
.text C:\Windows\system32\taskeng.exe[2972] USER32.dll!SetWindowsHookExW 7750913D 5 Bytes JMP 00080804
.text C:\Windows\system32\taskeng.exe[2972] USER32.dll!UnhookWinEvent 77512C03 5 Bytes JMP 000803FC
.text C:\Windows\system32\taskeng.exe[2972] USER32.dll!SetWinEventHook 77519BFD 5 Bytes JMP 000801F8
.text C:\Windows\system32\Dwm.exe[2976] ntdll.dll!LdrLoadDll 775CEB00 5 Bytes JMP 000501F8
.text C:\Windows\system32\Dwm.exe[2976] ntdll.dll!LdrUnloadDll 775DBF0A 5 Bytes JMP 000503FC
.text C:\Windows\system32\Dwm.exe[2976] kernel32.dll!GetBinaryTypeW + 70 76E8714D 1 Byte [62]
.text C:\Windows\system32\Dwm.exe[2976] ADVAPI32.dll!CreateServiceW 77768686 5 Bytes JMP 000703FC
.text C:\Windows\system32\Dwm.exe[2976] ADVAPI32.dll!DeleteService 77768788 5 Bytes JMP 00070600
.text C:\Windows\system32\Dwm.exe[2976] ADVAPI32.dll!ChangeServiceConfigW 7776A26A 5 Bytes JMP 00070A08
.text C:\Windows\system32\Dwm.exe[2976] ADVAPI32.dll!SetServiceObjectSecurity 777A3791 5 Bytes JMP 00071014
.text C:\Windows\system32\Dwm.exe[2976] ADVAPI32.dll!ChangeServiceConfigA 777A3891 5 Bytes JMP 00070804
.text C:\Windows\system32\Dwm.exe[2976] ADVAPI32.dll!ChangeServiceConfig2A 777A3A39 5 Bytes JMP 00070C0C
.text C:\Windows\system32\Dwm.exe[2976] ADVAPI32.dll!ChangeServiceConfig2W 777A3B81 5 Bytes JMP 00070E10
.text C:\Windows\system32\Dwm.exe[2976] ADVAPI32.dll!CreateServiceA 777A3C41 5 Bytes JMP 000701F8
.text C:\Windows\system32\Dwm.exe[2976] USER32.dll!UnhookWindowsHookEx 77507CE7 5 Bytes JMP 00080A08
.text C:\Windows\system32\Dwm.exe[2976] USER32.dll!SetWindowsHookExA 7750891A 5 Bytes JMP 00080600
.text C:\Windows\system32\Dwm.exe[2976] USER32.dll!SetWindowsHookExW 7750913D 5 Bytes JMP 00080804
.text C:\Windows\system32\Dwm.exe[2976] USER32.dll!UnhookWinEvent 77512C03 5 Bytes JMP 000803FC
.text C:\Windows\system32\Dwm.exe[2976] USER32.dll!SetWinEventHook 77519BFD 5 Bytes JMP 000801F8
.text C:\Program Files\DivX\DivX Update\DivXUpdate.exe[2984] ntdll.dll!LdrLoadDll 775CEB00 5 Bytes JMP 001601F8
.text C:\Program Files\DivX\DivX Update\DivXUpdate.exe[2984] ntdll.dll!LdrUnloadDll 775DBF0A 5 Bytes JMP 001603FC
.text C:\Program Files\DivX\DivX Update\DivXUpdate.exe[2984] kernel32.dll!GetBinaryTypeW + 70 76E8714D 1 Byte [62]
.text C:\Program Files\DivX\DivX Update\DivXUpdate.exe[2984] USER32.dll!UnhookWindowsHookEx 77507CE7 5 Bytes JMP 00170A08
.text C:\Program Files\DivX\DivX Update\DivXUpdate.exe[2984] USER32.dll!SetWindowsHookExA 7750891A 5 Bytes JMP 00170600
.text C:\Program Files\DivX\DivX Update\DivXUpdate.exe[2984] USER32.dll!SetWindowsHookExW 7750913D 5 Bytes JMP 00170804
.text C:\Program Files\DivX\DivX Update\DivXUpdate.exe[2984] USER32.dll!UnhookWinEvent 77512C03 5 Bytes JMP 001703FC
.text C:\Program Files\DivX\DivX Update\DivXUpdate.exe[2984] USER32.dll!SetWinEventHook 77519BFD 5 Bytes JMP 001701F8
.text C:\Program Files\DivX\DivX Update\DivXUpdate.exe[2984] ADVAPI32.dll!CreateServiceW 77768686 5 Bytes JMP 001803FC
.text C:\Program Files\DivX\DivX Update\DivXUpdate.exe[2984] ADVAPI32.dll!DeleteService 77768788 5 Bytes JMP 00180600
.text C:\Program Files\DivX\DivX Update\DivXUpdate.exe[2984] ADVAPI32.dll!ChangeServiceConfigW 7776A26A 5 Bytes JMP 00180A08
.text C:\Program Files\DivX\DivX Update\DivXUpdate.exe[2984] ADVAPI32.dll!SetServiceObjectSecurity 777A3791 5 Bytes JMP 00181014
.text C:\Program Files\DivX\DivX Update\DivXUpdate.exe[2984] ADVAPI32.dll!ChangeServiceConfigA 777A3891 5 Bytes JMP 00180804
.text C:\Program Files\DivX\DivX Update\DivXUpdate.exe[2984] ADVAPI32.dll!ChangeServiceConfig2A 777A3A39 5 Bytes JMP 00180C0C
.text C:\Program Files\DivX\DivX Update\DivXUpdate.exe[2984] ADVAPI32.dll!ChangeServiceConfig2W 777A3B81 5 Bytes JMP 00180E10
.text C:\Program Files\DivX\DivX Update\DivXUpdate.exe[2984] ADVAPI32.dll!CreateServiceA 777A3C41 5 Bytes JMP 001801F8
.text C:\Windows\Explorer.EXE[2988] ntdll.dll!LdrLoadDll 775CEB00 5 Bytes JMP 000501F8
.text C:\Windows\Explorer.EXE[2988] ntdll.dll!LdrUnloadDll 775DBF0A 5 Bytes JMP 000503FC
.text C:\Windows\Explorer.EXE[2988] kernel32.dll!GetBinaryTypeW + 70 76E8714D 1 Byte [62]
.text C:\Windows\Explorer.EXE[2988] ADVAPI32.dll!CreateServiceW 77768686 5 Bytes JMP 000B03FC
.text C:\Windows\Explorer.EXE[2988] ADVAPI32.dll!DeleteService 77768788 5 Bytes JMP 000B0600
.text C:\Windows\Explorer.EXE[2988] ADVAPI32.dll!ChangeServiceConfigW 7776A26A 5 Bytes JMP 000B0A08
.text C:\Windows\Explorer.EXE[2988] ADVAPI32.dll!SetServiceObjectSecurity 777A3791 5 Bytes JMP 000B1014
.text C:\Windows\Explorer.EXE[2988] ADVAPI32.dll!ChangeServiceConfigA 777A3891 5 Bytes JMP 000B0804
.text C:\Windows\Explorer.EXE[2988] ADVAPI32.dll!ChangeServiceConfig2A 777A3A39 5 Bytes JMP 000B0C0C
.text C:\Windows\Explorer.EXE[2988] ADVAPI32.dll!ChangeServiceConfig2W 777A3B81 5 Bytes JMP 000B0E10
.text C:\Windows\Explorer.EXE[2988] ADVAPI32.dll!CreateServiceA 777A3C41 5 Bytes JMP 000B01F8
.text C:\Windows\Explorer.EXE[2988] USER32.dll!UnhookWindowsHookEx 77507CE7 5 Bytes JMP 000C0A08
.text C:\Windows\Explorer.EXE[2988] USER32.dll!SetWindowsHookExA 7750891A 5 Bytes JMP 000C0600
.text C:\Windows\Explorer.EXE[2988] USER32.dll!SetWindowsHookExW 7750913D 5 Bytes JMP 000C0804
.text C:\Windows\Explorer.EXE[2988] USER32.dll!UnhookWinEvent 77512C03 5 Bytes JMP 000C03FC
.text C:\Windows\Explorer.EXE[2988] USER32.dll!SetWinEventHook 77519BFD 5 Bytes JMP 000C01F8
.text C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe[3028] ntdll.dll!LdrLoadDll 775CEB00 5 Bytes JMP 000501F8
.text C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe[3028] ntdll.dll!LdrUnloadDll 775DBF0A 5 Bytes JMP 000503FC
.text C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe[3028] kernel32.dll!GetBinaryTypeW + 70 76E8714D 1 Byte [62]
.text C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe[3028] USER32.dll!UnhookWindowsHookEx 77507CE7 5 Bytes JMP 00070A08
.text C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe[3028] USER32.dll!SetWindowsHookExA 7750891A 5 Bytes JMP 00070600
.text C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe[3028] USER32.dll!SetWindowsHookExW 7750913D 5 Bytes JMP 00070804
.text C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe[3028] USER32.dll!UnhookWinEvent 77512C03 5 Bytes JMP 000703FC
.text C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe[3028] USER32.dll!SetWinEventHook 77519BFD 5 Bytes JMP 000701F8
.text C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe[3028] ADVAPI32.dll!CreateServiceW 77768686 5 Bytes JMP 000803FC
.text C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe[3028] ADVAPI32.dll!DeleteService 77768788 5 Bytes JMP 00080600
.text C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe[3028] ADVAPI32.dll!ChangeServiceConfigW 7776A26A 5 Bytes JMP 00080A08
.text C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe[3028] ADVAPI32.dll!SetServiceObjectSecurity 777A3791 5 Bytes JMP 00081014
.text C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe[3028] ADVAPI32.dll!ChangeServiceConfigA 777A3891 5 Bytes JMP 00080804
.text C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe[3028] ADVAPI32.dll!ChangeServiceConfig2A 777A3A39 5 Bytes JMP 00080C0C
.text C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe[3028] ADVAPI32.dll!ChangeServiceConfig2W 777A3B81 5 Bytes JMP 00080E10
.text C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe[3028] ADVAPI32.dll!CreateServiceA 777A3C41 5 Bytes JMP 000801F8
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe[3084] ntdll.dll!LdrLoadDll 775CEB00 5 Bytes JMP 000501F8
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe[3084] ntdll.dll!LdrUnloadDll 775DBF0A 5 Bytes JMP 000503FC
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe[3084] kernel32.dll!GetBinaryTypeW + 70 76E8714D 1 Byte [62]
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe[3084] ADVAPI32.dll!CreateServiceW 77768686 5 Bytes JMP 000903FC
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe[3084] ADVAPI32.dll!DeleteService 77768788 5 Bytes JMP 00090600
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe[3084] ADVAPI32.dll!ChangeServiceConfigW 7776A26A 5 Bytes JMP 00090A08
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe[3084] ADVAPI32.dll!SetServiceObjectSecurity 777A3791 5 Bytes JMP 00091014
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe[3084] ADVAPI32.dll!ChangeServiceConfigA 777A3891 5 Bytes JMP 00090804
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe[3084] ADVAPI32.dll!ChangeServiceConfig2A 777A3A39 5 Bytes JMP 00090C0C
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe[3084] ADVAPI32.dll!ChangeServiceConfig2W 777A3B81 5 Bytes JMP 00090E10
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe[3084] ADVAPI32.dll!CreateServiceA 777A3C41 5 Bytes JMP 000901F8
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe[3084] USER32.dll!UnhookWindowsHookEx 77507CE7 5 Bytes JMP 00A30A08
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe[3084] USER32.dll!SetWindowsHookExA 7750891A 5 Bytes JMP 00A30600
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe[3084] USER32.dll!SetWindowsHookExW 7750913D 5 Bytes JMP 00A30804
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe[3084] USER32.dll!UnhookWinEvent 77512C03 5 Bytes JMP 00A303FC
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe[3084] USER32.dll!SetWinEventHook 77519BFD 5 Bytes JMP 00A301F8
.text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] ntdll.dll!LdrLoadDll 775CEB00 5 Bytes JMP 000701F8
.text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] ntdll.dll!LdrUnloadDll 775DBF0A 5 Bytes JMP 000703FC
.text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] ntdll.dll!NtCreateFile + 6 775FF41A 4 Bytes [28, 00, 06, 00]
.text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] ntdll.dll!NtCreateFile + B 775FF41F 1 Byte [E2]
.text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] ntdll.dll!NtCreateKey + 6 775FF45A 4 Bytes [68, 01, 06, 00]
.text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] ntdll.dll!NtCreateKey + B 775FF45F 1 Byte [E2]
.text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] ntdll.dll!NtCreateMutant + 6 775FF48A 4 Bytes [28, 02, 06, 00]
.text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] ntdll.dll!NtCreateMutant + B 775FF48F 1 Byte [E2]
.text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] ntdll.dll!NtCreateSection + 6 775FF50A 4 Bytes [68, 02, 06, 00]
.text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] ntdll.dll!NtCreateSection + B 775FF50F 1 Byte [E2]
.text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] ntdll.dll!NtMapViewOfSection + 6 775FFB6A 4 Bytes [A8, 04, 06, 00]
.text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] ntdll.dll!NtMapViewOfSection + B 775FFB6F 1 Byte [E2]
.text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] ntdll.dll!NtOpenFile + 6 775FFBFA 4 Bytes [68, 00, 06, 00]
.text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] ntdll.dll!NtOpenFile + B 775FFBFF 1 Byte [E2]
.text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] ntdll.dll!NtOpenKey + 6 775FFC2A 4 Bytes [A8, 01, 06, 00]
.text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] ntdll.dll!NtOpenKey + B 775FFC2F 1 Byte [E2]
.text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] ntdll.dll!NtOpenMutant + 6 775FFC4A 4 Bytes CALL 76600250 C:\Windows\system32\SHELL32.dll (Allgemeine Windows-Shell-DLL/Microsoft Corporation)
.text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] ntdll.dll!NtOpenMutant + B 775FFC4F 1 Byte [E2]
.text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] ntdll.dll!NtOpenProcess + 6 775FFC7A 1 Byte [28]
.text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] ntdll.dll!NtOpenProcess + 6 775FFC7A 4 Bytes [28, 03, 06, 00]
.text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] ntdll.dll!NtOpenProcess + B 775FFC7F 1 Byte [E2]
.text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] ntdll.dll!NtOpenProcessToken + 6 775FFC8A 1 Byte [68]
.text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] ntdll.dll!NtOpenProcessToken + 6 775FFC8A 4 Bytes [68, 03, 06, 00]
.text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] ntdll.dll!NtOpenProcessToken + B 775FFC8F 1 Byte [E2]
.text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] ntdll.dll!NtOpenProcessTokenEx + 6 775FFC9A 4 Bytes [28, 04, 06, 00]
.text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] ntdll.dll!NtOpenProcessTokenEx + B 775FFC9F 1 Byte [E2]
.text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] ntdll.dll!NtOpenSection + 6 775FFCAA 4 Bytes [A8, 02, 06, 00]
.text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] ntdll.dll!NtOpenSection + B 775FFCAF 1 Byte [E2]
.text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] ntdll.dll!NtOpenThread + 6 775FFCEA 4 Bytes CALL 766002F1 C:\Windows\system32\SHELL32.dll (Allgemeine Windows-Shell-DLL/Microsoft Corporation)
.text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] ntdll.dll!NtOpenThread + B 775FFCEF 1 Byte [E2]
.text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] ntdll.dll!NtOpenThreadToken + 6 775FFCFA 1 Byte [E8]
.text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] ntdll.dll!NtOpenThreadToken + 6 775FFCFA 4 Bytes CALL 76600302 C:\Windows\system32\SHELL32.dll (Allgemeine Windows-Shell-DLL/Microsoft Corporation)
.text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] ntdll.dll!NtOpenThreadToken + B 775FFCFF 1 Byte [E2]
.text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] ntdll.dll!NtOpenThreadTokenEx + 6 775FFD0A 4 Bytes [68, 04, 06, 00]
.text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] ntdll.dll!NtOpenThreadTokenEx + B 775FFD0F 1 Byte [E2]
.text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] ntdll.dll!NtQueryAttributesFile + 6 775FFD9A 4 Bytes [A8, 00, 06, 00]
.text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] ntdll.dll!NtQueryAttributesFile + B 775FFD9F 1 Byte [E2]
.text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] ntdll.dll!NtQueryFullAttributesFile + 6 775FFE4A 4 Bytes CALL 7660044F C:\Windows\system32\SHELL32.dll (Allgemeine Windows-Shell-DLL/Microsoft Corporation)
.text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] ntdll.dll!NtQueryFullAttributesFile + B 775FFE4F 1 Byte [E2]
.text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] ntdll.dll!NtSetInformationFile + 6 7760036A 4 Bytes [28, 01, 06, 00]
.text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] ntdll.dll!NtSetInformationFile + B 7760036F 1 Byte [E2]
.text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] ntdll.dll!NtSetInformationThread + 6 776003BA 1 Byte [A8]
.text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] ntdll.dll!NtSetInformationThread + 6 776003BA 4 Bytes [A8, 03, 06, 00]
.text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] ntdll.dll!NtSetInformationThread + B 776003BF 1 Byte [E2]
.text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] ntdll.dll!NtUnmapViewOfSection + 6 7760065A 4 Bytes CALL 76600C63 C:\Windows\system32\SHELL32.dll (Allgemeine Windows-Shell-DLL/Microsoft Corporation)
.text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] ntdll.dll!NtUnmapViewOfSection + B 7760065F 1 Byte [E2]
.text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] kernel32.dll!CreateProcessW 76E61D27 5 Bytes JMP 000100B0
.text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] kernel32.dll!CreateProcessA 76E61D5C 5 Bytes JMP 000100F0
.text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] kernel32.dll!OpenEventW 76E84CB8 5 Bytes JMP 00010070
.text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] kernel32.dll!GetBinaryTypeW + 70 76E8714D 1 Byte [62]
.text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] kernel32.dll!CreateEventW 76E89146 5 Bytes JMP 00010030
.text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] GDI32.dll!DeleteObject 76FD5A1F 5 Bytes JMP 001A01B0
.text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] GDI32.dll!GetDeviceCaps 76FD5EA6 5 Bytes JMP 001A03B0
.text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] GDI32.dll!SelectObject 76FD5FC0 5 Bytes JMP 001A05F0
.text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] GDI32.dll!SetBkMode 76FD6390 5 Bytes JMP 001A08F0
.text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] GDI32.dll!SetTextColor 76FD64BF 5 Bytes JMP 001A0A30
.text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] GDI32.dll!SetStretchBltMode 76FD6624 5 Bytes JMP 001A06B0
.text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] GDI32.dll!DeleteDC 76FD69A5 5 Bytes JMP 001A0170
.text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] GDI32.dll!StretchDIBits 76FD6F0F 5 Bytes JMP 001A0770
.text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] GDI32.dll!GetTextMetricsW 76FD720B 5 Bytes JMP 001A0E30
.text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] GDI32.dll!GetCurrentObject 76FD7419 5 Bytes JMP 001A0370
.text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] GDI32.dll!RestoreDC 76FD74AA 5 Bytes JMP 001A0530
.text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] GDI32.dll!SaveDC 76FD7557 5 Bytes JMP 001A0570
.text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] GDI32.dll!GetTextAlign 76FD7A93 5 Bytes JMP 001A0D70
.text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] GDI32.dll!ExtSelectClipRgn 76FD7AE2 5 Bytes JMP 001A02F0
.text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] GDI32.dll!SelectClipRgn 76FD7BED 5 Bytes JMP 001A05B0
.text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] GDI32.dll!SetTextAlign 76FD7E09 5 Bytes JMP 001A09F0
.text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] GDI32.dll!IntersectClipRect 76FD82B4 5 Bytes JMP 001A03F0
.text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] GDI32.dll!SetICMMode 76FD88BB 5 Bytes JMP 001A0DB0
.text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] GDI32.dll!ExtTextOutW 76FD89EC 5 Bytes JMP 001A0970
|
|
25.09.2012, 23:26
| #25 |
| | Avast blockiert URL bei Google Chrome Teil2: Code:
ATTFilter .text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] GDI32.dll!MoveToEx 76FD8E09 5 Bytes JMP 001A0470
.text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] GDI32.dll!Rectangle 76FD90CA 5 Bytes JMP 001A09B0
.text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] GDI32.dll!GetClipBox 76FD989D 5 Bytes JMP 001A0330
.text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] GDI32.dll!GetTextFaceW 76FDA788 5 Bytes JMP 001A0D30
.text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] GDI32.dll!GetTextExtentPoint32W 76FDABB5 5 Bytes JMP 001A0670
.text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] GDI32.dll!CreateDCA 76FDBCD9 5 Bytes JMP 001A00B0
.text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] GDI32.dll!CreateDCW 76FDBE99 5 Bytes JMP 001A00F0
.text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] GDI32.dll!CreateICW 76FDBEDD 5 Bytes JMP 001A0130
.text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] GDI32.dll!GetFontData 76FDC6E3 5 Bytes JMP 001A0C70
.text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] GDI32.dll!SetWorldTransform 76FDCC0A 5 Bytes JMP 001A06F0
.text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] GDI32.dll!GetTextMetricsA 76FDD201 5 Bytes JMP 001A0DF0
.text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] GDI32.dll!LineTo 76FE0984 5 Bytes JMP 001A0430
.text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] GDI32.dll!ExtTextOutA 76FE10E8 5 Bytes JMP 001A0930
.text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] GDI32.dll!GetTextExtentPoint32A 76FE11A7 5 Bytes JMP 001A0630
.text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] GDI32.dll!ExtEscape 76FE544B 5 Bytes JMP 001A02B0
.text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] GDI32.dll!EndPage 76FE70FC 5 Bytes JMP 001A0230
.text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] GDI32.dll!SetMiterLimit 76FE98D2 5 Bytes JMP 001A0B70
.text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] GDI32.dll!ResetDCW 76FEF929 5 Bytes JMP 001A0AB0
.text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] GDI32.dll!GetTextFaceA 76FEFE74 5 Bytes JMP 001A0CF0
.text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] GDI32.dll!SetPolyFillMode 76FEFF50 5 Bytes JMP 001A0B30
.text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] GDI32.dll!GetGlyphOutlineW 76FEFFEF 5 Bytes JMP 001A0CB0
.text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] GDI32.dll!Escape 76FF0181 5 Bytes JMP 001A0270
.text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] GDI32.dll!CreateScalableFontResourceW 76FFD8CD 5 Bytes JMP 001A0BB0
.text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] GDI32.dll!AddFontResourceW 76FFDB8E 5 Bytes JMP 001A0BF0
.text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] GDI32.dll!RemoveFontResourceW 76FFDE3B 5 Bytes JMP 001A0C30
.text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] GDI32.dll!AbortDoc 77002F0C 5 Bytes JMP 001A0030
.text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] GDI32.dll!EndDoc 7700325D 5 Bytes JMP 001A01F0
.text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] GDI32.dll!StartPage 77003348 5 Bytes JMP 001A0730
.text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] GDI32.dll!StartDocW 77003DBB 5 Bytes JMP 001A07F0
.text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] GDI32.dll!BeginPath 77004575 5 Bytes JMP 001A0830
.text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] GDI32.dll!SelectClipPath 770045CC 5 Bytes JMP 001A0AF0
.text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] GDI32.dll!CloseFigure 77004627 5 Bytes JMP 001A0070
.text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] GDI32.dll!EndPath 7700467E 5 Bytes JMP 001A0A70
.text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] GDI32.dll!StrokePath 770048B0 5 Bytes JMP 001A07B0
.text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] GDI32.dll!FillPath 7700493C 5 Bytes JMP 001A0870
.text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] GDI32.dll!PolylineTo 77004DA5 5 Bytes JMP 001A04F0
.text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] GDI32.dll!PolyBezierTo 77004E35 5 Bytes JMP 001A04B0
.text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] GDI32.dll!PolyDraw 77004EE6 5 Bytes JMP 001A08B0
.text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] USER32.dll!GetTopWindow 77507BC1 7 Bytes JMP 001B0730
.text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] USER32.dll!UnhookWindowsHookEx 77507CE7 5 Bytes JMP 00320A08
.text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] USER32.dll!SetWindowsHookExA 7750891A 5 Bytes JMP 00320600
.text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] USER32.dll!SetWindowsHookExW 7750913D 5 Bytes JMP 00320804
.text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] USER32.dll!CountClipboardFormats 7750BEAE 5 Bytes JMP 001B01F0
.text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] USER32.dll!RegisterClipboardFormatW 7750F811 5 Bytes JMP 001B02B0
.text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] USER32.dll!UnhookWinEvent 77512C03 5 Bytes JMP 003203FC
.text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] USER32.dll!SetWinEventHook 77519BFD 5 Bytes JMP 003201F8
.text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] USER32.dll!ActivateKeyboardLayout 7751A98F 5 Bytes JMP 001B04F0
.text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] USER32.dll!RegisterClipboardFormatA 7751AE53 5 Bytes JMP 001B02F0
.text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] USER32.dll!GetClipboardFormatNameA 7751B156 5 Bytes JMP 001B0270
.text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] USER32.dll!GetClientRect 7751B326 7 Bytes JMP 001B05B0
.text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] USER32.dll!MonitorFromWindow 7751B488 7 Bytes JMP 001B0630
.text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] USER32.dll!ScreenToClient 7751C168 7 Bytes JMP 001B0670
.text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] USER32.dll!GetParent 77522E21 7 Bytes JMP 001B06F0
.text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] USER32.dll!IsWindowVisible 775233B9 7 Bytes JMP 001B06B0
.text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] USER32.dll!MapWindowPoints 77523440 5 Bytes JMP 001B0570
.text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] USER32.dll!SetCursor 7752379D 5 Bytes JMP 001B0530
.text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] USER32.dll!PostMessageW 775238A5 5 Bytes JMP 001B05F0
.text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] USER32.dll!SetCursorPos 77524E53 5 Bytes JMP 001B0770
.text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] USER32.dll!GetClipboardViewer 77524EC8 5 Bytes JMP 001B0470
.text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] USER32.dll!GetClipboardData 77525812 5 Bytes JMP 001B0030
.text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] USER32.dll!EmptyClipboard 7752592E 5 Bytes JMP 001B0130
.text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] USER32.dll!EnumClipboardFormats 77525940 5 Bytes JMP 001B01B0
.text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] USER32.dll!SetClipboardViewer 77531C5F 5 Bytes JMP 001B04B0
.text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] USER32.dll!GetOpenClipboardWindow 77531C7A 5 Bytes JMP 001B03F0
.text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] USER32.dll!ChangeClipboardChain 7753BA32 5 Bytes JMP 001B0430
.text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] USER32.dll!CloseClipboard 7753C9AD 5 Bytes JMP 001B00B0
.text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] USER32.dll!OpenClipboard 7753C9BF 5 Bytes JMP 001B0070
.text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] USER32.dll!IsClipboardFormatAvailable 7753CA40 5 Bytes JMP 001B00F0
.text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] USER32.dll!GetClipboardSequenceNumber 7753CA54 5 Bytes JMP 001B0330
.text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] USER32.dll!GetClipboardOwner 7753CA86 5 Bytes JMP 001B0370
.text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] USER32.dll!SetClipboardData 7755111B 5 Bytes JMP 001B0170
.text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] USER32.dll!GetClipboardFormatNameW 775546BF 5 Bytes JMP 001B0230
.text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] USER32.dll!GetPriorityClipboardFormat 77565537 5 Bytes JMP 001B03B0
.text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] ADVAPI32.dll!CreateServiceW 77768686 5 Bytes JMP 003403FC
.text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] ADVAPI32.dll!DeleteService 77768788 5 Bytes JMP 00340600
.text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] ADVAPI32.dll!ChangeServiceConfigW 7776A26A 5 Bytes JMP 00340A08
.text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] ADVAPI32.dll!SetServiceObjectSecurity 777A3791 5 Bytes JMP 00341014
.text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] ADVAPI32.dll!ChangeServiceConfigA 777A3891 5 Bytes JMP 00340804
.text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] ADVAPI32.dll!ChangeServiceConfig2A 777A3A39 5 Bytes JMP 00340C0C
.text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] ADVAPI32.dll!ChangeServiceConfig2W 777A3B81 5 Bytes JMP 00340E10
.text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] ADVAPI32.dll!CreateServiceA 777A3C41 5 Bytes JMP 003401F8
.text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] ole32.dll!OleGetClipboard 7742BDDE 5 Bytes JMP 001C00B0
.text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] ole32.dll!OleSetClipboard 77451060 5 Bytes JMP 001C0030
.text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] ole32.dll!OleIsCurrentClipboard 7745B1A5 5 Bytes JMP 001C0070
.text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] Secur32.dll!FreeContextBuffer 75B2243F 5 Bytes JMP 001E00F0
.text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] Secur32.dll!DeleteSecurityContext 75B225C7 5 Bytes JMP 001E0270
.text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] Secur32.dll!FreeCredentialsHandle 75B22AD9 5 Bytes JMP 001E0130
.text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] Secur32.dll!QueryContextAttributesA 75B261FF 5 Bytes JMP 001E0070
.text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] Secur32.dll!InitializeSecurityContextA 75B26282 5 Bytes JMP 001E0170
.text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] Secur32.dll!AcquireCredentialsHandleA 75B263CE 5 Bytes JMP 001E0030
.text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] Secur32.dll!EncryptMessage 75B28A63 5 Bytes JMP 001E01F0
.text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] Secur32.dll!DecryptMessage 75B28B31 5 Bytes JMP 001E0230
.text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] Secur32.dll!ApplyControlToken 75B2DE58 5 Bytes JMP 001E01B0
.text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] Secur32.dll!QueryCredentialsAttributesA 75B2DFD3 5 Bytes JMP 001E00B0
.text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3300] ntdll.dll!LdrLoadDll 775CEB00 5 Bytes JMP 000501F8
.text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3300] ntdll.dll!LdrUnloadDll 775DBF0A 5 Bytes JMP 000503FC
.text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3300] kernel32.dll!GetBinaryTypeW + 70 76E8714D 1 Byte [62]
.text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3300] USER32.dll!UnhookWindowsHookEx 77507CE7 5 Bytes JMP 00070A08
.text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3300] USER32.dll!SetWindowsHookExA 7750891A 5 Bytes JMP 00070600
.text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3300] USER32.dll!SetWindowsHookExW 7750913D 5 Bytes JMP 00070804
.text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3300] USER32.dll!UnhookWinEvent 77512C03 5 Bytes JMP 000703FC
.text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3300] USER32.dll!SetWinEventHook 77519BFD 5 Bytes JMP 000701F8
.text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3300] ADVAPI32.dll!CreateServiceW 77768686 5 Bytes JMP 000803FC
.text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3300] ADVAPI32.dll!DeleteService 77768788 5 Bytes JMP 00080600
.text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3300] ADVAPI32.dll!ChangeServiceConfigW 7776A26A 5 Bytes JMP 00080A08
.text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3300] ADVAPI32.dll!SetServiceObjectSecurity 777A3791 5 Bytes JMP 00081014
.text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3300] ADVAPI32.dll!ChangeServiceConfigA 777A3891 5 Bytes JMP 00080804
.text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3300] ADVAPI32.dll!ChangeServiceConfig2A 777A3A39 5 Bytes JMP 00080C0C
.text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3300] ADVAPI32.dll!ChangeServiceConfig2W 777A3B81 5 Bytes JMP 00080E10
.text C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3300] ADVAPI32.dll!CreateServiceA 777A3C41 5 Bytes JMP 000801F8
.text C:\Windows\system32\taskeng.exe[3324] ntdll.dll!LdrLoadDll 775CEB00 5 Bytes JMP 000501F8
.text C:\Windows\system32\taskeng.exe[3324] ntdll.dll!LdrUnloadDll 775DBF0A 5 Bytes JMP 000503FC
.text C:\Windows\system32\taskeng.exe[3324] kernel32.dll!GetBinaryTypeW + 70 76E8714D 1 Byte [62]
.text C:\Windows\system32\taskeng.exe[3324] ADVAPI32.dll!CreateServiceW 77768686 5 Bytes JMP 000B03FC
.text C:\Windows\system32\taskeng.exe[3324] ADVAPI32.dll!DeleteService 77768788 5 Bytes JMP 000B0600
.text C:\Windows\system32\taskeng.exe[3324] ADVAPI32.dll!ChangeServiceConfigW 7776A26A 5 Bytes JMP 000B0A08
.text C:\Windows\system32\taskeng.exe[3324] ADVAPI32.dll!SetServiceObjectSecurity 777A3791 5 Bytes JMP 000B1014
.text C:\Windows\system32\taskeng.exe[3324] ADVAPI32.dll!ChangeServiceConfigA 777A3891 5 Bytes JMP 000B0804
.text C:\Windows\system32\taskeng.exe[3324] ADVAPI32.dll!ChangeServiceConfig2A 777A3A39 5 Bytes JMP 000B0C0C
.text C:\Windows\system32\taskeng.exe[3324] ADVAPI32.dll!ChangeServiceConfig2W 777A3B81 5 Bytes JMP 000B0E10
.text C:\Windows\system32\taskeng.exe[3324] ADVAPI32.dll!CreateServiceA 777A3C41 5 Bytes JMP 000B01F8
.text C:\Windows\system32\taskeng.exe[3324] USER32.dll!UnhookWindowsHookEx 77507CE7 5 Bytes JMP 000C0A08
.text C:\Windows\system32\taskeng.exe[3324] USER32.dll!SetWindowsHookExA 7750891A 5 Bytes JMP 000C0600
.text C:\Windows\system32\taskeng.exe[3324] USER32.dll!SetWindowsHookExW 7750913D 5 Bytes JMP 000C0804
.text C:\Windows\system32\taskeng.exe[3324] USER32.dll!UnhookWinEvent 77512C03 5 Bytes JMP 000C03FC
.text C:\Windows\system32\taskeng.exe[3324] USER32.dll!SetWinEventHook 77519BFD 5 Bytes JMP 000C01F8
.text C:\Windows\ehome\ehmsas.exe[3380] ntdll.dll!LdrLoadDll 775CEB00 5 Bytes JMP 000401F8
.text C:\Windows\ehome\ehmsas.exe[3380] ntdll.dll!LdrUnloadDll 775DBF0A 5 Bytes JMP 000403FC
.text C:\Windows\ehome\ehmsas.exe[3380] kernel32.dll!GetBinaryTypeW + 70 76E8714D 1 Byte [62]
.text C:\Windows\ehome\ehmsas.exe[3380] ADVAPI32.dll!CreateServiceW 77768686 5 Bytes JMP 000603FC
.text C:\Windows\ehome\ehmsas.exe[3380] ADVAPI32.dll!DeleteService 77768788 5 Bytes JMP 00060600
.text C:\Windows\ehome\ehmsas.exe[3380] ADVAPI32.dll!ChangeServiceConfigW 7776A26A 5 Bytes JMP 00060A08
.text C:\Windows\ehome\ehmsas.exe[3380] ADVAPI32.dll!SetServiceObjectSecurity 777A3791 5 Bytes JMP 00061014
.text C:\Windows\ehome\ehmsas.exe[3380] ADVAPI32.dll!ChangeServiceConfigA 777A3891 5 Bytes JMP 00060804
.text C:\Windows\ehome\ehmsas.exe[3380] ADVAPI32.dll!ChangeServiceConfig2A 777A3A39 5 Bytes JMP 00060C0C
.text C:\Windows\ehome\ehmsas.exe[3380] ADVAPI32.dll!ChangeServiceConfig2W 777A3B81 5 Bytes JMP 00060E10
.text C:\Windows\ehome\ehmsas.exe[3380] ADVAPI32.dll!CreateServiceA 777A3C41 5 Bytes JMP 000601F8
.text C:\Windows\ehome\ehmsas.exe[3380] USER32.dll!UnhookWindowsHookEx 77507CE7 5 Bytes JMP 00070A08
.text C:\Windows\ehome\ehmsas.exe[3380] USER32.dll!SetWindowsHookExA 7750891A 5 Bytes JMP 00070600
.text C:\Windows\ehome\ehmsas.exe[3380] USER32.dll!SetWindowsHookExW 7750913D 5 Bytes JMP 00070804
.text C:\Windows\ehome\ehmsas.exe[3380] USER32.dll!UnhookWinEvent 77512C03 5 Bytes JMP 000703FC
.text C:\Windows\ehome\ehmsas.exe[3380] USER32.dll!SetWinEventHook 77519BFD 5 Bytes JMP 000701F8
.text C:\Program Files\Mozilla Firefox\plugin-container.exe[3404] ntdll.dll!LdrLoadDll 775CEB00 5 Bytes JMP 000501F8
.text C:\Program Files\Mozilla Firefox\plugin-container.exe[3404] ntdll.dll!LdrUnloadDll 775DBF0A 5 Bytes JMP 000503FC
.text C:\Program Files\Mozilla Firefox\plugin-container.exe[3404] kernel32.dll!GetBinaryTypeW + 70 76E8714D 1 Byte [62]
.text C:\Program Files\Mozilla Firefox\plugin-container.exe[3404] ADVAPI32.dll!CreateServiceW 77768686 5 Bytes JMP 000703FC
.text C:\Program Files\Mozilla Firefox\plugin-container.exe[3404] ADVAPI32.dll!DeleteService 77768788 5 Bytes JMP 00070600
.text C:\Program Files\Mozilla Firefox\plugin-container.exe[3404] ADVAPI32.dll!ChangeServiceConfigW 7776A26A 5 Bytes JMP 00070A08
.text C:\Program Files\Mozilla Firefox\plugin-container.exe[3404] ADVAPI32.dll!SetServiceObjectSecurity 777A3791 5 Bytes JMP 00071014
.text C:\Program Files\Mozilla Firefox\plugin-container.exe[3404] ADVAPI32.dll!ChangeServiceConfigA 777A3891 5 Bytes JMP 00070804
.text C:\Program Files\Mozilla Firefox\plugin-container.exe[3404] ADVAPI32.dll!ChangeServiceConfig2A 777A3A39 5 Bytes JMP 00070C0C
.text C:\Program Files\Mozilla Firefox\plugin-container.exe[3404] ADVAPI32.dll!ChangeServiceConfig2W 777A3B81 5 Bytes JMP 00070E10
.text C:\Program Files\Mozilla Firefox\plugin-container.exe[3404] ADVAPI32.dll!CreateServiceA 777A3C41 5 Bytes JMP 000701F8
.text C:\Program Files\Mozilla Firefox\plugin-container.exe[3404] USER32.dll!UnhookWindowsHookEx 77507CE7 5 Bytes JMP 00080A08
.text C:\Program Files\Mozilla Firefox\plugin-container.exe[3404] USER32.dll!SetWindowsHookExA 7750891A 5 Bytes JMP 00080600
.text C:\Program Files\Mozilla Firefox\plugin-container.exe[3404] USER32.dll!SetWindowsHookExW 7750913D 5 Bytes JMP 00080804
.text C:\Program Files\Mozilla Firefox\plugin-container.exe[3404] USER32.dll!PaintMonitor + 94 7750B20C 7 Bytes JMP 6784DF63 C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation)
.text C:\Program Files\Mozilla Firefox\plugin-container.exe[3404] USER32.dll!GetWindowInfo 7751006A 5 Bytes JMP 67694536 C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation)
.text C:\Program Files\Mozilla Firefox\plugin-container.exe[3404] USER32.dll!UnhookWinEvent 77512C03 5 Bytes JMP 000803FC
.text C:\Program Files\Mozilla Firefox\plugin-container.exe[3404] USER32.dll!SetWinEventHook 77519BFD 5 Bytes JMP 000801F8
.text C:\Program Files\Mozilla Firefox\plugin-container.exe[3404] USER32.dll!DefWindowProcW + 6B5 775223D5 7 Bytes JMP 6784DEF2 C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation)
.text C:\Program Files\Mozilla Firefox\plugin-container.exe[3404] USER32.dll!SetMenuItemBitmaps + 3E 7752CF6B 7 Bytes JMP 67694B35 C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation)
.text C:\Users\Possehl\AppData\Local\Facebook\Update\FacebookUpdate.exe[3540] ntdll.dll!LdrLoadDll 775CEB00 5 Bytes JMP 001601F8
.text C:\Users\Possehl\AppData\Local\Facebook\Update\FacebookUpdate.exe[3540] ntdll.dll!LdrUnloadDll 775DBF0A 5 Bytes JMP 001603FC
.text C:\Users\Possehl\AppData\Local\Facebook\Update\FacebookUpdate.exe[3540] kernel32.dll!GetBinaryTypeW + 70 76E8714D 1 Byte [62]
.text C:\Users\Possehl\AppData\Local\Facebook\Update\FacebookUpdate.exe[3540] ADVAPI32.dll!CreateServiceW 77768686 5 Bytes JMP 001703FC
.text C:\Users\Possehl\AppData\Local\Facebook\Update\FacebookUpdate.exe[3540] ADVAPI32.dll!DeleteService 77768788 5 Bytes JMP 00170600
.text C:\Users\Possehl\AppData\Local\Facebook\Update\FacebookUpdate.exe[3540] ADVAPI32.dll!ChangeServiceConfigW 7776A26A 5 Bytes JMP 00170A08
.text C:\Users\Possehl\AppData\Local\Facebook\Update\FacebookUpdate.exe[3540] ADVAPI32.dll!SetServiceObjectSecurity 777A3791 5 Bytes JMP 00171014
.text C:\Users\Possehl\AppData\Local\Facebook\Update\FacebookUpdate.exe[3540] ADVAPI32.dll!ChangeServiceConfigA 777A3891 5 Bytes JMP 00170804
.text C:\Users\Possehl\AppData\Local\Facebook\Update\FacebookUpdate.exe[3540] ADVAPI32.dll!ChangeServiceConfig2A 777A3A39 5 Bytes JMP 00170C0C
.text C:\Users\Possehl\AppData\Local\Facebook\Update\FacebookUpdate.exe[3540] ADVAPI32.dll!ChangeServiceConfig2W 777A3B81 5 Bytes JMP 00170E10
.text C:\Users\Possehl\AppData\Local\Facebook\Update\FacebookUpdate.exe[3540] ADVAPI32.dll!CreateServiceA 777A3C41 5 Bytes JMP 001701F8
.text C:\Users\Possehl\AppData\Local\Facebook\Update\FacebookUpdate.exe[3540] USER32.dll!UnhookWindowsHookEx 77507CE7 5 Bytes JMP 00180A08
.text C:\Users\Possehl\AppData\Local\Facebook\Update\FacebookUpdate.exe[3540] USER32.dll!SetWindowsHookExA 7750891A 5 Bytes JMP 00180600
.text C:\Users\Possehl\AppData\Local\Facebook\Update\FacebookUpdate.exe[3540] USER32.dll!SetWindowsHookExW 7750913D 5 Bytes JMP 00180804
.text C:\Users\Possehl\AppData\Local\Facebook\Update\FacebookUpdate.exe[3540] USER32.dll!UnhookWinEvent 77512C03 5 Bytes JMP 001803FC
.text C:\Users\Possehl\AppData\Local\Facebook\Update\FacebookUpdate.exe[3540] USER32.dll!SetWinEventHook 77519BFD 5 Bytes JMP 001801F8
.text C:\Program Files\Mozilla Firefox\firefox.exe[3620] ntdll.dll!LdrLoadDll 775CEB00 5 Bytes JMP 67540C00 C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation)
.text C:\Program Files\Mozilla Firefox\firefox.exe[3620] ntdll.dll!LdrUnloadDll 775DBF0A 5 Bytes JMP 000503FC
.text C:\Program Files\Mozilla Firefox\firefox.exe[3620] kernel32.dll!GetBinaryTypeW + 70 76E8714D 1 Byte [62]
.text C:\Program Files\Mozilla Firefox\firefox.exe[3620] kernel32.dll!ActivateActCtx + 2C 76E87379 7 Bytes JMP 67777B29 C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation)
.text C:\Program Files\Mozilla Firefox\firefox.exe[3620] kernel32.dll!VirtualQuery + 24 76E8D172 7 Bytes JMP 67543FAC C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation)
.text C:\Program Files\Mozilla Firefox\firefox.exe[3620] kernel32.dll!VirtualAllocEx + 54 76EA9BC5 7 Bytes JMP 67777B4C C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation)
.text C:\Program Files\Mozilla Firefox\firefox.exe[3620] USER32.dll!UnhookWindowsHookEx 77507CE7 5 Bytes JMP 00070A08
.text C:\Program Files\Mozilla Firefox\firefox.exe[3620] USER32.dll!SetWindowsHookExA 7750891A 5 Bytes JMP 00070600
.text C:\Program Files\Mozilla Firefox\firefox.exe[3620] USER32.dll!SetWindowsHookExW 7750913D 5 Bytes JMP 00070804
.text C:\Program Files\Mozilla Firefox\firefox.exe[3620] USER32.dll!UnhookWinEvent 77512C03 5 Bytes JMP 000703FC
.text C:\Program Files\Mozilla Firefox\firefox.exe[3620] USER32.dll!SetWinEventHook 77519BFD 5 Bytes JMP 000701F8
.text C:\Program Files\Mozilla Firefox\firefox.exe[3620] GDI32.dll!SetTextAlign + E6 76FD7EEF 7 Bytes JMP 67777AAA C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation)
.text C:\Program Files\Mozilla Firefox\firefox.exe[3620] ADVAPI32.dll!CreateServiceW 77768686 5 Bytes JMP 000803FC
.text C:\Program Files\Mozilla Firefox\firefox.exe[3620] ADVAPI32.dll!DeleteService 77768788 5 Bytes JMP 00080600
.text C:\Program Files\Mozilla Firefox\firefox.exe[3620] ADVAPI32.dll!ChangeServiceConfigW 7776A26A 5 Bytes JMP 00080A08
.text C:\Program Files\Mozilla Firefox\firefox.exe[3620] ADVAPI32.dll!SetServiceObjectSecurity 777A3791 5 Bytes JMP 00081014
.text C:\Program Files\Mozilla Firefox\firefox.exe[3620] ADVAPI32.dll!ChangeServiceConfigA 777A3891 5 Bytes JMP 00080804
.text C:\Program Files\Mozilla Firefox\firefox.exe[3620] ADVAPI32.dll!ChangeServiceConfig2A 777A3A39 5 Bytes JMP 00080C0C
.text C:\Program Files\Mozilla Firefox\firefox.exe[3620] ADVAPI32.dll!ChangeServiceConfig2W 777A3B81 5 Bytes JMP 00080E10
.text C:\Program Files\Mozilla Firefox\firefox.exe[3620] ADVAPI32.dll!CreateServiceA 777A3C41 5 Bytes JMP 000801F8
.text C:\Windows\RtHDVCpl.exe[3740] ntdll.dll!LdrLoadDll 775CEB00 5 Bytes JMP 001501F8
.text C:\Windows\RtHDVCpl.exe[3740] ntdll.dll!LdrUnloadDll 775DBF0A 5 Bytes JMP 001503FC
.text C:\Windows\RtHDVCpl.exe[3740] kernel32.dll!GetBinaryTypeW + 70 76E8714D 1 Byte [62]
.text C:\Windows\RtHDVCpl.exe[3740] ADVAPI32.dll!CreateServiceW 77768686 5 Bytes JMP 001703FC
.text C:\Windows\RtHDVCpl.exe[3740] ADVAPI32.dll!DeleteService 77768788 5 Bytes JMP 00170600
.text C:\Windows\RtHDVCpl.exe[3740] ADVAPI32.dll!ChangeServiceConfigW 7776A26A 5 Bytes JMP 00170A08
.text C:\Windows\RtHDVCpl.exe[3740] ADVAPI32.dll!SetServiceObjectSecurity 777A3791 5 Bytes JMP 00171014
.text C:\Windows\RtHDVCpl.exe[3740] ADVAPI32.dll!ChangeServiceConfigA 777A3891 5 Bytes JMP 00170804
.text C:\Windows\RtHDVCpl.exe[3740] ADVAPI32.dll!ChangeServiceConfig2A 777A3A39 5 Bytes JMP 00170C0C
.text C:\Windows\RtHDVCpl.exe[3740] ADVAPI32.dll!ChangeServiceConfig2W 777A3B81 5 Bytes JMP 00170E10
.text C:\Windows\RtHDVCpl.exe[3740] ADVAPI32.dll!CreateServiceA 777A3C41 5 Bytes JMP 001701F8
.text C:\Windows\RtHDVCpl.exe[3740] USER32.dll!UnhookWindowsHookEx 77507CE7 5 Bytes JMP 00180A08
.text C:\Windows\RtHDVCpl.exe[3740] USER32.dll!SetWindowsHookExA 7750891A 5 Bytes JMP 00180600
.text C:\Windows\RtHDVCpl.exe[3740] USER32.dll!SetWindowsHookExW 7750913D 5 Bytes JMP 00180804
.text C:\Windows\RtHDVCpl.exe[3740] USER32.dll!UnhookWinEvent 77512C03 5 Bytes JMP 001803FC
.text C:\Windows\RtHDVCpl.exe[3740] USER32.dll!SetWinEventHook 77519BFD 5 Bytes JMP 001801F8
.text C:\Program Files\Nero\Nero BackItUp & Burn\Nero BackItUp\NBAgent.exe[3992] ntdll.dll!LdrLoadDll 775CEB00 5 Bytes JMP 001501F8
.text C:\Program Files\Nero\Nero BackItUp & Burn\Nero BackItUp\NBAgent.exe[3992] ntdll.dll!LdrUnloadDll 775DBF0A 5 Bytes JMP 001503FC
.text C:\Program Files\Nero\Nero BackItUp & Burn\Nero BackItUp\NBAgent.exe[3992] kernel32.dll!GetBinaryTypeW + 70 76E8714D 1 Byte [62]
.text C:\Program Files\Nero\Nero BackItUp & Burn\Nero BackItUp\NBAgent.exe[3992] USER32.dll!UnhookWindowsHookEx 77507CE7 5 Bytes JMP 00280A08
.text C:\Program Files\Nero\Nero BackItUp & Burn\Nero BackItUp\NBAgent.exe[3992] USER32.dll!SetWindowsHookExA 7750891A 5 Bytes JMP 00280600
.text C:\Program Files\Nero\Nero BackItUp & Burn\Nero BackItUp\NBAgent.exe[3992] USER32.dll!SetWindowsHookExW 7750913D 5 Bytes JMP 00280804
.text C:\Program Files\Nero\Nero BackItUp & Burn\Nero BackItUp\NBAgent.exe[3992] USER32.dll!UnhookWinEvent 77512C03 5 Bytes JMP 002803FC
.text C:\Program Files\Nero\Nero BackItUp & Burn\Nero BackItUp\NBAgent.exe[3992] USER32.dll!SetWinEventHook 77519BFD 5 Bytes JMP 002801F8
.text C:\Program Files\Nero\Nero BackItUp & Burn\Nero BackItUp\NBAgent.exe[3992] ADVAPI32.dll!CreateServiceW 77768686 5 Bytes JMP 002903FC
.text C:\Program Files\Nero\Nero BackItUp & Burn\Nero BackItUp\NBAgent.exe[3992] ADVAPI32.dll!DeleteService 77768788 5 Bytes JMP 00290600
.text C:\Program Files\Nero\Nero BackItUp & Burn\Nero BackItUp\NBAgent.exe[3992] ADVAPI32.dll!ChangeServiceConfigW 7776A26A 5 Bytes JMP 00290A08
.text C:\Program Files\Nero\Nero BackItUp & Burn\Nero BackItUp\NBAgent.exe[3992] ADVAPI32.dll!SetServiceObjectSecurity 777A3791 5 Bytes JMP 00291014
.text C:\Program Files\Nero\Nero BackItUp & Burn\Nero BackItUp\NBAgent.exe[3992] ADVAPI32.dll!ChangeServiceConfigA 777A3891 5 Bytes JMP 00290804
.text C:\Program Files\Nero\Nero BackItUp & Burn\Nero BackItUp\NBAgent.exe[3992] ADVAPI32.dll!ChangeServiceConfig2A 777A3A39 5 Bytes JMP 00290C0C
.text C:\Program Files\Nero\Nero BackItUp & Burn\Nero BackItUp\NBAgent.exe[3992] ADVAPI32.dll!ChangeServiceConfig2W 777A3B81 5 Bytes JMP 00290E10
.text C:\Program Files\Nero\Nero BackItUp & Burn\Nero BackItUp\NBAgent.exe[3992] ADVAPI32.dll!CreateServiceA 777A3C41 5 Bytes JMP 002901F8
.text C:\Windows\servicing\TrustedInstaller.exe[4056] kernel32.dll!GetBinaryTypeW + 70 76E8714D 1 Byte [62]
.text C:\Program Files\Google\Update\GoogleUpdate.exe[4084] ntdll.dll!LdrLoadDll 775CEB00 5 Bytes JMP 001601F8
.text C:\Program Files\Google\Update\GoogleUpdate.exe[4084] ntdll.dll!LdrUnloadDll 775DBF0A 5 Bytes JMP 001603FC
.text C:\Program Files\Google\Update\GoogleUpdate.exe[4084] kernel32.dll!GetBinaryTypeW + 70 76E8714D 1 Byte [62]
.text C:\Program Files\Google\Update\GoogleUpdate.exe[4084] ADVAPI32.dll!CreateServiceW 77768686 5 Bytes JMP 001703FC
.text C:\Program Files\Google\Update\GoogleUpdate.exe[4084] ADVAPI32.dll!DeleteService 77768788 5 Bytes JMP 00170600
.text C:\Program Files\Google\Update\GoogleUpdate.exe[4084] ADVAPI32.dll!ChangeServiceConfigW 7776A26A 5 Bytes JMP 00170A08
.text C:\Program Files\Google\Update\GoogleUpdate.exe[4084] ADVAPI32.dll!SetServiceObjectSecurity 777A3791 5 Bytes JMP 00171014
.text C:\Program Files\Google\Update\GoogleUpdate.exe[4084] ADVAPI32.dll!ChangeServiceConfigA 777A3891 5 Bytes JMP 00170804
.text C:\Program Files\Google\Update\GoogleUpdate.exe[4084] ADVAPI32.dll!ChangeServiceConfig2A 777A3A39 5 Bytes JMP 00170C0C
.text C:\Program Files\Google\Update\GoogleUpdate.exe[4084] ADVAPI32.dll!ChangeServiceConfig2W 777A3B81 5 Bytes JMP 00170E10
.text C:\Program Files\Google\Update\GoogleUpdate.exe[4084] ADVAPI32.dll!CreateServiceA 777A3C41 5 Bytes JMP 001701F8
.text C:\Program Files\Google\Update\GoogleUpdate.exe[4084] USER32.dll!UnhookWindowsHookEx 77507CE7 5 Bytes JMP 00280A08
.text C:\Program Files\Google\Update\GoogleUpdate.exe[4084] USER32.dll!SetWindowsHookExA 7750891A 5 Bytes JMP 00280600
.text C:\Program Files\Google\Update\GoogleUpdate.exe[4084] USER32.dll!SetWindowsHookExW 7750913D 5 Bytes JMP 00280804
.text C:\Program Files\Google\Update\GoogleUpdate.exe[4084] USER32.dll!UnhookWinEvent 77512C03 5 Bytes JMP 002803FC
.text C:\Program Files\Google\Update\GoogleUpdate.exe[4084] USER32.dll!SetWinEventHook 77519BFD 5 Bytes JMP 002801F8
.text C:\Windows\system32\SearchFilterHost.exe[4124] kernel32.dll!GetBinaryTypeW + 70 76E8714D 1 Byte [62]
.text C:\Windows\system32\wuauclt.exe[4144] ntdll.dll!LdrLoadDll 775CEB00 5 Bytes JMP 000601F8
.text C:\Windows\system32\wuauclt.exe[4144] ntdll.dll!LdrUnloadDll 775DBF0A 5 Bytes JMP 000603FC
.text C:\Windows\system32\wuauclt.exe[4144] kernel32.dll!GetBinaryTypeW + 70 76E8714D 1 Byte [62]
.text C:\Windows\system32\wuauclt.exe[4144] USER32.dll!UnhookWindowsHookEx 77507CE7 5 Bytes JMP 00070A08
.text C:\Windows\system32\wuauclt.exe[4144] USER32.dll!SetWindowsHookExA 7750891A 5 Bytes JMP 00070600
.text C:\Windows\system32\wuauclt.exe[4144] USER32.dll!SetWindowsHookExW 7750913D 5 Bytes JMP 00070804
.text C:\Windows\system32\wuauclt.exe[4144] USER32.dll!UnhookWinEvent 77512C03 5 Bytes JMP 000703FC
.text C:\Windows\system32\wuauclt.exe[4144] USER32.dll!SetWinEventHook 77519BFD 5 Bytes JMP 000701F8
.text C:\Windows\system32\wuauclt.exe[4144] ADVAPI32.dll!CreateServiceW 77768686 5 Bytes JMP 000D03FC
.text C:\Windows\system32\wuauclt.exe[4144] ADVAPI32.dll!DeleteService 77768788 5 Bytes JMP 000D0600
.text C:\Windows\system32\wuauclt.exe[4144] ADVAPI32.dll!ChangeServiceConfigW 7776A26A 5 Bytes JMP 000D0A08
.text C:\Windows\system32\wuauclt.exe[4144] ADVAPI32.dll!SetServiceObjectSecurity 777A3791 5 Bytes JMP 000D1014
.text C:\Windows\system32\wuauclt.exe[4144] ADVAPI32.dll!ChangeServiceConfigA 777A3891 5 Bytes JMP 000D0804
.text C:\Windows\system32\wuauclt.exe[4144] ADVAPI32.dll!ChangeServiceConfig2A 777A3A39 5 Bytes JMP 000D0C0C
.text C:\Windows\system32\wuauclt.exe[4144] ADVAPI32.dll!ChangeServiceConfig2W 777A3B81 5 Bytes JMP 000D0E10
.text C:\Windows\system32\wuauclt.exe[4144] ADVAPI32.dll!CreateServiceA 777A3C41 5 Bytes JMP 000D01F8
.text C:\Users\Possehl\Downloads\7fvpumgp.exe[4308] kernel32.dll!GetBinaryTypeW + 70 76E8714D 1 Byte [62]
.text C:\Windows\system32\SearchProtocolHost.exe[5968] kernel32.dll!GetBinaryTypeW + 70 76E8714D 1 Byte [62]
.text C:\Windows\system32\taskeng.exe[5996] kernel32.dll!GetBinaryTypeW + 70 76E8714D 1 Byte [62]
.text C:\Program Files\Alwil Software\Avast5\AvastUI.exe[6088] kernel32.dll!GetBinaryTypeW + 70 76E8714D 1 Byte [62]
---- User IAT/EAT - GMER 1.0.15 ----
IAT C:\Windows\system32\services.exe[680] @ C:\Windows\system32\services.exe [ADVAPI32.dll!CreateProcessAsUserW] 001B0002
IAT C:\Windows\system32\services.exe[680] @ C:\Windows\system32\services.exe [KERNEL32.dll!CreateProcessW] 001B0000
IAT C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[1556] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [739DF6D0] C:\Program Files\Alwil Software\Avast5\aswCmnBS.dll (Common functions/AVAST Software)
IAT C:\Windows\Explorer.EXE[2988] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCloneImage] [7404FBC8] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6000.16782_none_9ea1072ec96e0be7\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2988] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDrawImageRectI] [7401B9AA] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6000.16782_none_9ea1072ec96e0be7\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2988] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetInterpolationMode] [7400A31F] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6000.16782_none_9ea1072ec96e0be7\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2988] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetCompositingMode] [7400CBFF] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6000.16782_none_9ea1072ec96e0be7\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2988] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateFromHDC] [74008AB2] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6000.16782_none_9ea1072ec96e0be7\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2988] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateBitmapFromStream] [7401CF28] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6000.16782_none_9ea1072ec96e0be7\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2988] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageHeight] [74007D98] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6000.16782_none_9ea1072ec96e0be7\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2988] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageWidth] [74007CFF] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6000.16782_none_9ea1072ec96e0be7\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2988] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDisposeImage] [74006A64] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6000.16782_none_9ea1072ec96e0be7\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2988] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipLoadImageFromFileICM] [7409C1D8] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6000.16782_none_9ea1072ec96e0be7\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2988] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipLoadImageFromFile] [74027F56] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6000.16782_none_9ea1072ec96e0be7\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2988] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDeleteGraphics] [740090CD] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6000.16782_none_9ea1072ec96e0be7\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2988] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipFree] [74012179] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6000.16782_none_9ea1072ec96e0be7\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2988] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipAlloc] [740121A4] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6000.16782_none_9ea1072ec96e0be7\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2988] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusShutdown] [74017F1C] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6000.16782_none_9ea1072ec96e0be7\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2988] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusStartup] [74017D3E] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6000.16782_none_9ea1072ec96e0be7\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2988] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateBitmapFromStreamICM] [740483D5] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6000.16782_none_9ea1072ec96e0be7\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!MoveFileExW] 00010110
IAT C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] @ C:\Windows\system32\SHLWAPI.dll [USER32.dll!GetKeyState] 001B07D0
IAT C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] @ C:\Windows\system32\ole32.dll [USER32.dll!GetKeyState] 001B07D0
IAT C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] @ C:\Windows\system32\USERENV.dll [KERNEL32.dll!MoveFileExW] 00010110
IAT C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!MoveFileExW] 00010110
IAT C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] @ C:\Windows\system32\SHELL32.dll [USER32.dll!GetFocus] 001B0790
IAT C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] @ C:\Windows\system32\SHELL32.dll [USER32.dll!GetKeyState] 001B07D0
IAT C:\Program Files\Alwil Software\Avast5\AvastUI.exe[6088] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [739DF6D0] C:\Program Files\Alwil Software\Avast5\aswCmnBS.dll (Common functions/AVAST Software)
---- Devices - GMER 1.0.15 ----
Device \FileSystem\Ntfs \Ntfs aswSP.SYS (avast! self protection module/AVAST Software)
AttachedDevice \Driver\tdx \Device\Tcp aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)
AttachedDevice \Driver\tdx \Device\Udp aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)
---- EOF - GMER 1.0.15 ----
OSAM Logfile: Code:
ATTFilter Report of OSAM: Autorun Manager v5.0.11926.0 hxxp://www.online-solutions.ru/en/ Saved at 00:23:21 on 26.09.2012 OS: Windows Vista Home Premium Edition (Build 6000), 32-bit Default Browser: Google Inc. Google Chrome 21.0.1180.89 Scanner Settings [x] Rootkits detection (hidden registry) [x] Rootkits detection (hidden files) [x] Retrieve files information [x] Check Microsoft signatures Filters [ ] Trusted entries [ ] Empty entries [x] Hidden registry entries (rootkit activity) [x] Exclusively opened files [x] Not found files [x] Files without detailed information [x] Existing files [ ] Non-startable services [ ] Non-startable drivers [x] Active entries [x] Disabled entries [Common] -----( %SystemRoot%\Tasks )----- "GoogleUpdateTaskMachineCore.job" - "Google Inc." - C:\Program Files\Google\Update\GoogleUpdate.exe "GoogleUpdateTaskMachineUA.job" - "Google Inc." - C:\Program Files\Google\Update\GoogleUpdate.exe "GoogleUpdateTaskUserS-1-5-21-314716326-1652771346-1621271911-1000Core.job" - "Google Inc." - C:\Users\Possehl\AppData\Local\Google\Update\GoogleUpdate.exe "GoogleUpdateTaskUserS-1-5-21-314716326-1652771346-1621271911-1000UA.job" - "Google Inc." - C:\Users\Possehl\AppData\Local\Google\Update\GoogleUpdate.exe "FacebookUpdateTaskUserS-1-5-21-314716326-1652771346-1621271911-1000Core.job" - "Facebook Inc." - C:\Users\Possehl\AppData\Local\Facebook\Update\FacebookUpdate.exe "FacebookUpdateTaskUserS-1-5-21-314716326-1652771346-1621271911-1000UA.job" - "Facebook Inc." - C:\Users\Possehl\AppData\Local\Facebook\Update\FacebookUpdate.exe "Adobe Flash Player Updater.job" - "Adobe Systems Incorporated" - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [Control Panel Objects] -----( %SystemRoot%\system32 )----- "DivXControlPanelApplet.cpl" - "DivX, Inc." - C:\Windows\system32\DivXControlPanelApplet.cpl "FlashPlayerCPLApp.cpl" - "Adobe Systems Incorporated" - C:\Windows\system32\FlashPlayerCPLApp.cpl -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Control Panel\Cpls )----- "Nero BackItUp and BurnRights" - "Nero AG" - C:\Program Files\Nero\Nero BackItUp & Burn\Nero BurnRights\NeroBurnRights_bb.cpl "Nero BurnRights" - "Nero AG" - C:\Program Files\Nero\Nero 7\Nero Toolkit\NeroBurnRights.cpl [Drivers] -----( HKLM\SYSTEM\CurrentControlSet\Services )----- "aswFsBlk" (aswFsBlk) - "AVAST Software" - C:\Windows\system32\drivers\aswFsBlk.sys "aswMonFlt" (aswMonFlt) - "AVAST Software" - C:\Windows\system32\drivers\aswMonFlt.sys "aswRdr" (aswRdr) - "AVAST Software" - C:\Windows\system32\drivers\aswRdr.sys "aswSnx" (aswSnx) - "AVAST Software" - C:\Windows\system32\drivers\aswSnx.sys "aswSP" (aswSP) - "AVAST Software" - C:\Windows\system32\drivers\aswSP.sys "avast! Network Shield Support" (aswTdi) - "AVAST Software" - C:\Windows\system32\drivers\aswTdi.sys "catchme" (catchme) - ? - C:\Users\Possehl\AppData\Local\Temp\catchme.sys (File not found) "Huawei DataCard USB Modem and USB Serial" (hwdatacard) - ? - C:\Windows\System32\DRIVERS\ewusbmdm.sys (File not found) "Huawei DataCard USB PNP Device" (hwusbdev) - ? - C:\Windows\System32\DRIVERS\ewusbdev.sys (File not found) "HUAWEI USB-NDIS miniport" (ewusbnet) - ? - C:\Windows\System32\DRIVERS\ewusbnet.sys (File not found) "IP in IP Tunnel Driver" (IpInIp) - ? - C:\Windows\System32\DRIVERS\ipinip.sys (File not found) "IPX Traffic Filter Driver" (NwlnkFlt) - ? - C:\Windows\System32\DRIVERS\nwlnkflt.sys (File not found) "IPX Traffic Forwarder Driver" (NwlnkFwd) - ? - C:\Windows\System32\DRIVERS\nwlnkfwd.sys (File not found) "MBAMProtector" (MBAMProtector) - "Malwarebytes Corporation" - C:\Windows\system32\drivers\mbam.sys "PxHelp20" (PxHelp20) - "Sonic Solutions" - C:\Windows\System32\Drivers\PxHelp20.sys "TuneUpUtilitiesDrv" (TuneUpUtilitiesDrv) - "TuneUp Software" - C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys "uftdyfoc" (uftdyfoc) - ? - C:\Users\Possehl\AppData\Local\Temp\uftdyfoc.sys (Hidden registry entry, rootkit activity | File not found) "ZTE Diagnostic Port" (ZTEusbser6k) - ? - C:\Windows\System32\DRIVERS\ZTEusbser6k.sys (File not found) "ZTE NMEA Port" (ZTEusbnmea) - ? - C:\Windows\System32\DRIVERS\ZTEusbnmea.sys (File not found) "ZTE Proprietary USB Driver" (ZTEusbmdm6k) - ? - C:\Windows\System32\DRIVERS\ZTEusbmdm6k.sys (File not found) [Explorer] -----( HKLM\Software\Classes\Folder\shellex\ColumnHandlers )----- {F9DB5320-233E-11D1-9F84-707F02C10627} "PDF Shell Extension" - "Adobe Systems, Inc." - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll {C52AF81D-F7A0-4AAB-8E87-F80A60CCD396} "{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}" - ? - C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll -----( HKLM\Software\Classes\Protocols\Filter )----- {807563E5-5146-11D5-A672-00B0D022E945} "Microsoft Office InfoPath XML Mime Filter" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL -----( HKLM\Software\Classes\Protocols\Handler )----- {314111c7-a502-11d2-bbca-00c04f8ec294} "HxProtocol Class" - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} "IEProtocolHandler Class" - "Skype Technologies" - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL {0A9007C0-4076-11D3-8789-0000F8105754} "Microsoft Infotech Storage Protocol for IE 4.0" - "Microsoft Corporation" - c:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll {91774881-D725-4E58-B298-07617B9B86A8} "Skype IE add-on Pluggable Protocol" - "Skype Technologies S.A." - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )----- {911051fa-c21c-4246-b470-070cd8df6dc4} ".cab or .zip files" - ? - (File not found | COM-object registry key not found) {1b24a030-9b20-49bc-97ac-1be4426f9e59} "ActiveDirectory Folder" - ? - (File not found | COM-object registry key not found) {34449847-FD14-4fc8-A75A-7432F5181EFB} "ActiveDirectory Folder" - ? - (File not found | COM-object registry key not found) {472083B0-C522-11CF-8763-00608CC02F24} "avast" - "AVAST Software" - C:\Program Files\Alwil Software\Avast5\ashShell.dll {0F8604A5-4ECE-4DE1-BA7D-CF10F8AA4F48} "Contacts folder" - ? - (File not found | COM-object registry key not found) {2C2577C2-63A7-40e3-9B7F-586602617ECB} "Explorer Query Band" - ? - (File not found | COM-object registry key not found) {FAC3CBF6-8697-43d0-BAB9-DCD1FCE19D75} "IE User Assist" - ? - (File not found | COM-object registry key not found) {00020d75-0000-0000-c000-000000000046} "lnkfile" - ? - (File not found | COM-object registry key not found) {42042206-2D85-11D3-8CFF-005004838597} "Microsoft Office HTML Icon Handler" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\msohevi.dll {993BE281-6695-4BA5-8A2A-7AACBFAAB69E} "Microsoft Office Metadata Handler" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll {5858A72C-C2B4-4dd7-B2BF-B76DB1BD9F6C} "Microsoft Office OneNote Namespace Extension for Windows Desktop Search" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office12\ONFILTER.DLL {C41662BB-1FA0-4CE0-8DC5-9B7F8279FF97} "Microsoft Office Thumbnail Handler" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll {C52AF81D-F7A0-4AAB-8E87-F80A60CCD396} "OpenOffice.org Column Handler" - ? - C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll {087B3AE3-E237-4467-B8DB-5A38AB959AC9} "OpenOffice.org Infotip Handler" - ? - C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll {63542C48-9552-494A-84F7-73AA6A7C99C1} "OpenOffice.org Property Sheet Handler" - ? - C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll {3B092F0C-7696-40E3-A80F-68D74DA84210} "OpenOffice.org Thumbnail Viewer" - ? - C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll {C8494E42-ACDD-4739-B0FB-217361E4894F} "Sam Account Folder" - ? - (File not found | COM-object registry key not found) {E29F9716-5C08-4FCD-955A-119FDB5A522D} "Sam Account Folder" - ? - (File not found | COM-object registry key not found) {45AC2688-0253-4ED8-97DE-B5370FA7D48A} "Shell Extension for Malware scanning" - ? - (File not found | COM-object registry key not found) {5E2121EE-0300-11D4-8D3B-444553540000} "SimpleShlExt Class" - ? - c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\atiacmxx.dll {4838CD50-7E5D-4811-9B17-C47A85539F28} "TuneUp Disk Space Explorer Shell Extension" - "TuneUp Software" - C:\Program Files\TuneUp Utilities 2010\DseShExt-x86.dll {4858E7D9-8E12-45a3-B6A3-1CD128C9D403} "TuneUp Shredder Shell Extension" - "TuneUp Software" - C:\Program Files\TuneUp Utilities 2010\SDShelEx-win32.dll {44440D00-FF19-4AFC-B765-9A0970567D97} "TuneUp Theme Extension" - "TuneUp Software" - C:\Windows\System32\uxtuneup.dll {da67b8ad-e81b-4c70-9b91b417b5e33527} "Windows Search Shell Service" - ? - (File not found | COM-object registry key not found) {B41DB860-8EE4-11D2-9906-E49FADC173CA} "WinRAR" - "Alexander Roshal" - C:\Program Files\WinRAR\rarext.dll [Internet Explorer] -----( HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser )----- <binary data> "Google Toolbar" - "Google Inc." - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll ITBar7Height "ITBar7Height" - ? - (File not found | COM-object registry key not found) <binary data> "ITBar7Layout" - ? - (File not found | COM-object registry key not found) -----( HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units )----- {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} "Java Plug-in 1.6.0_23" - "Oracle Corporation" - C:\Program Files\Java\jre7\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} "Java Plug-in 10.7.2" - "Oracle Corporation" - C:\Program Files\Java\jre7\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab {8AD9C840-044E-11D1-B3E9-00805F499D93} "{8AD9C840-044E-11D1-B3E9-00805F499D93}" - "Oracle Corporation" - C:\Program Files\Java\jre7\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab {E2883E8F-472F-4FB0-9522-AC9BF37916A7} "{E2883E8F-472F-4FB0-9522-AC9BF37916A7}" - ? - (File not found | COM-object registry key not found) / hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab -----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions )----- {48E73304-E1D6-4330-914C-F5F514E3486C} "An OneNote senden" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll {DDE87865-83C5-48c4-8357-2F5B1AA84522} "HP Intelligente Auswahl" - "Hewlett-Packard Co." - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll "ICQ7.2" - "ICQ, LLC." - C:\Program Files\ICQ7.2\ICQ.exe {FF059E31-CC5A-4E2E-BF3B-96E929D65503} "Research" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL {898EA8C8-E7FF-479B-8935-AEC46303B9E5} "Skype Click to Call" - "Skype Technologies S.A." - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll -----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar )----- <binary data> "avast! WebRep" - "AVAST Software" - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll <binary data> "Google Toolbar" - "Google Inc." - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects )----- {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} "Adobe PDF Reader" - "Adobe Systems Incorporated" - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} "avast! WebRep" - "AVAST Software" - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll {326E768D-4182-46FD-9C16-1449A49795F4} "DivX Plus Web Player HTML5 <video>" - "DivX, LLC" - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll {AA58ED58-01DD-4d91-8333-CF10577473F7} "Google Toolbar Helper" - "Google Inc." - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} "Google Toolbar Notifier BHO" - "Google Inc." - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7529.1424\swg.dll {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} "HP Smart BHO Class" - "Hewlett-Packard Co." - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll {DBC80044-A445-435b-BC74-9C25C1C588A9} "Java(tm) Plug-In 2 SSV Helper" - "Oracle Corporation" - C:\Program Files\Java\jre7\bin\jp2ssv.dll {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} "Java(tm) Plug-In SSV Helper" - "Oracle Corporation" - C:\Program Files\Java\jre7\bin\ssv.dll {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} "Skype Browser Helper" - "Skype Technologies S.A." - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [Known DLLs] -----( HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\KnownDLLs )----- "advapi32" - "Microsoft Corporation" - C:\Windows\system32\advapi32.dll (Hidden registry entry, rootkit activity | File signed by Microsoft) "clbcatq" - "Microsoft Corporation" - C:\Windows\system32\clbcatq.dll (Hidden registry entry, rootkit activity | File signed by Microsoft) "COMDLG32" - "Microsoft Corporation" - C:\Windows\system32\COMDLG32.dll (Hidden registry entry, rootkit activity | File signed by Microsoft) "gdi32" - "Microsoft Corporation" - C:\Windows\system32\gdi32.dll (Hidden registry entry, rootkit activity | File signed by Microsoft) "IERTUTIL" - "Microsoft Corporation" - C:\Windows\system32\IERTUTIL.dll (Hidden registry entry, rootkit activity | File signed by Microsoft) "IMAGEHLP" - "Microsoft Corporation" - C:\Windows\system32\IMAGEHLP.dll (Hidden registry entry, rootkit activity | File signed by Microsoft) "IMM32" - "Microsoft Corporation" - C:\Windows\system32\IMM32.dll (Hidden registry entry, rootkit activity | File signed by Microsoft) "kernel32" - "Microsoft Corporation" - C:\Windows\system32\kernel32.dll (Hidden registry entry, rootkit activity | File signed by Microsoft) "LPK" - "Microsoft Corporation" - C:\Windows\system32\LPK.dll (Hidden registry entry, rootkit activity | File signed by Microsoft) "MSCTF" - "Microsoft Corporation" - C:\Windows\system32\MSCTF.dll (Hidden registry entry, rootkit activity | File signed by Microsoft) "MSVCRT" - "Microsoft Corporation" - C:\Windows\system32\MSVCRT.dll (Hidden registry entry, rootkit activity | File signed by Microsoft) "NORMALIZ" - "Microsoft Corporation" - C:\Windows\system32\NORMALIZ.dll (Hidden registry entry, rootkit activity | File signed by Microsoft) "NSI" - "Microsoft Corporation" - C:\Windows\system32\NSI.dll (Hidden registry entry, rootkit activity | File signed by Microsoft) "ole32" - "Microsoft Corporation" - C:\Windows\system32\ole32.dll (Hidden registry entry, rootkit activity | File signed by Microsoft) "OLEAUT32" - "Microsoft Corporation" - C:\Windows\system32\OLEAUT32.dll (Hidden registry entry, rootkit activity | File signed by Microsoft) "rpcrt4" - "Microsoft Corporation" - C:\Windows\system32\rpcrt4.dll (Hidden registry entry, rootkit activity | File signed by Microsoft) "Setupapi" - "Microsoft Corporation" - C:\Windows\system32\Setupapi.dll (Hidden registry entry, rootkit activity | File signed by Microsoft) "SHELL32" - "Microsoft Corporation" - C:\Windows\system32\SHELL32.dll (Hidden registry entry, rootkit activity | File signed by Microsoft) "SHLWAPI" - "Microsoft Corporation" - C:\Windows\system32\SHLWAPI.dll (Hidden registry entry, rootkit activity | File signed by Microsoft) "URLMON" - "Microsoft Corporation" - C:\Windows\system32\URLMON.dll (Hidden registry entry, rootkit activity | File signed by Microsoft) "user32" - "Microsoft Corporation" - C:\Windows\system32\user32.dll (Hidden registry entry, rootkit activity | File signed by Microsoft) "USP10" - "Microsoft Corporation" - C:\Windows\system32\USP10.dll (Hidden registry entry, rootkit activity | File signed by Microsoft) "WININET" - "Microsoft Corporation" - C:\Windows\system32\WININET.dll (Hidden registry entry, rootkit activity | File signed by Microsoft) "WLDAP32" - "Microsoft Corporation" - C:\Windows\system32\WLDAP32.dll (Hidden registry entry, rootkit activity | File signed by Microsoft) "WS2_32" - "Microsoft Corporation" - C:\Windows\system32\WS2_32.dll (Hidden registry entry, rootkit activity | File signed by Microsoft) [Logon] -----( %APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup )----- "desktop.ini" - ? - C:\Users\Possehl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini -----( %AllUsersProfile%\Microsoft\Windows\Start Menu\Programs\Startup )----- "desktop.ini" - ? - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini "HP Digital Imaging Monitor.lnk" - "Hewlett-Packard Co." - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Shortcut exists | File exists) "McAfee Security Scan Plus.lnk" - "McAfee, Inc." - C:\Program Files\McAfee Security Scan\3.0.207\SSScheduler.exe (Shortcut exists | File exists) -----( HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run )----- "Facebook Update" - "Facebook Inc." - "C:\Users\Possehl\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver -----( HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server\Wds\rdpwd )----- "StartupPrograms" - ? - rdpclip (File not found) -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Run )----- "APSDaemon" - "Apple Inc." - "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" "DivXUpdate" - ? - "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW "NBAgent" - "Nero AG" - "C:\Program Files\Nero\Nero BackItUp & Burn\Nero BackItUp\NBAgent.exe" /WinStart [Print Monitors] -----( HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors )----- "PCL Language Monitor" - "Hewlett-Packard Company" - C:\Windows\system32\hpz3l692.dll "Send To Microsoft OneNote Monitor" - "Microsoft Corporation" - C:\Windows\system32\msonpmon.dll [Services] -----( HKLM\SYSTEM\CurrentControlSet\Services )----- "@%SystemRoot%\System32\uxtuneup.dll,-4096" (UxTuneUp) - "TuneUp Software" - C:\Windows\System32\uxtuneup.dll "@C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe,-1" (TuneUp.Defrag) - "TuneUp Software" - C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe "Adobe Active File Monitor V7" (AdobeActiveFileMonitor7.0) - "Adobe Systems Incorporated" - C:\Program Files\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe "Adobe Flash Player Update Service" (AdobeFlashPlayerUpdateSvc) - "Adobe Systems Incorporated" - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe "Apple Mobile Device" (Apple Mobile Device) - "Apple Inc." - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe "avast! Antivirus" (avast! Antivirus) - "AVAST Software" - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe "Cyberlink RichVideo Service(CRVS)" (RichVideo) - ? - C:\Program Files\CyberLink\Shared Files\RichVideo.exe "Dienst "Bonjour"" (Bonjour Service) - "Apple Inc." - C:\Program Files\Bonjour\mDNSResponder.exe "FLEXnet Licensing Service" (FLEXnet Licensing Service) - "Macrovision Europe Ltd." - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe "FSCLBaseUpdaterService" (FSCLBaseUpdaterService) - ? - C:\Program Files\Fujitsu Siemens Computers\FSCLounge\FSCWBaseUpdaterService\2\FSCWBaseUpdaterService.exe "Fujitsu Siemens Computers Diagnostic Testhandler" (TestHandler) - "Fujitsu Siemens Computers" - C:\firststeps\OnlineDiagnostic\TestManager\TestHandler.exe "Google Software Updater" (gusvc) - "Google" - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe "Google Update Service (gupdate)" (gupdate) - "Google Inc." - C:\Program Files\Google\Update\GoogleUpdate.exe "Google Update-Dienst (gupdatem)" (gupdatem) - "Google Inc." - C:\Program Files\Google\Update\GoogleUpdate.exe "HP CUE DeviceDiscovery Service" (hpqddsvc) - "Hewlett-Packard Co." - C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll "HP Network Devices Support" (HPSLPSVC) - "Hewlett-Packard Co." - C:\Program Files\HP\Digital Imaging\bin\HPSLPSVC32.DLL "hpqcxs08" (hpqcxs08) - "Hewlett-Packard Co." - C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll "MBAMScheduler" (MBAMScheduler) - "Malwarebytes Corporation" - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe "MBAMService" (MBAMService) - "Malwarebytes Corporation" - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe "McAfee Security Scan Component Host Service" (McComponentHostService) - "McAfee, Inc." - C:\Program Files\McAfee Security Scan\3.0.207\McCHSvc.exe "Microsoft Office Diagnostics Service" (odserv) - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE "Mozilla Maintenance Service" (MozillaMaintenance) - "Mozilla Foundation" - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe "Net Driver HPZ12" (Net Driver HPZ12) - "Hewlett-Packard" - C:\Windows\system32\HPZinw12.dll "NMIndexingService" (NMIndexingService) - "Nero AG" - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe "Office Source Engine" (ose) - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE "Pml Driver HPZ12" (Pml Driver HPZ12) - "Hewlett-Packard" - C:\Windows\system32\HPZipm12.dll "Skype Updater" (SkypeUpdate) - "Skype Technologies" - C:\Program Files\Skype\Updater\Updater.exe "Symantec Lic NetConnect service" (CLTNetCnService) - ? - "c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (File not found) "TeamViewer 6" (TeamViewer6) - "TeamViewer GmbH" - C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe "TuneUp Utilities Service" (TuneUp.UtilitiesSvc) - "TuneUp Software" - C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [Winlogon] -----( HKCU\Control Panel\Desktop )----- "SCRNSAVE.EXE" - "Fujitsu Siemens Computers" - c:\windows\system32\Fujits~1.scr [Winsock Providers] -----( HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries )----- "mdnsNSP" - "Apple Inc." - C:\Program Files\Bonjour\mdnsNSP.dll ===[ Logfile end ]=========================================[ Logfile end ]=== If You have questions or want to get some help, You can visit hxxp://forum.online-solutions.ru [/code] Bei dem Scan mit der aswMBR.exe bleibt das Programm bzw. der Scan immer wieder stecken und macht nach geraumer Zeit keine Anstalten weiter zu scannen. Es kommt jedoch keine Fehler Meldung. |
|
26.09.2012, 14:32
| #26 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Avast blockiert URL bei Google ChromeZitat:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
26.09.2012, 21:25
| #27 |
| | Avast blockiert URL bei Google Chrome Klappte nun doch. Code:
ATTFilter aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-09-26 21:53:50
-----------------------------
21:53:50.077 OS Version: Windows 6.0.6000
21:53:50.077 Number of processors: 2 586 0x1706
21:53:50.077 ComputerName: POSSEHL-PC UserName: Possehl
21:53:51.591 Initialize success
21:53:55.023 AVAST engine defs: 12092600
21:53:56.068 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0
21:53:56.068 Disk 0 Vendor: WDC_WD25 01.0 Size: 238475MB BusType: 3
21:53:56.130 Disk 0 MBR read successfully
21:53:56.130 Disk 0 MBR scan
21:53:56.130 Disk 0 Windows VISTA default MBR code
21:53:56.146 Disk 0 Partition 1 00 27 Hidden NTFS WinRE NTFS 12000 MB offset 2048
21:53:56.177 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 151650 MB offset 24578048
21:53:56.193 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 74823 MB offset 335157248
21:53:56.208 Disk 0 scanning sectors +488394752
21:53:56.255 Disk 0 scanning C:\Windows\system32\drivers
21:54:02.589 Service scanning
21:54:16.753 Modules scanning
21:54:20.435 Disk 0 trace - called modules:
21:54:20.466 ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll iaStor.sys
21:54:20.466 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x85c46ad8]
21:54:20.482 3 ntkrnlpa.exe[824b0d35] -> nt!IofCallDriver -> [0x84c1c708]
21:54:20.482 5 acpi.sys[8046932a] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-0[0x84c26030]
21:54:21.402 AVAST engine scan C:\Windows
21:54:24.569 AVAST engine scan C:\Windows\system32
21:56:29.434 AVAST engine scan C:\Windows\system32\drivers
21:56:39.434 AVAST engine scan C:\Users\Possehl
22:17:33.456 AVAST engine scan C:\ProgramData
22:23:08.653 Scan finished successfully
22:23:53.004 Disk 0 MBR has been saved successfully to "C:\Users\Possehl\Documents\MBR.dat"
22:23:53.019 The log file has been saved successfully to "C:\Users\Possehl\Documents\aswMBR komplett.txt"
|
|
27.09.2012, 15:45
| #28 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Avast blockiert URL bei Google Chrome Sieht ok aus. Wir sollten fast durch sein. Mach bitte zur Kontrolle Vollscans mit Malwarebytes und SUPERAntiSpyware und poste die Logs. Denk dran beide Tools zu updaten vor dem Scan!!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
30.09.2012, 20:40
| #29 |
| | Avast blockiert URL bei Google Chrome Entschuldigung bezüglich der Verspätung. mbam logfile Code:
ATTFilter Malwarebytes Anti-Malware (Test) 1.65.0.1400 www.malwarebytes.org Datenbank Version: v2012.09.30.03 Windows Vista x86 NTFS Internet Explorer 8.0.6001.18882 Possehl :: POSSEHL-PC [Administrator] Schutz: Aktiviert 30.09.2012 18:38:46 mbam-log-2012-09-30 (18-38-46).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|) Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 328557 Laufzeit: 1 Stunde(n), 41 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) Code:
ATTFilter SUPERAntiSpyware Scan Log
hxxp://www.superantispyware.com
Generated 09/30/2012 at 09:37 PM
Application Version : 5.5.1022
Core Rules Database Version : 9316
Trace Rules Database Version: 7128
Scan type : Complete Scan
Total Scan Time : 01:45:05
Operating System Information
Windows Vista Home Premium 32-bit (Build 6.00.6000)
UAC On - Limited User (Administrator User)
Memory items scanned : 672
Memory threats detected : 0
Registry items scanned : 35087
Registry threats detected : 0
File items scanned : 125085
File threats detected : 536
Adware.Tracking Cookie
C:\Users\Possehl\AppData\Roaming\Microsoft\Windows\Cookies\possehl@ad.yieldmanager[1].txt [ /ad.yieldmanager ]
C:\Users\Possehl\AppData\Roaming\Microsoft\Windows\Cookies\possehl@ad2.adfarm1.adition[1].txt [ /ad2.adfarm1.adition ]
C:\Users\Possehl\AppData\Roaming\Microsoft\Windows\Cookies\possehl@ad2.adfarm1.adition[3].txt [ /ad2.adfarm1.adition ]
C:\Users\Possehl\AppData\Roaming\Microsoft\Windows\Cookies\possehl@ad2.adfarm1.adition[4].txt [ /ad2.adfarm1.adition ]
C:\Users\Possehl\AppData\Roaming\Microsoft\Windows\Cookies\possehl@ad3.adfarm1.adition[2].txt [ /ad3.adfarm1.adition ]
C:\Users\Possehl\AppData\Roaming\Microsoft\Windows\Cookies\possehl@adbrite[1].txt [ /adbrite ]
C:\Users\Possehl\AppData\Roaming\Microsoft\Windows\Cookies\possehl@adfarm1.adition[1].txt [ /adfarm1.adition ]
C:\Users\Possehl\AppData\Roaming\Microsoft\Windows\Cookies\possehl@adfarm1.adition[3].txt [ /adfarm1.adition ]
C:\Users\Possehl\AppData\Roaming\Microsoft\Windows\Cookies\possehl@adfarm1.adition[4].txt [ /adfarm1.adition ]
C:\Users\Possehl\AppData\Roaming\Microsoft\Windows\Cookies\possehl@adform[1].txt [ /adform ]
C:\Users\Possehl\AppData\Roaming\Microsoft\Windows\Cookies\possehl@adform[2].txt [ /adform ]
C:\Users\Possehl\AppData\Roaming\Microsoft\Windows\Cookies\possehl@adply.plymedia[1].txt [ /adply.plymedia ]
C:\Users\Possehl\AppData\Roaming\Microsoft\Windows\Cookies\possehl@ads.adk2[2].txt [ /ads.adk2 ]
C:\Users\Possehl\AppData\Roaming\Microsoft\Windows\Cookies\possehl@advertising[2].txt [ /advertising ]
C:\Users\Possehl\AppData\Roaming\Microsoft\Windows\Cookies\possehl@apmebf[1].txt [ /apmebf ]
C:\Users\Possehl\AppData\Roaming\Microsoft\Windows\Cookies\possehl@ar.atwola[1].txt [ /ar.atwola ]
C:\Users\Possehl\AppData\Roaming\Microsoft\Windows\Cookies\possehl@at.atwola[2].txt [ /at.atwola ]
C:\Users\Possehl\AppData\Roaming\Microsoft\Windows\Cookies\possehl@atdmt[1].txt [ /atdmt ]
C:\Users\Possehl\AppData\Roaming\Microsoft\Windows\Cookies\possehl@atdmt[2].txt [ /atdmt ]
C:\Users\Possehl\AppData\Roaming\Microsoft\Windows\Cookies\possehl@atdmt[3].txt [ /atdmt ]
C:\Users\Possehl\AppData\Roaming\Microsoft\Windows\Cookies\possehl@atdmt[4].txt [ /atdmt ]
C:\Users\Possehl\AppData\Roaming\Microsoft\Windows\Cookies\possehl@atdmt[5].txt [ /atdmt ]
C:\Users\Possehl\AppData\Roaming\Microsoft\Windows\Cookies\possehl@atdmt[6].txt [ /atdmt ]
C:\Users\Possehl\AppData\Roaming\Microsoft\Windows\Cookies\possehl@atdmt[7].txt [ /atdmt ]
C:\Users\Possehl\AppData\Roaming\Microsoft\Windows\Cookies\possehl@atwola[2].txt [ /atwola ]
C:\Users\Possehl\AppData\Roaming\Microsoft\Windows\Cookies\possehl@bs.serving-sys[1].txt [ /bs.serving-sys ]
C:\Users\Possehl\AppData\Roaming\Microsoft\Windows\Cookies\possehl@bs.serving-sys[2].txt [ /bs.serving-sys ]
C:\Users\Possehl\AppData\Roaming\Microsoft\Windows\Cookies\possehl@bs.serving-sys[3].txt [ /bs.serving-sys ]
C:\Users\Possehl\AppData\Roaming\Microsoft\Windows\Cookies\possehl@bs.serving-sys[5].txt [ /bs.serving-sys ]
C:\Users\Possehl\AppData\Roaming\Microsoft\Windows\Cookies\possehl@c.atdmt[2].txt [ /c.atdmt ]
C:\Users\Possehl\AppData\Roaming\Microsoft\Windows\Cookies\possehl@c.atdmt[3].txt [ /c.atdmt ]
C:\Users\Possehl\AppData\Roaming\Microsoft\Windows\Cookies\possehl@c.atdmt[4].txt [ /c.atdmt ]
C:\Users\Possehl\AppData\Roaming\Microsoft\Windows\Cookies\possehl@c.atdmt[5].txt [ /c.atdmt ]
C:\Users\Possehl\AppData\Roaming\Microsoft\Windows\Cookies\possehl@c.atdmt[6].txt [ /c.atdmt ]
C:\Users\Possehl\AppData\Roaming\Microsoft\Windows\Cookies\possehl@c.atdmt[7].txt [ /c.atdmt ]
C:\Users\Possehl\AppData\Roaming\Microsoft\Windows\Cookies\possehl@cdn.at.atwola[2].txt [ /cdn.at.atwola ]
C:\Users\Possehl\AppData\Roaming\Microsoft\Windows\Cookies\possehl@content.yieldmanager[1].txt [ /content.yieldmanager ]
C:\Users\Possehl\AppData\Roaming\Microsoft\Windows\Cookies\possehl@doubleclick[1].txt [ /doubleclick ]
C:\Users\Possehl\AppData\Roaming\Microsoft\Windows\Cookies\possehl@doubleclick[3].txt [ /doubleclick ]
C:\Users\Possehl\AppData\Roaming\Microsoft\Windows\Cookies\possehl@doubleclick[4].txt [ /doubleclick ]
C:\Users\Possehl\AppData\Roaming\Microsoft\Windows\Cookies\possehl@doubleclick[5].txt [ /doubleclick ]
C:\Users\Possehl\AppData\Roaming\Microsoft\Windows\Cookies\possehl@imrworldwide[2].txt [ /imrworldwide ]
C:\Users\Possehl\AppData\Roaming\Microsoft\Windows\Cookies\possehl@imrworldwide[3].txt [ /imrworldwide ]
C:\Users\Possehl\AppData\Roaming\Microsoft\Windows\Cookies\possehl@mediaplex[2].txt [ /mediaplex ]
C:\Users\Possehl\AppData\Roaming\Microsoft\Windows\Cookies\possehl@questionmarket[1].txt [ /questionmarket ]
C:\Users\Possehl\AppData\Roaming\Microsoft\Windows\Cookies\possehl@questionmarket[2].txt [ /questionmarket ]
C:\Users\Possehl\AppData\Roaming\Microsoft\Windows\Cookies\possehl@serving-sys[1].txt [ /serving-sys ]
C:\Users\Possehl\AppData\Roaming\Microsoft\Windows\Cookies\possehl@serving-sys[2].txt [ /serving-sys ]
C:\Users\Possehl\AppData\Roaming\Microsoft\Windows\Cookies\possehl@serving-sys[3].txt [ /serving-sys ]
C:\Users\Possehl\AppData\Roaming\Microsoft\Windows\Cookies\possehl@serving-sys[4].txt [ /serving-sys ]
C:\Users\Possehl\AppData\Roaming\Microsoft\Windows\Cookies\possehl@serving-sys[5].txt [ /serving-sys ]
C:\Users\Possehl\AppData\Roaming\Microsoft\Windows\Cookies\possehl@sevenoneintermedia.112.2o7[1].txt [ /sevenoneintermedia.112.2o7 ]
C:\Users\Possehl\AppData\Roaming\Microsoft\Windows\Cookies\possehl@tacoda.at.atwola[2].txt [ /tacoda.at.atwola ]
C:\Users\Possehl\AppData\Roaming\Microsoft\Windows\Cookies\possehl@tacoda[2].txt [ /tacoda ]
C:\Users\Possehl\AppData\Roaming\Microsoft\Windows\Cookies\possehl@track.adform[2].txt [ /track.adform ]
C:\Users\Possehl\AppData\Roaming\Microsoft\Windows\Cookies\possehl@track.adform[3].txt [ /track.adform ]
C:\Users\Possehl\AppData\Roaming\Microsoft\Windows\Cookies\possehl@tradedoubler[2].txt [ /tradedoubler ]
C:\Users\Possehl\AppData\Roaming\Microsoft\Windows\Cookies\possehl@yadro[2].txt [ /yadro ]
C:\USERS\POSSEHL\AppData\Roaming\Microsoft\Windows\Cookies\Low\possehl@myroitracking[1].txt [ Cookie:possehl@myroitracking.com/ ]
C:\USERS\POSSEHL\AppData\Roaming\Microsoft\Windows\Cookies\Low\possehl@tracking.mlsat02[2].txt [ Cookie:possehl@tracking.mlsat02.de/tmobile/ ]
C:\USERS\POSSEHL\AppData\Roaming\Microsoft\Windows\Cookies\Low\possehl@www.dailyporntube[1].txt [ Cookie:possehl@www.dailyporntube.net/ ]
C:\USERS\POSSEHL\AppData\Roaming\Microsoft\Windows\Cookies\Low\possehl@pornorama[1].txt [ Cookie:possehl@pornorama.com/ ]
C:\USERS\POSSEHL\AppData\Roaming\Microsoft\Windows\Cookies\Low\possehl@ad3.adfarm1.adition[1].txt [ Cookie:possehl@ad3.adfarm1.adition.com/ ]
C:\USERS\POSSEHL\AppData\Roaming\Microsoft\Windows\Cookies\Low\possehl@serving-sys[1].txt [ Cookie:possehl@serving-sys.com/ ]
C:\USERS\POSSEHL\AppData\Roaming\Microsoft\Windows\Cookies\Low\possehl@gr.burstnet[1].txt [ Cookie:possehl@gr.burstnet.com/ ]
C:\USERS\POSSEHL\AppData\Roaming\Microsoft\Windows\Cookies\Low\possehl@adbrite[1].txt [ Cookie:possehl@adbrite.com/ ]
C:\USERS\POSSEHL\AppData\Roaming\Microsoft\Windows\Cookies\Low\possehl@www.pornorama[2].txt [ Cookie:possehl@www.pornorama.com/ ]
C:\USERS\POSSEHL\AppData\Roaming\Microsoft\Windows\Cookies\Low\possehl@tacoda.at.atwola[1].txt [ Cookie:possehl@tacoda.at.atwola.com/ ]
C:\USERS\POSSEHL\AppData\Roaming\Microsoft\Windows\Cookies\Low\possehl@imrworldwide[2].txt [ Cookie:possehl@imrworldwide.com/cgi-bin ]
C:\USERS\POSSEHL\AppData\Roaming\Microsoft\Windows\Cookies\Low\possehl@www.pornhub[2].txt [ Cookie:possehl@www.pornhub.com/ ]
C:\USERS\POSSEHL\AppData\Roaming\Microsoft\Windows\Cookies\Low\possehl@fr.sitestat[1].txt [ Cookie:possehl@fr.sitestat.com/eurosport/yahoode/ ]
C:\USERS\POSSEHL\AppData\Roaming\Microsoft\Windows\Cookies\Low\possehl@webmasterplan[1].txt [ Cookie:possehl@webmasterplan.com/ ]
C:\USERS\POSSEHL\AppData\Roaming\Microsoft\Windows\Cookies\Low\possehl@tracking.quisma[2].txt [ Cookie:possehl@tracking.quisma.com/ ]
C:\USERS\POSSEHL\AppData\Roaming\Microsoft\Windows\Cookies\Low\possehl@clicksor[1].txt [ Cookie:possehl@clicksor.com/ ]
C:\USERS\POSSEHL\AppData\Roaming\Microsoft\Windows\Cookies\Low\possehl@monoprix.solution.weborama[2].txt [ Cookie:possehl@monoprix.solution.weborama.fr/ ]
C:\USERS\POSSEHL\AppData\Roaming\Microsoft\Windows\Cookies\Low\possehl@apmebf[2].txt [ Cookie:possehl@apmebf.com/ ]
C:\USERS\POSSEHL\AppData\Roaming\Microsoft\Windows\Cookies\Low\possehl@revsci[2].txt [ Cookie:possehl@revsci.net/ ]
C:\USERS\POSSEHL\AppData\Roaming\Microsoft\Windows\Cookies\Low\possehl@ad2.adfarm1.adition[2].txt [ Cookie:possehl@ad2.adfarm1.adition.com/ ]
C:\USERS\POSSEHL\AppData\Roaming\Microsoft\Windows\Cookies\Low\possehl@invitemedia[1].txt [ Cookie:possehl@invitemedia.com/ ]
C:\USERS\POSSEHL\AppData\Roaming\Microsoft\Windows\Cookies\Low\possehl@www.google[2].txt [ Cookie:possehl@www.google.com/accounts ]
C:\USERS\POSSEHL\AppData\Roaming\Microsoft\Windows\Cookies\Low\possehl@euros4click[2].txt [ Cookie:possehl@euros4click.de/ ]
C:\USERS\POSSEHL\AppData\Roaming\Microsoft\Windows\Cookies\Low\possehl@supremeadserver[1].txt [ Cookie:possehl@supremeadserver.com/ ]
C:\USERS\POSSEHL\AppData\Roaming\Microsoft\Windows\Cookies\Low\possehl@adserver.i3d[1].txt [ Cookie:possehl@adserver.i3d.net/ ]
C:\USERS\POSSEHL\AppData\Roaming\Microsoft\Windows\Cookies\Low\possehl@burstnet[2].txt [ Cookie:possehl@burstnet.com/ ]
C:\USERS\POSSEHL\AppData\Roaming\Microsoft\Windows\Cookies\Low\possehl@media6degrees[1].txt [ Cookie:possehl@media6degrees.com/ ]
C:\USERS\POSSEHL\AppData\Roaming\Microsoft\Windows\Cookies\Low\possehl@fr.sitestat[2].txt [ Cookie:possehl@fr.sitestat.com/eurosport/ ]
C:\USERS\POSSEHL\AppData\Roaming\Microsoft\Windows\Cookies\Low\possehl@mediaplex[1].txt [ Cookie:possehl@mediaplex.com/ ]
C:\USERS\POSSEHL\AppData\Roaming\Microsoft\Windows\Cookies\Low\possehl@doubleclick[1].txt [ Cookie:possehl@doubleclick.net/ ]
C:\USERS\POSSEHL\AppData\Roaming\Microsoft\Windows\Cookies\Low\possehl@fastclick[1].txt [ Cookie:possehl@fastclick.net/ ]
C:\USERS\POSSEHL\AppData\Roaming\Microsoft\Windows\Cookies\Low\possehl@adxpansion[1].txt [ Cookie:possehl@adxpansion.com/ ]
C:\USERS\POSSEHL\AppData\Roaming\Microsoft\Windows\Cookies\Low\possehl@advertising[1].txt [ Cookie:possehl@advertising.com/ ]
C:\USERS\POSSEHL\AppData\Roaming\Microsoft\Windows\Cookies\Low\possehl@microsoftinternetexplorer.112.2o7[1].txt [ Cookie:possehl@microsoftinternetexplorer.112.2o7.net/ ]
C:\USERS\POSSEHL\AppData\Roaming\Microsoft\Windows\Cookies\Low\possehl@collective-media[2].txt [ Cookie:possehl@collective-media.net/ ]
C:\USERS\POSSEHL\AppData\Roaming\Microsoft\Windows\Cookies\Low\possehl@ad.adition[1].txt [ Cookie:possehl@ad.adition.net/ ]
C:\USERS\POSSEHL\AppData\Roaming\Microsoft\Windows\Cookies\Low\possehl@at.atwola[2].txt [ Cookie:possehl@at.atwola.com/ ]
C:\USERS\POSSEHL\AppData\Roaming\Microsoft\Windows\Cookies\Low\possehl@lucidmedia[1].txt [ Cookie:possehl@lucidmedia.com/ ]
C:\USERS\POSSEHL\AppData\Roaming\Microsoft\Windows\Cookies\Low\possehl@zanox-affiliate[1].txt [ Cookie:possehl@zanox-affiliate.de/ ]
C:\USERS\POSSEHL\AppData\Roaming\Microsoft\Windows\Cookies\Low\possehl@fl01.ct2.comclick[1].txt [ Cookie:possehl@fl01.ct2.comclick.com/ ]
C:\USERS\POSSEHL\AppData\Roaming\Microsoft\Windows\Cookies\Low\possehl@vidsfucker[1].txt [ Cookie:possehl@vidsfucker.com/ ]
C:\USERS\POSSEHL\AppData\Roaming\Microsoft\Windows\Cookies\Low\possehl@ar.atwola[1].txt [ Cookie:possehl@ar.atwola.com/ ]
C:\USERS\POSSEHL\AppData\Roaming\Microsoft\Windows\Cookies\Low\possehl@traffictrack[2].txt [ Cookie:possehl@traffictrack.de/ ]
C:\USERS\POSSEHL\AppData\Roaming\Microsoft\Windows\Cookies\Low\possehl@ad.yieldmanager[3].txt [ Cookie:possehl@ad.yieldmanager.com/ ]
C:\USERS\POSSEHL\AppData\Roaming\Microsoft\Windows\Cookies\Low\possehl@smartadserver[2].txt [ Cookie:possehl@smartadserver.com/ ]
C:\USERS\POSSEHL\AppData\Roaming\Microsoft\Windows\Cookies\Low\possehl@content.yieldmanager[2].txt [ Cookie:possehl@content.yieldmanager.com/ ]
C:\USERS\POSSEHL\AppData\Roaming\Microsoft\Windows\Cookies\Low\possehl@ero-advertising[1].txt [ Cookie:possehl@ero-advertising.com/ ]
C:\USERS\POSSEHL\AppData\Roaming\Microsoft\Windows\Cookies\Low\possehl@tracking1.aleadpay[1].txt [ Cookie:possehl@tracking1.aleadpay.com/ ]
C:\USERS\POSSEHL\AppData\Roaming\Microsoft\Windows\Cookies\Low\possehl@mygaypornotube[2].txt [ Cookie:possehl@mygaypornotube.com/ ]
C:\USERS\POSSEHL\AppData\Roaming\Microsoft\Windows\Cookies\Low\possehl@adxpose[1].txt [ Cookie:possehl@adxpose.com/ ]
C:\USERS\POSSEHL\AppData\Roaming\Microsoft\Windows\Cookies\Low\possehl@yadro[1].txt [ Cookie:possehl@yadro.ru/ ]
C:\USERS\POSSEHL\AppData\Roaming\Microsoft\Windows\Cookies\Low\possehl@dailyporntube[1].txt [ Cookie:possehl@dailyporntube.net/ ]
C:\USERS\POSSEHL\AppData\Roaming\Microsoft\Windows\Cookies\Low\possehl@adviva[2].txt [ Cookie:possehl@adviva.net/ ]
C:\USERS\POSSEHL\AppData\Roaming\Microsoft\Windows\Cookies\Low\possehl@statse.webtrendslive[2].txt [ Cookie:possehl@statse.webtrendslive.com/ ]
C:\USERS\POSSEHL\AppData\Roaming\Microsoft\Windows\Cookies\Low\possehl@microsoftwindows.112.2o7[1].txt [ Cookie:possehl@microsoftwindows.112.2o7.net/ ]
C:\USERS\POSSEHL\AppData\Roaming\Microsoft\Windows\Cookies\Low\possehl@zedo[2].txt [ Cookie:possehl@zedo.com/ ]
C:\USERS\POSSEHL\AppData\Roaming\Microsoft\Windows\Cookies\Low\possehl@lightpornmovies[2].txt [ Cookie:possehl@lightpornmovies.com/ ]
C:\USERS\POSSEHL\AppData\Roaming\Microsoft\Windows\Cookies\Low\possehl@trafficholder[1].txt [ Cookie:possehl@trafficholder.com/cgi-bin/traffic/ ]
C:\USERS\POSSEHL\AppData\Roaming\Microsoft\Windows\Cookies\Low\possehl@bouyguestelecom.solution.weborama[2].txt [ Cookie:possehl@bouyguestelecom.solution.weborama.fr/ ]
C:\USERS\POSSEHL\AppData\Roaming\Microsoft\Windows\Cookies\Low\possehl@xiti[1].txt [ Cookie:possehl@xiti.com/ ]
C:\USERS\POSSEHL\AppData\Roaming\Microsoft\Windows\Cookies\Low\possehl@rts.pgmediaserve[1].txt [ Cookie:possehl@rts.pgmediaserve.com/ ]
C:\USERS\POSSEHL\AppData\Roaming\Microsoft\Windows\Cookies\Low\possehl@vdwp.solution.weborama[2].txt [ Cookie:possehl@vdwp.solution.weborama.fr/ ]
C:\USERS\POSSEHL\AppData\Roaming\Microsoft\Windows\Cookies\Low\possehl@questionmarket[2].txt [ Cookie:possehl@questionmarket.com/ ]
C:\USERS\POSSEHL\AppData\Roaming\Microsoft\Windows\Cookies\Low\possehl@weborama[1].txt [ Cookie:possehl@weborama.fr/ ]
C:\USERS\POSSEHL\AppData\Roaming\Microsoft\Windows\Cookies\Low\possehl@qporno[2].txt [ Cookie:possehl@qporno.com/ ]
C:\USERS\POSSEHL\AppData\Roaming\Microsoft\Windows\Cookies\Low\possehl@pornhub[1].txt [ Cookie:possehl@pornhub.com/ ]
C:\USERS\POSSEHL\AppData\Roaming\Microsoft\Windows\Cookies\Low\possehl@ru4[1].txt [ Cookie:possehl@ru4.com/ ]
C:\USERS\POSSEHL\AppData\Roaming\Microsoft\Windows\Cookies\Low\possehl@statcounter[1].txt [ Cookie:possehl@statcounter.com/ ]
C:\USERS\POSSEHL\Cookies\possehl@c.atdmt[7].txt [ Cookie:possehl@c.atdmt.com/ ]
C:\USERS\POSSEHL\Cookies\possehl@atdmt[7].txt [ Cookie:possehl@atdmt.com/ ]
.doubleclick.net [ C:\USERS\POSSEHL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\POSSEHL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\POSSEHL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\POSSEHL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
fr.sitestat.com [ C:\USERS\POSSEHL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
fr.sitestat.com [ C:\USERS\POSSEHL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.im.banner.t-online.de [ C:\USERS\POSSEHL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adfarm1.adition.com [ C:\USERS\POSSEHL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adfarm1.adition.com [ C:\USERS\POSSEHL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad4.adfarm1.adition.com [ C:\USERS\POSSEHL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adfarm1.adition.com [ C:\USERS\POSSEHL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.xiti.com [ C:\USERS\POSSEHL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\POSSEHL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.yieldmanager.net [ C:\USERS\POSSEHL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tribalfusion.com [ C:\USERS\POSSEHL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.legolas-media.com [ C:\USERS\POSSEHL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.harrenmedianetwork.com [ C:\USERS\POSSEHL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zedo.com [ C:\USERS\POSSEHL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.xm.xtendmedia.com [ C:\USERS\POSSEHL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\POSSEHL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adnetwork.net [ C:\USERS\POSSEHL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zedo.com [ C:\USERS\POSSEHL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zedo.com [ C:\USERS\POSSEHL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.imrworldwide.com [ C:\USERS\POSSEHL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.imrworldwide.com [ C:\USERS\POSSEHL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\POSSEHL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\POSSEHL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.im.banner.t-online.de [ C:\USERS\POSSEHL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\POSSEHL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\POSSEHL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\POSSEHL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\POSSEHL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.atdmt.com [ C:\USERS\POSSEHL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.atdmt.com [ C:\USERS\POSSEHL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.apmebf.com [ C:\USERS\POSSEHL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mediaplex.com [ C:\USERS\POSSEHL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zanox.com [ C:\USERS\POSSEHL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zanox.com [ C:\USERS\POSSEHL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.webmasterplan.com [ C:\USERS\POSSEHL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.webmasterplan.com [ C:\USERS\POSSEHL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.smartadserver.com [ C:\USERS\POSSEHL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.smartadserver.com [ C:\USERS\POSSEHL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.smartadserver.com [ C:\USERS\POSSEHL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\POSSEHL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\POSSEHL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.webmasterplan.com [ C:\USERS\POSSEHL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.smartadserver.com [ C:\USERS\POSSEHL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.smartadserver.com [ C:\USERS\POSSEHL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.smartadserver.com [ C:\USERS\POSSEHL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\USERS\POSSEHL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\USERS\POSSEHL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.webmasterplan.com [ C:\USERS\POSSEHL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.de.clickcompare.info [ C:\USERS\POSSEHL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.de.clickcompare.info [ C:\USERS\POSSEHL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.de.clickcompare.info [ C:\USERS\POSSEHL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mediaplex.com [ C:\USERS\POSSEHL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adxpose.com [ C:\USERS\POSSEHL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\POSSEHL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\POSSEHL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\POSSEHL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\POSSEHL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adtech.de [ C:\USERS\POSSEHL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adtech.de [ C:\USERS\POSSEHL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adtech.de [ C:\USERS\POSSEHL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adtech.de [ C:\USERS\POSSEHL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adtech.de [ C:\USERS\POSSEHL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\USERS\POSSEHL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\USERS\POSSEHL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\USERS\POSSEHL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adtech.de [ C:\USERS\POSSEHL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.unitymedia.de [ C:\USERS\POSSEHL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.unitymedia.de [ C:\USERS\POSSEHL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zedo.com [ C:\USERS\POSSEHL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.legolas-media.com [ C:\USERS\POSSEHL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.legolas-media.com [ C:\USERS\POSSEHL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.legolas-media.com [ C:\USERS\POSSEHL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zedo.com [ C:\USERS\POSSEHL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zedo.com [ C:\USERS\POSSEHL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zedo.com [ C:\USERS\POSSEHL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zedo.com [ C:\USERS\POSSEHL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\POSSEHL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\POSSEHL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\POSSEHL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\POSSEHL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\POSSEHL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
secure-uk.imrworldwide.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\2TW8RMYX ]
C:\USERS\POSSEHL\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\POSSEHL@ADTECH[2].TXT [ /ADTECH ]
C:\USERS\POSSEHL\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\POSSEHL@PARTYPOKER[1].TXT [ /PARTYPOKER ]
C:\USERS\POSSEHL\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\POSSEHL@ADS.CREATIVE-SERVING[1].TXT [ /ADS.CREATIVE-SERVING ]
C:\USERS\POSSEHL\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\POSSEHL@UNITYMEDIA[2].TXT [ /UNITYMEDIA ]
C:\USERS\POSSEHL\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\POSSEHL@FREEPORNMPG[1].TXT [ /FREEPORNMPG ]
C:\USERS\POSSEHL\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\POSSEHL@ZANOX[1].TXT [ /ZANOX ]
C:\USERS\POSSEHL\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\POSSEHL@ADSERVER.ADREACTOR[2].TXT [ /ADSERVER.ADREACTOR ]
C:\USERS\POSSEHL\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\POSSEHL@COUNTER.HITSLINK[1].TXT [ /COUNTER.HITSLINK ]
C:\USERS\POSSEHL\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\POSSEHL@AD.LEADBOLT[1].TXT [ /AD.LEADBOLT ]
C:\USERS\POSSEHL\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\POSSEHL@AD.LEADBOLT[2].TXT [ /AD.LEADBOLT ]
C:\USERS\POSSEHL\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\POSSEHL@ADS.FLING[2].TXT [ /ADS.FLING ]
C:\USERS\POSSEHL\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\POSSEHL@NEDSTAT.HOSTELBOOKERS[1].TXT [ /NEDSTAT.HOSTELBOOKERS ]
C:\USERS\POSSEHL\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\POSSEHL@NEDSTAT.HOSTELBOOKERS[2].TXT [ /NEDSTAT.HOSTELBOOKERS ]
C:\USERS\POSSEHL\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\POSSEHL@ADS.ADK2[1].TXT [ /ADS.ADK2 ]
C:\USERS\POSSEHL\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\POSSEHL@TRADEDOUBLER[1].TXT [ /TRADEDOUBLER ]
C:\USERS\POSSEHL\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\POSSEHL@AD2.ADFARM1.ADITION[1].TXT [ /AD2.ADFARM1.ADITION ]
C:\USERS\POSSEHL\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\POSSEHL@2O7[2].TXT [ /2O7 ]
C:\USERS\POSSEHL\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\POSSEHL@AD.YIELDMANAGER[1].TXT [ /AD.YIELDMANAGER ]
C:\USERS\POSSEHL\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\POSSEHL@ADS.LIVETV[1].TXT [ /ADS.LIVETV ]
C:\USERS\POSSEHL\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\POSSEHL@AD.ADC-SERV[2].TXT [ /AD.ADC-SERV ]
C:\USERS\POSSEHL\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\POSSEHL@WWW.ACTIVE-TRACKING[1].TXT [ /WWW.ACTIVE-TRACKING ]
C:\USERS\POSSEHL\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\POSSEHL@DOUBLECLICK[2].TXT [ /DOUBLECLICK ]
C:\USERS\POSSEHL\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\POSSEHL@AD.ZANOX[2].TXT [ /AD.ZANOX ]
C:\USERS\POSSEHL\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\POSSEHL@TUBESEXCLIPS[1].TXT [ /TUBESEXCLIPS ]
C:\USERS\POSSEHL\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\POSSEHL@ADS.QUARTERMEDIA[1].TXT [ /ADS.QUARTERMEDIA ]
C:\USERS\POSSEHL\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\POSSEHL@MM.CHITIKA[2].TXT [ /MM.CHITIKA ]
C:\USERS\POSSEHL\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\POSSEHL@TRAVELADVERTISING[2].TXT [ /TRAVELADVERTISING ]
C:\USERS\POSSEHL\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\POSSEHL@ADULTFRIENDFINDER[2].TXT [ /ADULTFRIENDFINDER ]
C:\USERS\POSSEHL\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\POSSEHL@INTERCLICK[1].TXT [ /INTERCLICK ]
C:\USERS\POSSEHL\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\POSSEHL@EAS.APM.EMEDIATE[2].TXT [ /EAS.APM.EMEDIATE ]
C:\USERS\POSSEHL\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\POSSEHL@ADS.ZEUSCLICKS[1].TXT [ /ADS.ZEUSCLICKS ]
C:\USERS\POSSEHL\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\POSSEHL@ADVERTSTREAM[2].TXT [ /ADVERTSTREAM ]
C:\USERS\POSSEHL\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\POSSEHL@IM.BANNER.T-ONLINE[1].TXT [ /IM.BANNER.T-ONLINE ]
C:\USERS\POSSEHL\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\POSSEHL@WWW.GOOGLEADSERVICES[2].TXT [ /WWW.GOOGLEADSERVICES ]
C:\USERS\POSSEHL\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\POSSEHL@ADS.CLICMANAGER[2].TXT [ /ADS.CLICMANAGER ]
C:\USERS\POSSEHL\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\POSSEHL@ADX.CHIP[2].TXT [ /ADX.CHIP ]
C:\USERS\POSSEHL\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\POSSEHL@ADFARM1.ADITION[1].TXT [ /ADFARM1.ADITION ]
C:\USERS\POSSEHL\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\POSSEHL@ANRTX.TACODA[1].TXT [ /ANRTX.TACODA ]
C:\USERS\POSSEHL\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\POSSEHL@ADFARM1.ADITION[2].TXT [ /ADFARM1.ADITION ]
C:\USERS\POSSEHL\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\POSSEHL@AD.360YIELD[2].TXT [ /AD.360YIELD ]
C:\USERS\POSSEHL\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\POSSEHL@BANNERS.FACEBOOKOFSEX[1].TXT [ /BANNERS.FACEBOOKOFSEX ]
C:\USERS\POSSEHL\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\POSSEHL@REVSCI[1].TXT [ /REVSCI ]
.smartadserver.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
.zedo.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
.atdmt.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
.atdmt.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
eas.apm.emediate.eu [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
.rambler.ru [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
eas.apm.emediate.eu [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
ad.adition.net [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
ad.adition.net [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
fr.sitestat.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
fr.sitestat.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
.apmebf.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
.mediaplex.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
.imrworldwide.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
.imrworldwide.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
dc.tremormedia.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
tracking.sim-technik.de [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
.im.banner.t-online.de [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
.xiti.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
.histats.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
.histats.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
toi-rvp-ticker-01.odmedia.net [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
.specificclick.net [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
.adviva.net [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
toi-rvp-ticker-01.odmedia.net [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
.adinterax.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
ads2.medianord.de [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
.mm.chitika.net [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
.adbrite.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
.technoratimedia.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
.ru4.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
.statcounter.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
wstat.wibiya.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
.legolas-media.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
.harrenmedianetwork.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
ads.247activemedia.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
adsrv1.admediate.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
adx.chip.de [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
.amazon-adsystem.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
track.effiliation.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
.amazon-adsystem.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
.adxvalue.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
.lucidmedia.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
track.solocpm.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
.traffictrack.de [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
.traffictrack.de [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
.tto2.traffictrack.de [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
.eyewonder.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
.eyewonder.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
.ad.yieldmanager.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
.advertising.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
.adnetwork.net [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
.fastclick.net [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
.fastclick.net [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
.overture.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
.mapsofindia.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
.adserver.adtechus.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
.mapsofindia.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
www.mapsofindia.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
.mapsofindia.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
.traffictrack.de [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
.partypoker.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
.partypoker.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
.partypoker.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
.partypoker.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
.partypoker.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
.partypoker.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
.partypoker.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
.gostats.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
.at.atwola.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
.advertising.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
.legolas-media.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
.mediaplex.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
.zanox.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
fl01.ct2.comclick.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
timesofindia.indiatimes.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
timesofindia.indiatimes.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
timesofindia.indiatimes.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
fl01.ct2.comclick.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
.tradetracker.net [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
.zedo.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
.yadro.ru [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
.zanox-affiliate.de [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
ww251.smartadserver.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
track.adform.net [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
server.adformdsp.net [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
.adformdsp.net [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
.adform.net [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
.skydeutschland.122.2o7.net [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
.adxpose.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
.apmebf.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
ad.zanox.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
.xm.xtendmedia.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
.legolas-media.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
ad.dyntracker.de [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
.ads.pointroll.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
.pointroll.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
.ads.pointroll.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
.pointroll.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
.ads.pointroll.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
.ads.pointroll.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
.ads.pointroll.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
.ads.pointroll.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
.ads.pointroll.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
.ads.pointroll.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
.doubleclick.net [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
.bs.serving-sys.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
.im.banner.t-online.de [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
track.effiliation.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
track.effiliation.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
track.effiliation.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
track.effiliation.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
track.effiliation.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
.doubleclick.net [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
.liveperson.net [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
.liveperson.net [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
statse.webtrendslive.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
ad.zanox.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
.tracking.quisma.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
.zanox-affiliate.de [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
tomtailor.dyntracker.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
.adbrite.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
.tracking.quisma.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
.tracking.quisma.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
7.rotator.wigetmedia.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
7.rotator.wigetmedia.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
.zedo.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
.advertising.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
.advertising.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
eas.apm.emediate.eu [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
7.rotator.wigetmedia.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
.tracking.quisma.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
ad1.adfarm1.adition.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
.unister-adservices.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
.im.banner.t-online.de [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
.im.banner.t-online.de [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
eas.apm.emediate.eu [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
.ad.adnet.de [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
.unitymedia.de [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
.unitymedia.de [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
.mediaplex.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
accounts.youtube.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
accounts.youtube.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
.questionmarket.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
.questionmarket.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
.yieldmanager.net [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
adfarm1.adition.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
track.adform.net [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
.adform.net [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
accounts.youtube.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
accounts.youtube.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
.zedo.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
.legolas-media.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
.legolas-media.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
eas5.emediate.eu [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
eas5.emediate.eu [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
.zedo.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
.aim4media.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
.zedo.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
.zedo.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
.zedo.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
.bs.serving-sys.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
.zanox.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
ad3.adfarm1.adition.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
ad2.adfarm1.adition.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
.tracker.vinsight.de [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
accounts.youtube.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
.adinterax.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
ad4.adfarm1.adition.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
.im.banner.t-online.de [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
accounts.youtube.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
accounts.youtube.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
accounts.google.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
.accounts.google.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
.accounts.google.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
.accounts.google.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
accounts.youtube.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
.doubleclick.net [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
.tribalfusion.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
|
|
01.10.2012, 13:04
| #30 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Avast blockiert URL bei Google ChromeCode:
ATTFilter UAC On - Limited User
__________________ Logfiles bitte immer in CODE-Tags posten |
|
| Themen zu Avast blockiert URL bei Google Chrome |
| ahnung, appdata, blockiert, bösartige, bösartige website, chrome, fahren, frühen, google, google chrome, hijack.startpage, hoffe, keine ahnung, local, melde, meldet, meldung, pup.codec.pr, pup.vshareredir, scanner, users, viren, viren scanner, website |
Linear-Darstellung
