| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: VerschlüsselungstrojanerWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
12.06.2012, 19:33
| #1 |
 |  Verschlüsselungstrojaner Hallo, habe heute eine E-Mail geöffnet die an mich adressiert war mit meinem vollständigen Namen in der Anrede. Der Absender war smilinchefjohnny@rogers.com. Der Text lautete: "Hallo ***, Sicher ist es Ihnen entgangen, dass die Zahlungsfrist der nachfolgenden Rechnung abgelaufen ist. Auf unsere Erinnerungen haben Sie ebenso nicht reagiert. Artikel: Leica Mega HF Artikelnummer: 9112261777835 Stück: 1 Summe: 754,40 Euro Aufgrund zusätzlicher Kosten anlässlich des Ausgleichs von Gebührenforderungen erheben wir Mahngebühren und Einschreibegebühren in der Höhe von 10.- Euro inkl. MwSt. Wir bitten Sie, den ausstehenden Rechnungsbetrag in den nächsten 7 Tagen zu überweisen. Ansonsten sehen wir uns leider gezwungen, ein Betreibungsverfahren in die Wege zu leiten und ein Inkasso Unternehmen für die weiteren Massnahmen zu beauftragen. Sollte sich dieses Schreiben mit der Bezahlung des ausstehenden Betrags gekreuzt haben, so betrachten Sie dieses Schreiben bitte als gegenstandslos. Anlagen: - Rechnung - Lieferschein Mit besten Grüßen FOTO THUN GMBH" im Anhang war eine ZIP Datei, nach dem Öffnen kam zuerst eine Fehlermeldung, dass es keine Worddatei wäre und kurz darauf war ein schwarzer Bildschirm mit einem Text 'Willkommen bei Windows Update ... sie haben sich mit einem Windows-Verschlüsselungstrojaner infiziert. Aus Sicherheitsgründen wurde Ihr Windowssystem blockiert [...] Man soll einen Paysafecard Code für 100 Eur erwerben. Der Task-Manager funktioniert nicht. Im Abgesicherten Modus kommt man dann wieder an seinen normalen Desktop und kann arbeiten. Es gibt eine neue Datei mit dem Titel ACHTUNG LESEN.txt mit folgendem Inhalt: "Sehr geehrte Damen und Herren, anscheinend wurde das Update Programm vollständig unterbrochen. Jetzt kann das Virus nur manuell beseitigt werden. Dies brauchen Sie um Ihre Dateien benutzen zu können. Falls Sie also die gesperrten Daten brauchen, senden Sie uns bitte 200 Euro Ukash Code an die Email: software-update@inbox.lt, so bald dieser Code geprüft wurde, erhalten Sie ein Update Programm. Falls Sie Ihre Daten nicht brauchen raten wir Ihnen dringend Ihren Computer zu formatieren um den Virus vollständig zu entfernen. Ukash können Sie an einer beliebigen Tankstelle erwerben und auch in mehreren Internetcafes in Ihrer Nähe. mfG Ihr Security Team" alle alten Dateien sind umbenannt worden (z. B. in dDpesVtOJrAGrQgvLye) und nicht mehr lesbar. Die Ordner haben ihren alten Namen behalten. Die Programme funktionieren und neu erstellte Dateien scheinen nicht umbenannt zu werden. Avira Antivir hat keine Viren und Trojaner gefunden. Über Hilfe meinen PC zu retten und ggf die wenigen Daten die ich die letzten 7 Tage neu generiert habe würde ich mich sehr freuen!! Ein herzliches Dankeschön im Vorraus! |
|
14.06.2012, 14:30
| #2 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Verschlüsselungstrojaner Bitte erstmal routinemäßig einen Vollscan mit Malwarebytes machen und Log posten. =>ALLE lokalen Datenträger (außer CD/DVD) überprüfen lassen!
__________________Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss! Die Funde mit Malwarebytes bitte alle entfernen, sodass sie in der Quarantäne von Malwarebytes aufgehoben werden! NICHTS voreilig aus der Quarantäne entfernen! Falls Logs aus älteren Scans mit Malwarebytes vorhanden sind, bitte auch davon alle posten! ESET Online Scanner
Bitte alles nach Möglichkeit hier in CODE-Tags posten. Wird so gemacht: [code] hier steht das Log [/code] Und das ganze sieht dann so aus: Code:
ATTFilter hier steht das Log
Hinweise bzgl. der verschlüsselten Dateien: Wann genau deine Daten entschlüsselt werden können wird dir niemand genau sagen können außer vllt einer  es kann sein, dass du eine neuere Variante hast, deren Verschlüsselungsalgorithmus noch unbekannt ist. Sowas kann man (noch) nicht entschlüsseln und ohne Schlüssel schon garnicht - ist ja auch logisch, sonst wär es ja keine vernünftige Verschlüsselung Einfach hier nochmal reinsehen in regelmäßigen Abständen, obige Hinweise beachten. 8 Tools mitsamt hunderten Diskussionsbeiträgen stehen da schon Eine Notlösung für Vista und Win7-User => http://www.trojaner-board.de/115496-...erstellen.html Entschlüsselungsversuche der verschlüsselten Dateien sind nur auf zusätzliche Kopien der verschlüsselten Dateien anzuwenden, sonst zerhackt man sich die noch weiter ohne die "original" verschlüsselte Datei mehr zu haben. Das willst du sicher nicht! Man darf sich aber keine falschen Hoffnungen machen. Mittlerweile sieht es finster aus => Delphi-PRAXiS - Einzelnen Beitrag anzeigen - Verschlüsselungs-Trojaner, Hilfe benötigt Und in Zukunft willst du sicher mal an ein besseres Backupkonzept denken. Hier ein Denkanstoß => http://www.trojaner-board.de/115678-...r-backups.html
__________________ |
|
15.06.2012, 22:06
| #3 |
| |  Verschlüsselungstrojaner Lieber Arne, danke dass du dir Zeit für mein Problem nimmst!
__________________Habe nochmals einen Scan mit Malwarebytes durchlaufen lassen: hier das Logfile: Code:
ATTFilter Malwarebytes Anti-Malware (Test) 1.61.0.1400 www.malwarebytes.org Datenbank Version: v2012.06.12.02 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 Judith :: JUDITH-PC [Administrator] Schutz: Aktiviert 15.06.2012 19:26:55 mbam-log-2012-06-15 (19-26-55).txt Art des Suchlaufs: Vollständiger Suchlauf Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 334069 Laufzeit: 1 Stunde(n), 13 Minute(n), 4 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) hier das logfile dazu: Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=defebaaf99174d4287e83ab0ec8774a2
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2012-06-15 08:54:29
# local_time=2012-06-15 10:54:29 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=1792 16777215 100 0 16864780 16864780 0 0
# compatibility_mode=5893 16776573 100 94 4190 91416614 0 0
# compatibility_mode=8192 67108863 100 0 208 208 0 0
# scanned=138341
# found=3
# cleaned=0
# scan_time=6906
C:\Users\Judith\AppData\Local\Temp\Beilagen-1.zip Win32/Trustezeb.C trojan (unable to clean) 00000000000000000000000000000000 I
C:\Users\Judith\AppData\Local\Temp\Beilagen.zip Win32/Trustezeb.C trojan (unable to clean) 00000000000000000000000000000000 I
C:\Users\Judith\Szsrxdtff\eaepsycjj.exe Win32/Trustezeb.C trojan (unable to clean) 00000000000000000000000000000000 I
|
|
15.06.2012, 23:27
| #4 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Verschlüsselungstrojaner Hätte da mal zwei Fragen bevor es weiter geht 1.) Geht der normale Modus von Windows (wieder) uneingeschränkt? 2.) Vermisst du irgendwas im Startmenü? Sind da leere Ordner unter alle Programme oder ist alles vorhanden?
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
16.06.2012, 14:15
| #5 |
| | Verschlüsselungstrojaner Lieber Arne, habe den PC nochmal neu gestartet. Ich konnte im normalen Modus starten Zuerst kam ein Pop-Up von Malwarebytes mit folgendem Text: Malewarebytes Anti-Malware hate den Ausführungsversuch eines bösartigen Prozesses festgestellt und dessen Ausführung unterbunden. Bitte wählen sie eine der folgenden Optionen aus. C:\USERS\JUDITH\SZSRXDTFF\EAEPSYCCJJ.EXE TROJAN.AGENT.SZ ich habe Quarantäne ausgewählt kurz darauf kam ein ein Pop-UP mit folgendem Text: mbampt.exe-Anwendungsfehler Die Andwendung konnte nicht korrekt gestartet werden (0xc0000005). Klicken sie auf "OK", um die Anwendung zu schließen. habe dann nochmal einen QuickScan mit Malwarebytes durchgeführt: hier die Logdatei Code:
ATTFilter Malwarebytes Anti-Malware (Test) 1.61.0.1400 www.malwarebytes.org Datenbank Version: v2012.06.15.07 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 Judith :: JUDITH-PC [Administrator] Schutz: Aktiviert 16.06.2012 13:52:55 mbam-log-2012-06-16 (15-12-15).txt Art des Suchlaufs: Quick-Scan Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 206818 Laufzeit: 6 Minute(n), 41 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 1 C:\Users\Judith\Szsrxdtff\eaepsycjj.exe (Trojan.Agent.SZ) -> Keine Aktion durchgeführt. (Ende) liebe Grüße |
|
17.06.2012, 21:01
| #6 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Verschlüsselungstrojaner Mach bitte ein neues OTL-Log. Bitte alles nach Möglichkeit hier in CODE-Tags posten. Wird so gemacht: [code] hier steht das Log [/code] Und das ganze sieht dann so aus: Code:
ATTFilter hier steht das Log
Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
Code:
ATTFilter netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.exe
/md5start
wininit.exe
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
CREATERESTOREPOINT
__________________ --> Verschlüsselungstrojaner |
|
18.06.2012, 12:24
| #7 |
| | Verschlüsselungstrojaner Lieber Arne, hier die OTL: Code:
ATTFilter OTL logfile created on: 18.06.2012 12:48:28 - Run 2
OTL by OldTimer - Version 3.2.49.0 Folder = C:\Users\Judith\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
1,73 Gb Total Physical Memory | 0,92 Gb Available Physical Memory | 53,36% Memory free
3,46 Gb Paging File | 2,28 Gb Available in Paging File | 65,78% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 283,99 Gb Total Space | 194,44 Gb Free Space | 68,47% Space Free | Partition Type: NTFS
Computer Name: JUDITH-PC | User Name: Judith | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2012.06.18 12:45:46 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\Judith\Downloads\OTL(1).exe
PRC - [2012.05.09 17:43:03 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
PRC - [2012.05.09 17:42:58 | 000,348,624 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
PRC - [2012.05.09 17:42:58 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
PRC - [2012.04.04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012.04.04 15:56:38 | 000,462,408 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2012.02.13 15:15:26 | 002,641,920 | ---- | M] (pdfforge hxxp://www.pdfforge.org/) -- C:\Program Files (x86)\PDFCreator\PDFCreator.exe
PRC - [2012.01.03 15:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011.06.17 19:33:04 | 000,272,528 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee Security Scan\3.0.207\SSScheduler.exe
PRC - [2011.03.14 13:44:37 | 000,414,800 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LMutilps32.exe
PRC - [2011.03.14 13:44:36 | 000,334,416 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LMworker.exe
PRC - [2011.03.14 13:44:35 | 000,352,336 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe
PRC - [2011.03.14 13:44:34 | 001,081,424 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LManager.exe
PRC - [2011.02.25 10:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
PRC - [2011.01.31 22:55:14 | 000,244,624 | ---- | M] (Acer Incorporated) -- C:\Programme\Acer\Acer Updater\UpdaterService.exe
PRC - [2010.10.05 23:46:10 | 000,704,104 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe
PRC - [2010.09.28 04:00:56 | 000,340,336 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe
PRC - [2010.09.18 01:10:16 | 000,407,920 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
PRC - [2010.09.18 01:10:02 | 000,201,584 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
PRC - [2010.01.30 01:52:58 | 000,260,640 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe
PRC - [2010.01.08 15:21:22 | 000,023,584 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
========== Modules (No Company Name) ==========
MOD - [2007.11.28 19:59:42 | 003,702,784 | ---- | M] () -- C:\Program Files (x86)\PDFCreator\GS8.61\gs8.61\Bin\gsdll32.dll
========== Win32 Services (SafeList) ==========
SRV:64bit: - [2011.01.11 07:49:46 | 000,203,776 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2010.12.17 01:18:08 | 000,198,784 | ---- | M] (Conexant Systems Inc.) [Auto | Running] -- C:\Windows\SysNative\CxAudMsg64.exe -- (CxAudMsg)
SRV - [2012.05.09 17:43:03 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2012.05.09 17:42:58 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2012.05.08 19:05:03 | 000,257,696 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.04.27 15:55:19 | 000,129,976 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.04.04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012.01.03 15:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011.06.17 19:33:04 | 000,237,008 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\McAfee Security Scan\3.0.207\McCHSvc.exe -- (McComponentHostService)
SRV - [2011.03.14 13:44:35 | 000,352,336 | ---- | M] (Dritek System Inc.) [Auto | Running] -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe -- (DsiWMIService)
SRV - [2011.03.01 21:23:36 | 000,183,560 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011.02.25 10:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE -- (SeaPort)
SRV - [2011.01.31 22:55:14 | 000,244,624 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Programme\Acer\Acer Updater\UpdaterService.exe -- (Live Updater Service)
SRV - [2011.01.28 08:44:08 | 000,868,224 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Programme\Acer\Acer ePower Management\ePowerSvc.exe -- (ePowerSvc)
SRV - [2011.01.02 21:29:50 | 000,009,216 | ---- | M] (www.shadowexplorer.com) [Auto | Running] -- C:\Program Files (x86)\ShadowExplorer\sesvc.exe -- (sesvc)
SRV - [2010.09.28 03:09:54 | 000,172,912 | ---- | M] (Egis Technology Inc. ) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe -- (EgisTec Ticket Service)
SRV - [2010.09.23 03:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Programme\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV - [2010.09.21 23:49:00 | 002,286,976 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.01.30 01:52:58 | 000,260,640 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe -- (RS_Service)
SRV - [2010.01.08 15:21:22 | 000,023,584 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files (x86)\Acer\Registration\GREGsvc.exe -- (GREGService)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2012.05.09 17:43:04 | 000,132,832 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2012.05.09 17:43:04 | 000,098,848 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2012.04.04 15:56:40 | 000,024,904 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011.10.19 17:56:15 | 000,027,760 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr)
DRV:64bit: - [2011.04.15 10:28:13 | 000,062,584 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDVDisk.sys -- (mwlPSDVDisk)
DRV:64bit: - [2011.04.15 10:28:13 | 000,022,912 | ---- | M] (Egis Technology Inc.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDFilter.sys -- (mwlPSDFilter)
DRV:64bit: - [2011.04.15 10:28:13 | 000,020,328 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDNserv.sys -- (mwlPSDNServ)
DRV:64bit: - [2011.03.17 09:10:48 | 001,584,256 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CHDRT64.sys -- (CnxtHdAudService)
DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011.03.01 16:33:16 | 004,720,704 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2011.01.25 05:48:03 | 000,077,424 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C)
DRV:64bit: - [2011.01.13 13:46:18 | 001,412,144 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2011.01.11 08:23:38 | 008,122,368 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2011.01.11 07:13:52 | 000,290,816 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2010.12.01 10:12:06 | 000,250,984 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2010.11.28 21:50:38 | 000,044,672 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter)
DRV:64bit: - [2010.11.21 05:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.21 05:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010.11.17 01:04:32 | 000,115,216 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer.msn.com
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer.msn.com
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer.msn.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer.msn.com
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1829406969-1796033248-114794001-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer.msn.com
IE - HKU\S-1-5-21-1829406969-1796033248-114794001-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
IE - HKU\S-1-5-21-1829406969-1796033248-114794001-1001\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-1829406969-1796033248-114794001-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_2_202_235.dll File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.04.27 15:55:19 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.05.27 16:58:38 | 000,000,000 | ---D | M]
[2011.12.13 23:01:49 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Judith\AppData\Roaming\mozilla\Extensions
[2012.05.02 18:12:05 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Judith\AppData\Roaming\mozilla\Firefox\Profiles\2fbozq77.default\extensions
[2012.04.28 11:07:29 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2012.04.27 15:55:18 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012.01.12 11:13:20 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.01.12 11:13:20 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012.01.12 11:13:20 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012.01.12 11:13:19 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.01.12 11:13:19 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.01.12 11:13:19 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\PROGRA~1\mcafee\msk\MSKAPB~1.DLL File not found
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2 - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\progra~1\mcafee\msk\mskapbho.dll File not found
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [Acer ePower Management] C:\Programme\Acer\Acer ePower Management\ePowerTray.exe (Acer Incorporated)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [EgisTecPMMUpdate] C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe (Egis Technology Inc.)
O4 - HKLM..\Run: [EgisUpdate] C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe (Egis Technology Inc.)
O4 - HKLM..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SuiteTray] C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe (Egis Technology Inc.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1829406969-1796033248-114794001-1001..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized File not found
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\S-1-5-21-1829406969-1796033248-114794001-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:64bit: - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~4\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~4\Office12\EXCEL.EXE/3000 File not found
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~4\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{308F94D1-A347-441F-8242-2B2929DD94F0}: DhcpNameServer = 82.144.41.8 82.145.9.8
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{494E9012-B9A2-499D-BE46-AA9226ACB9C4}: DhcpNameServer = 192.168.2.1
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Acer\Acer VCM\Skype4COM.dll (Skype Technologies)
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
SafeBootMin:64bit: AppMgmt - Service
SafeBootMin:64bit: Base - Driver Group
SafeBootMin:64bit: Boot Bus Extender - Driver Group
SafeBootMin:64bit: Boot file system - Driver Group
SafeBootMin:64bit: File system - Driver Group
SafeBootMin:64bit: Filter - Driver Group
SafeBootMin:64bit: HelpSvc - Service
SafeBootMin:64bit: MCODS - Reg Error: Value error.
SafeBootMin:64bit: PCI Configuration - Driver Group
SafeBootMin:64bit: PNP Filter - Driver Group
SafeBootMin:64bit: Primary disk - Driver Group
SafeBootMin:64bit: sacsvr - Service
SafeBootMin:64bit: SCSI Class - Driver Group
SafeBootMin:64bit: System Bus Extender - Driver Group
SafeBootMin:64bit: vmms - Service
SafeBootMin:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: MCODS - Reg Error: Value error.
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet:64bit: AppMgmt - Service
SafeBootNet:64bit: Base - Driver Group
SafeBootNet:64bit: Boot Bus Extender - Driver Group
SafeBootNet:64bit: Boot file system - Driver Group
SafeBootNet:64bit: File system - Driver Group
SafeBootNet:64bit: Filter - Driver Group
SafeBootNet:64bit: HelpSvc - Service
SafeBootNet:64bit: MCODS - Reg Error: Value error.
SafeBootNet:64bit: Messenger - Service
SafeBootNet:64bit: NDIS Wrapper - Driver Group
SafeBootNet:64bit: NetBIOSGroup - Driver Group
SafeBootNet:64bit: NetDDEGroup - Driver Group
SafeBootNet:64bit: Network - Driver Group
SafeBootNet:64bit: NetworkProvider - Driver Group
SafeBootNet:64bit: PCI Configuration - Driver Group
SafeBootNet:64bit: PNP Filter - Driver Group
SafeBootNet:64bit: PNP_TDI - Driver Group
SafeBootNet:64bit: Primary disk - Driver Group
SafeBootNet:64bit: rdsessmgr - Service
SafeBootNet:64bit: sacsvr - Service
SafeBootNet:64bit: SCSI Class - Driver Group
SafeBootNet:64bit: Streams Drivers - Driver Group
SafeBootNet:64bit: System Bus Extender - Driver Group
SafeBootNet:64bit: TDI - Driver Group
SafeBootNet:64bit: vmms - Service
SafeBootNet:64bit: WudfUsbccidDriver - Driver
SafeBootNet:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet:64bit: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet:64bit: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet:64bit: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet:64bit: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet:64bit: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: MCODS - Reg Error: Value error.
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vmms - Service
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP
Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
========== Files/Folders - Created Within 30 Days ==========
[2012.06.17 13:34:51 | 000,000,000 | ---D | C] -- C:\Users\Judith\Desktop\100612 - Kopie
[2012.06.17 13:30:35 | 000,000,000 | ---D | C] -- C:\Users\Judith\Desktop\verschluesselte Dateien
[2012.06.16 22:57:14 | 000,000,000 | ---D | C] -- C:\Users\Judith\Desktop\100612
[2012.06.15 22:16:48 | 000,000,000 | ---D | C] -- C:\Users\Judith\Desktop\shadow
[2012.06.15 22:15:15 | 000,000,000 | ---D | C] -- C:\Users\Judith\AppData\Roaming\www.shadowexplorer.com
[2012.06.15 22:14:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ShadowExplorer
[2012.06.15 22:14:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ShadowExplorer
[2012.06.15 20:55:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET
[2012.06.13 17:06:07 | 000,000,000 | ---D | C] -- C:\Users\Judith\Desktop\für tb
[2012.06.12 20:30:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip
[2012.06.12 20:30:18 | 000,000,000 | ---D | C] -- C:\ProgramData\WinZip
[2012.06.12 20:30:14 | 000,000,000 | ---D | C] -- C:\Program Files\WinZip
[2012.06.12 12:39:29 | 000,000,000 | ---D | C] -- C:\Users\Judith\AppData\Roaming\Malwarebytes
[2012.06.12 12:39:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.06.12 12:39:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.06.12 12:39:12 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012.06.12 12:39:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012.06.12 10:33:15 | 000,000,000 | ---D | C] -- C:\Users\Judith\Szsrxdtff
[2012.05.26 20:44:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
========== Files - Modified Within 30 Days ==========
[2012.06.18 12:53:45 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.06.18 12:52:01 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.06.18 12:44:16 | 001,498,506 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.06.18 12:44:16 | 000,654,166 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.06.18 12:44:16 | 000,616,008 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.06.18 12:44:16 | 000,130,006 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.06.18 12:44:16 | 000,106,388 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.06.18 12:41:59 | 000,001,110 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.06.18 12:41:28 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.06.17 19:22:25 | 000,016,752 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.06.17 19:22:25 | 000,016,752 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.06.17 19:14:16 | 1392,693,248 | -HS- | M] () -- C:\hiberfil.sys
[2012.06.16 13:30:59 | 000,303,904 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012.06.15 22:14:55 | 000,001,889 | ---- | M] () -- C:\Users\Judith\Desktop\ShadowExplorer.lnk
[2012.06.12 20:30:39 | 000,002,193 | ---- | M] () -- C:\Users\Public\Desktop\WinZip.lnk
[2012.06.12 19:41:10 | 000,000,000 | ---- | M] () -- C:\Users\Judith\defogger_reenable
[2012.06.12 12:39:15 | 000,001,113 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.06.12 11:17:28 | 000,002,705 | ---- | M] () -- C:\Users\Public\Desktop\Microsoft Office PowerPoint 2007.lnk
[2012.05.26 20:44:00 | 000,002,098 | ---- | M] () -- C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
[2012.05.26 20:44:00 | 000,002,098 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
========== Files Created - No Company Name ==========
[2012.06.15 22:14:55 | 000,001,889 | ---- | C] () -- C:\Users\Judith\Desktop\ShadowExplorer.lnk
[2012.06.12 20:30:39 | 000,002,193 | ---- | C] () -- C:\Users\Public\Desktop\WinZip.lnk
[2012.06.12 19:41:10 | 000,000,000 | ---- | C] () -- C:\Users\Judith\defogger_reenable
[2012.06.12 12:39:15 | 000,001,113 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.06.12 11:17:28 | 000,002,705 | ---- | C] () -- C:\Users\Public\Desktop\Microsoft Office PowerPoint 2007.lnk
[2012.02.16 22:53:43 | 000,006,656 | ---- | C] () -- C:\Users\Judith\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.07.25 00:09:01 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2011.04.15 09:46:50 | 000,066,856 | ---- | C] () -- C:\Windows\SysWow64\SynTPEnhPS.dll
[2011.04.15 09:46:02 | 000,002,888 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2011.04.15 09:25:13 | 000,131,984 | ---- | C] () -- C:\ProgramData\FullRemove.exe
========== LOP Check ==========
[2011.11.19 14:51:45 | 000,000,000 | ---D | M] -- C:\Users\Judith\AppData\Roaming\Windows Live Writer
[2012.06.15 22:15:15 | 000,000,000 | ---D | M] -- C:\Users\Judith\AppData\Roaming\www.shadowexplorer.com
[2012.02.09 13:59:22 | 000,032,632 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
========== Custom Scans ==========
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2012.01.05 14:17:45 | 000,000,000 | ---D | M] -- C:\Users\Judith\AppData\Roaming\Adobe
[2011.12.03 17:25:47 | 000,000,000 | ---D | M] -- C:\Users\Judith\AppData\Roaming\Avira
[2010.11.21 04:51:08 | 000,000,000 | ---D | M] -- C:\Users\Judith\AppData\Roaming\Identities
[2011.04.15 10:33:18 | 000,000,000 | ---D | M] -- C:\Users\Judith\AppData\Roaming\Macromedia
[2012.06.12 12:39:29 | 000,000,000 | ---D | M] -- C:\Users\Judith\AppData\Roaming\Malwarebytes
[2012.06.15 22:31:15 | 000,000,000 | --SD | M] -- C:\Users\Judith\AppData\Roaming\Microsoft
[2011.12.13 23:01:49 | 000,000,000 | ---D | M] -- C:\Users\Judith\AppData\Roaming\Mozilla
[2011.11.19 14:51:45 | 000,000,000 | ---D | M] -- C:\Users\Judith\AppData\Roaming\Windows Live Writer
[2012.06.15 22:15:15 | 000,000,000 | ---D | M] -- C:\Users\Judith\AppData\Roaming\www.shadowexplorer.com
< %APPDATA%\*.exe /s >
< %SYSTEMDRIVE%\*.exe >
< MD5 for: AGP440.SYS >
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys
< MD5 for: ATAPI.SYS >
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
< MD5 for: CNGAUDIT.DLL >
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\SysNative\cngaudit.dll
[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll
< MD5 for: IASTORV.SYS >
[2010.11.21 05:23:47 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_668286aa35d55928\iaStorV.sys
[2010.11.21 05:23:47 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_0d3757e79e6784d0\iaStorV.sys
[2011.03.11 08:19:16 | 000,410,496 | ---- | M] (Intel Corporation) MD5=5B3DE7208E5000D5B451B9D290D2579C -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_0d714416b7c182d5\iaStorV.sys
[2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\drivers\iaStorV.sys
[2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0bcee2057afcc090\iaStorV.sys
[2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_0cf9793d9e95787b\iaStorV.sys
< MD5 for: NETLOGON.DLL >
[2010.11.21 05:24:01 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\SysNative\netlogon.dll
[2010.11.21 05:24:01 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll
[2010.11.21 05:24:09 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SysWOW64\netlogon.dll
[2010.11.21 05:24:09 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll
< MD5 for: NVSTOR.SYS >
[2011.03.11 08:19:21 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys
[2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\drivers\nvstor.sys
[2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvstor.sys
[2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys
[2010.11.21 05:23:47 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvstor.sys
[2010.11.21 05:23:47 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvstor.sys
< MD5 for: SCECLI.DLL >
[2010.11.21 05:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010.11.21 05:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010.11.21 05:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010.11.21 05:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll
< MD5 for: USER32.DLL >
[2010.11.21 05:24:20 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\SysWOW64\user32.dll
[2010.11.21 05:24:20 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_35b31c02b85ccb6e\user32.dll
[2010.11.21 05:24:09 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\SysNative\user32.dll
[2010.11.21 05:24:09 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_2b5e71b083fc0973\user32.dll
< MD5 for: USERINIT.EXE >
[2010.11.21 05:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.21 05:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2010.11.21 05:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010.11.21 05:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe
< MD5 for: WININIT.EXE >
[2009.07.14 03:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\SysNative\wininit.exe
[2009.07.14 03:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\winsxs\amd64_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_8ce7aa761e01ad49\wininit.exe
[2009.07.14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\SysWOW64\wininit.exe
[2009.07.14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe
< MD5 for: WINLOGON.EXE >
[2012.04.04 15:56:38 | 000,199,240 | ---- | M] () MD5=097D0E812D7A9A3101CE46CB2BE0474D -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2010.11.21 05:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010.11.21 05:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
< MD5 for: WS2IFSL.SYS >
[2009.07.14 02:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\SysNative\drivers\ws2ifsl.sys
[2009.07.14 02:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\winsxs\amd64_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_ab7b927be17eace8\ws2ifsl.sys
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
< >
< End of report >
Judith |
|
18.06.2012, 14:16
| #8 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Verschlüsselungstrojaner Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten Anleitung und Downloadlink hier => http://www.trojaner-board.de/82358-t...entfernen.html Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm! Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet, Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten. Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition (meistens Laufwerk C nach, da speichert der TDSS-Killer seine Logs.Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten! 
__________________ Logfiles bitte immer in CODE-Tags posten |
|
18.06.2012, 22:44
| #9 |
| | VerschlüsselungstrojanerCode:
ATTFilter 23:38:34.0314 4864 TDSS rootkit removing tool 2.7.40.0 Jun 15 2012 15:13:31
23:38:34.0728 4864 ============================================================
23:38:34.0728 4864 Current date / time: 2012/06/18 23:38:34.0728
23:38:34.0728 4864 SystemInfo:
23:38:34.0728 4864
23:38:34.0728 4864 OS Version: 6.1.7601 ServicePack: 1.0
23:38:34.0728 4864 Product type: Workstation
23:38:34.0729 4864 ComputerName: JUDITH-PC
23:38:34.0729 4864 UserName: Judith
23:38:34.0729 4864 Windows directory: C:\Windows
23:38:34.0729 4864 System windows directory: C:\Windows
23:38:34.0729 4864 Running under WOW64
23:38:34.0729 4864 Processor architecture: Intel x64
23:38:34.0729 4864 Number of processors: 2
23:38:34.0729 4864 Page size: 0x1000
23:38:34.0729 4864 Boot type: Normal boot
23:38:34.0729 4864 ============================================================
23:38:37.0329 4864 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
23:38:37.0352 4864 ============================================================
23:38:37.0352 4864 \Device\Harddisk0\DR0:
23:38:37.0353 4864 MBR partitions:
23:38:37.0353 4864 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x1C00800, BlocksNum 0x32000
23:38:37.0353 4864 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1C32800, BlocksNum 0x237FB800
23:38:37.0353 4864 ============================================================
23:38:37.0381 4864 C: <-> \Device\Harddisk0\DR0\Partition1
23:38:37.0391 4864 ============================================================
23:38:37.0392 4864 Initialize success
23:38:37.0392 4864 ============================================================
23:39:22.0966 3868 ============================================================
23:39:22.0966 3868 Scan started
23:39:22.0966 3868 Mode: Manual; SigCheck; TDLFS;
23:39:22.0966 3868 ============================================================
23:39:23.0977 3868 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
23:39:24.0452 3868 1394ohci - ok
23:39:24.0513 3868 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
23:39:24.0572 3868 ACPI - ok
23:39:24.0608 3868 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
23:39:24.0715 3868 AcpiPmi - ok
23:39:24.0819 3868 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
23:39:24.0905 3868 AdobeARMservice - ok
23:39:25.0048 3868 AdobeFlashPlayerUpdateSvc (76d5a3d2a50402a0b9b6ed13c4371e79) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
23:39:25.0093 3868 AdobeFlashPlayerUpdateSvc - ok
23:39:25.0165 3868 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
23:39:25.0231 3868 adp94xx - ok
23:39:25.0303 3868 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
23:39:25.0403 3868 adpahci - ok
23:39:25.0435 3868 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
23:39:25.0475 3868 adpu320 - ok
23:39:25.0513 3868 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
23:39:25.0773 3868 AeLookupSvc - ok
23:39:25.0862 3868 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
23:39:25.0970 3868 AFD - ok
23:39:26.0020 3868 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
23:39:26.0064 3868 agp440 - ok
23:39:26.0090 3868 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
23:39:26.0188 3868 ALG - ok
23:39:26.0212 3868 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
23:39:26.0245 3868 aliide - ok
23:39:26.0297 3868 AMD External Events Utility (0497e13936e43065c85be3c9cdc0258b) C:\Windows\system32\atiesrxx.exe
23:39:26.0426 3868 AMD External Events Utility - ok
23:39:26.0440 3868 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
23:39:26.0474 3868 amdide - ok
23:39:26.0499 3868 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
23:39:26.0579 3868 AmdK8 - ok
23:39:27.0212 3868 amdkmdag (679999d8808c1784dcb9bd59c19ae32f) C:\Windows\system32\DRIVERS\atikmdag.sys
23:39:27.0638 3868 amdkmdag - ok
23:39:27.0797 3868 amdkmdap (a4769eaf3936da861b9b1c9e5bd2fc52) C:\Windows\system32\DRIVERS\atikmpag.sys
23:39:27.0892 3868 amdkmdap - ok
23:39:27.0935 3868 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
23:39:28.0011 3868 AmdPPM - ok
23:39:28.0055 3868 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
23:39:28.0093 3868 amdsata - ok
23:39:28.0126 3868 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
23:39:28.0174 3868 amdsbs - ok
23:39:28.0195 3868 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
23:39:28.0229 3868 amdxata - ok
23:39:28.0328 3868 AntiVirSchedulerService (466a0d95960dad3222c896d2cea99993) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
23:39:28.0379 3868 AntiVirSchedulerService - ok
23:39:28.0414 3868 AntiVirService (a489be6bb0aa1ff406b488b60542314b) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
23:39:28.0453 3868 AntiVirService - ok
23:39:28.0477 3868 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
23:39:28.0698 3868 AppID - ok
23:39:28.0729 3868 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
23:39:28.0849 3868 AppIDSvc - ok
23:39:28.0886 3868 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
23:39:29.0012 3868 Appinfo - ok
23:39:29.0033 3868 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
23:39:29.0069 3868 arc - ok
23:39:29.0090 3868 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
23:39:29.0127 3868 arcsas - ok
23:39:29.0143 3868 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
23:39:29.0267 3868 AsyncMac - ok
23:39:29.0286 3868 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
23:39:29.0319 3868 atapi - ok
23:39:29.0382 3868 AtiHDAudioService (4bf5bca6e2608cd8a00bc4a6673a9f47) C:\Windows\system32\drivers\AtihdW76.sys
23:39:29.0524 3868 AtiHDAudioService - ok
23:39:29.0633 3868 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
23:39:29.0801 3868 AudioEndpointBuilder - ok
23:39:29.0821 3868 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
23:39:29.0940 3868 AudioSrv - ok
23:39:29.0985 3868 avgntflt (26e38b5a58c6c55fafbc563eeddb0867) C:\Windows\system32\DRIVERS\avgntflt.sys
23:39:30.0018 3868 avgntflt - ok
23:39:30.0049 3868 avipbb (9d1f00beff84cbbf46d7f052bc7e0565) C:\Windows\system32\DRIVERS\avipbb.sys
23:39:30.0096 3868 avipbb - ok
23:39:30.0113 3868 avkmgr (248db59fc86de44d2779f4c7fb1a567d) C:\Windows\system32\DRIVERS\avkmgr.sys
23:39:30.0144 3868 avkmgr - ok
23:39:30.0188 3868 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
23:39:30.0341 3868 AxInstSV - ok
23:39:30.0417 3868 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
23:39:30.0525 3868 b06bdrv - ok
23:39:30.0590 3868 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
23:39:30.0682 3868 b57nd60a - ok
23:39:30.0802 3868 BBSvc (93ee7d9c35ae7e9ffda148d7805f1421) C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
23:39:30.0867 3868 BBSvc - ok
23:39:31.0290 3868 BCM43XX (85111026f1c5a1c4cce3697f0da7bc1a) C:\Windows\system32\DRIVERS\bcmwl664.sys
23:39:31.0589 3868 BCM43XX - ok
23:39:31.0740 3868 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
23:39:31.0832 3868 BDESVC - ok
23:39:31.0879 3868 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
23:39:32.0025 3868 Beep - ok
23:39:32.0113 3868 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
23:39:32.0267 3868 BFE - ok
23:39:32.0354 3868 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
23:39:32.0588 3868 BITS - ok
23:39:32.0660 3868 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\drivers\blbdrive.sys
23:39:32.0714 3868 blbdrive - ok
23:39:32.0757 3868 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
23:39:32.0842 3868 bowser - ok
23:39:32.0872 3868 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
23:39:32.0940 3868 BrFiltLo - ok
23:39:32.0954 3868 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
23:39:33.0001 3868 BrFiltUp - ok
23:39:33.0037 3868 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
23:39:33.0181 3868 Browser - ok
23:39:33.0238 3868 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\system32\DRIVERS\BrSerId.sys
23:39:33.0325 3868 Brserid - ok
23:39:33.0342 3868 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
23:39:33.0396 3868 BrSerWdm - ok
23:39:33.0407 3868 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
23:39:33.0457 3868 BrUsbMdm - ok
23:39:33.0468 3868 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\system32\DRIVERS\BrUsbSer.sys
23:39:33.0513 3868 BrUsbSer - ok
23:39:33.0546 3868 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys
23:39:33.0621 3868 BTHMODEM - ok
23:39:33.0697 3868 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
23:39:33.0817 3868 bthserv - ok
23:39:33.0849 3868 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
23:39:33.0998 3868 cdfs - ok
23:39:34.0038 3868 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys
23:39:34.0088 3868 cdrom - ok
23:39:34.0120 3868 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
23:39:34.0287 3868 CertPropSvc - ok
23:39:34.0304 3868 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
23:39:34.0371 3868 circlass - ok
23:39:34.0415 3868 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
23:39:34.0478 3868 CLFS - ok
23:39:34.0574 3868 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
23:39:34.0615 3868 clr_optimization_v2.0.50727_32 - ok
23:39:34.0655 3868 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
23:39:34.0688 3868 clr_optimization_v2.0.50727_64 - ok
23:39:34.0781 3868 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
23:39:34.0826 3868 clr_optimization_v4.0.30319_32 - ok
23:39:34.0867 3868 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
23:39:34.0909 3868 clr_optimization_v4.0.30319_64 - ok
23:39:34.0952 3868 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys
23:39:34.0999 3868 CmBatt - ok
23:39:35.0023 3868 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
23:39:35.0058 3868 cmdide - ok
23:39:35.0133 3868 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
23:39:35.0245 3868 CNG - ok
23:39:35.0422 3868 CnxtHdAudService (64ee11cbf385ca6f170fbe93b329b4e0) C:\Windows\system32\drivers\CHDRT64.sys
23:39:35.0554 3868 CnxtHdAudService - ok
23:39:35.0705 3868 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys
23:39:35.0748 3868 Compbatt - ok
23:39:35.0771 3868 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
23:39:35.0831 3868 CompositeBus - ok
23:39:35.0845 3868 COMSysApp - ok
23:39:35.0871 3868 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
23:39:35.0905 3868 crcdisk - ok
23:39:35.0979 3868 CryptSvc (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll
23:39:36.0059 3868 CryptSvc - ok
23:39:36.0118 3868 CxAudMsg (9d0d050170d47e778b624a28c90f23de) C:\Windows\system32\CxAudMsg64.exe
23:39:36.0167 3868 CxAudMsg - ok
23:39:36.0233 3868 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
23:39:36.0419 3868 DcomLaunch - ok
23:39:36.0478 3868 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
23:39:36.0645 3868 defragsvc - ok
23:39:36.0672 3868 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
23:39:36.0793 3868 DfsC - ok
23:39:36.0859 3868 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
23:39:36.0999 3868 Dhcp - ok
23:39:37.0018 3868 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
23:39:37.0135 3868 discache - ok
23:39:37.0172 3868 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
23:39:37.0211 3868 Disk - ok
23:39:37.0260 3868 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
23:39:37.0337 3868 Dnscache - ok
23:39:37.0394 3868 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
23:39:37.0531 3868 dot3svc - ok
23:39:37.0580 3868 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
23:39:37.0709 3868 DPS - ok
23:39:37.0746 3868 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
23:39:37.0805 3868 drmkaud - ok
23:39:37.0939 3868 DsiWMIService (4ab2a58816cc6be771f1d8c768b804c5) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
23:39:38.0004 3868 DsiWMIService - ok
23:39:38.0107 3868 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
23:39:38.0207 3868 DXGKrnl - ok
23:39:38.0303 3868 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
23:39:38.0442 3868 EapHost - ok
23:39:38.0727 3868 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
23:39:38.0917 3868 ebdrv - ok
23:39:39.0047 3868 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
23:39:39.0133 3868 EFS - ok
23:39:39.0220 3868 EgisTec Ticket Service (03e6888da1a85acf14ac2a3c328a9e62) C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe
23:39:39.0273 3868 EgisTec Ticket Service - ok
23:39:39.0392 3868 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
23:39:39.0513 3868 ehRecvr - ok
23:39:39.0538 3868 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
23:39:39.0592 3868 ehSched - ok
23:39:39.0709 3868 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
23:39:39.0782 3868 elxstor - ok
23:39:39.0921 3868 ePowerSvc (753fad8fd476116fa93799b0db77702b) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
23:39:40.0010 3868 ePowerSvc - ok
23:39:40.0098 3868 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
23:39:40.0157 3868 ErrDev - ok
23:39:40.0228 3868 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
23:39:40.0387 3868 EventSystem - ok
23:39:40.0422 3868 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
23:39:40.0553 3868 exfat - ok
23:39:40.0633 3868 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
23:39:40.0801 3868 fastfat - ok
23:39:40.0903 3868 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
23:39:41.0008 3868 Fax - ok
23:39:41.0021 3868 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
23:39:41.0069 3868 fdc - ok
23:39:41.0089 3868 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
23:39:41.0223 3868 fdPHost - ok
23:39:41.0246 3868 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
23:39:41.0359 3868 FDResPub - ok
23:39:41.0408 3868 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
23:39:41.0446 3868 FileInfo - ok
23:39:41.0467 3868 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
23:39:41.0593 3868 Filetrace - ok
23:39:41.0604 3868 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
23:39:41.0640 3868 flpydisk - ok
23:39:41.0687 3868 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
23:39:41.0746 3868 FltMgr - ok
23:39:41.0877 3868 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
23:39:42.0001 3868 FontCache - ok
23:39:42.0099 3868 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
23:39:42.0133 3868 FontCache3.0.0.0 - ok
23:39:42.0191 3868 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
23:39:42.0228 3868 FsDepends - ok
23:39:42.0278 3868 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
23:39:42.0314 3868 Fs_Rec - ok
23:39:42.0367 3868 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
23:39:42.0432 3868 fvevol - ok
23:39:42.0459 3868 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
23:39:42.0495 3868 gagp30kx - ok
23:39:42.0580 3868 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
23:39:42.0728 3868 gpsvc - ok
23:39:42.0804 3868 GREGService (0191dee9b9eb7902af2cf4f67301095d) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
23:39:42.0840 3868 GREGService - ok
23:39:42.0909 3868 gupdate (506708142bc63daba64f2d3ad1dcd5bf) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
23:39:42.0948 3868 gupdate - ok
23:39:42.0972 3868 gupdatem (506708142bc63daba64f2d3ad1dcd5bf) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
23:39:43.0007 3868 gupdatem - ok
23:39:43.0034 3868 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
23:39:43.0108 3868 hcw85cir - ok
23:39:43.0154 3868 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
23:39:43.0244 3868 HdAudAddService - ok
23:39:43.0765 3868 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
23:39:43.0876 3868 HDAudBus - ok
23:39:43.0888 3868 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
23:39:43.0934 3868 HidBatt - ok
23:39:43.0953 3868 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
23:39:44.0032 3868 HidBth - ok
23:39:44.0046 3868 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
23:39:44.0090 3868 HidIr - ok
23:39:44.0114 3868 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
23:39:44.0234 3868 hidserv - ok
23:39:44.0262 3868 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
23:39:44.0303 3868 HidUsb - ok
23:39:44.0338 3868 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
23:39:44.0467 3868 hkmsvc - ok
23:39:44.0509 3868 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
23:39:44.0597 3868 HomeGroupListener - ok
23:39:44.0657 3868 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
23:39:44.0732 3868 HomeGroupProvider - ok
23:39:44.0762 3868 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
23:39:44.0802 3868 HpSAMD - ok
23:39:44.0880 3868 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
23:39:45.0037 3868 HTTP - ok
23:39:45.0072 3868 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
23:39:45.0105 3868 hwpolicy - ok
23:39:45.0156 3868 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
23:39:45.0194 3868 i8042prt - ok
23:39:45.0264 3868 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
23:39:45.0355 3868 iaStorV - ok
23:39:45.0479 3868 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
23:39:45.0562 3868 idsvc - ok
23:39:45.0591 3868 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
23:39:45.0627 3868 iirsp - ok
23:39:45.0723 3868 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
23:39:45.0886 3868 IKEEXT - ok
23:39:45.0903 3868 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
23:39:45.0936 3868 intelide - ok
23:39:45.0966 3868 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\drivers\intelppm.sys
23:39:46.0009 3868 intelppm - ok
23:39:46.0032 3868 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
23:39:46.0167 3868 IPBusEnum - ok
23:39:46.0186 3868 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
23:39:46.0288 3868 IpFilterDriver - ok
23:39:46.0351 3868 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
23:39:46.0500 3868 iphlpsvc - ok
23:39:46.0518 3868 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
23:39:46.0557 3868 IPMIDRV - ok
23:39:46.0587 3868 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
23:39:46.0699 3868 IPNAT - ok
23:39:46.0733 3868 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
23:39:46.0783 3868 IRENUM - ok
23:39:46.0795 3868 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
23:39:46.0827 3868 isapnp - ok
23:39:46.0871 3868 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
23:39:46.0927 3868 iScsiPrt - ok
23:39:46.0954 3868 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
23:39:46.0990 3868 kbdclass - ok
23:39:47.0004 3868 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
23:39:47.0055 3868 kbdhid - ok
23:39:47.0095 3868 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
23:39:47.0128 3868 KeyIso - ok
23:39:47.0152 3868 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
23:39:47.0189 3868 KSecDD - ok
23:39:47.0239 3868 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
23:39:47.0290 3868 KSecPkg - ok
23:39:47.0320 3868 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
23:39:47.0442 3868 ksthunk - ok
23:39:47.0516 3868 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
23:39:47.0652 3868 KtmRm - ok
23:39:47.0689 3868 L1C (6dd5383c9413aae3113faf89e345663d) C:\Windows\system32\DRIVERS\L1C62x64.sys
23:39:47.0719 3868 L1C - ok
23:39:47.0771 3868 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
23:39:47.0908 3868 LanmanServer - ok
23:39:47.0947 3868 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
23:39:48.0084 3868 LanmanWorkstation - ok
23:39:48.0182 3868 Live Updater Service (6bcee9c766815bfff89de7d81af34ce1) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
23:39:48.0235 3868 Live Updater Service - ok
23:39:48.0278 3868 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
23:39:48.0403 3868 lltdio - ok
23:39:48.0466 3868 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
23:39:48.0596 3868 lltdsvc - ok
23:39:48.0617 3868 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
23:39:48.0747 3868 lmhosts - ok
23:39:48.0812 3868 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
23:39:48.0870 3868 LSI_FC - ok
23:39:48.0891 3868 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
23:39:48.0941 3868 LSI_SAS - ok
23:39:48.0956 3868 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
23:39:48.0993 3868 LSI_SAS2 - ok
23:39:49.0017 3868 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
23:39:49.0055 3868 LSI_SCSI - ok
23:39:49.0110 3868 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
23:39:49.0251 3868 luafv - ok
23:39:49.0327 3868 MBAMProtector (dbc08862a71459e74f7538b432c114cc) C:\Windows\system32\drivers\mbam.sys
23:39:49.0370 3868 MBAMProtector - ok
23:39:49.0501 3868 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
23:39:49.0578 3868 MBAMService - ok
23:39:49.0691 3868 McComponentHostService (22a7776c5d8eb5930edf9c8dd0884259) C:\Program Files (x86)\McAfee Security Scan\3.0.207\McCHSvc.exe
23:39:49.0747 3868 McComponentHostService - ok
23:39:49.0783 3868 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
23:39:49.0836 3868 Mcx2Svc - ok
23:39:49.0861 3868 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
23:39:49.0896 3868 megasas - ok
23:39:49.0954 3868 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
23:39:50.0008 3868 MegaSR - ok
23:39:50.0039 3868 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
23:39:50.0154 3868 MMCSS - ok
23:39:50.0171 3868 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
23:39:50.0284 3868 Modem - ok
23:39:50.0305 3868 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
23:39:50.0355 3868 monitor - ok
23:39:50.0379 3868 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
23:39:50.0414 3868 mouclass - ok
23:39:50.0442 3868 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
23:39:50.0488 3868 mouhid - ok
23:39:50.0514 3868 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
23:39:50.0551 3868 mountmgr - ok
23:39:50.0621 3868 MozillaMaintenance (96aa8ba23142cc8e2b30f3cae0c80254) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
23:39:50.0671 3868 MozillaMaintenance - ok
23:39:50.0698 3868 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
23:39:50.0747 3868 mpio - ok
23:39:50.0782 3868 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
23:39:50.0886 3868 mpsdrv - ok
23:39:50.0984 3868 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
23:39:51.0189 3868 MpsSvc - ok
23:39:51.0222 3868 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
23:39:51.0288 3868 MRxDAV - ok
23:39:51.0328 3868 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
23:39:51.0439 3868 mrxsmb - ok
23:39:51.0482 3868 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
23:39:51.0546 3868 mrxsmb10 - ok
23:39:51.0588 3868 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
23:39:51.0642 3868 mrxsmb20 - ok
23:39:51.0684 3868 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
23:39:51.0716 3868 msahci - ok
23:39:51.0746 3868 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
23:39:51.0796 3868 msdsm - ok
23:39:51.0838 3868 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
23:39:51.0889 3868 MSDTC - ok
23:39:51.0929 3868 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
23:39:52.0034 3868 Msfs - ok
23:39:52.0053 3868 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
23:39:52.0164 3868 mshidkmdf - ok
23:39:52.0188 3868 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
23:39:52.0222 3868 msisadrv - ok
23:39:52.0265 3868 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
23:39:52.0387 3868 MSiSCSI - ok
23:39:52.0396 3868 msiserver - ok
23:39:52.0419 3868 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
23:39:52.0535 3868 MSKSSRV - ok
23:39:52.0549 3868 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
23:39:52.0661 3868 MSPCLOCK - ok
23:39:52.0671 3868 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
23:39:52.0778 3868 MSPQM - ok
23:39:52.0829 3868 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
23:39:52.0891 3868 MsRPC - ok
23:39:52.0916 3868 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
23:39:52.0950 3868 mssmbios - ok
23:39:52.0960 3868 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
23:39:53.0069 3868 MSTEE - ok
23:39:53.0080 3868 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
23:39:53.0115 3868 MTConfig - ok
23:39:53.0142 3868 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
23:39:53.0177 3868 Mup - ok
23:39:53.0220 3868 mwlPSDFilter (9b1eac6faf6f37305e822f5588dc8056) C:\Windows\system32\DRIVERS\mwlPSDFilter.sys
23:39:53.0248 3868 mwlPSDFilter - ok
23:39:53.0274 3868 mwlPSDNServ (ad55c1524b296280ed9c6e0d730d35da) C:\Windows\system32\DRIVERS\mwlPSDNServ.sys
23:39:53.0303 3868 mwlPSDNServ - ok
23:39:53.0328 3868 mwlPSDVDisk (2b599e6ec8843637bdd62e7f8f3ba201) C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys
23:39:53.0358 3868 mwlPSDVDisk - ok
23:39:53.0427 3868 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
23:39:53.0564 3868 napagent - ok
23:39:53.0614 3868 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
23:39:53.0697 3868 NativeWifiP - ok
23:39:53.0802 3868 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
23:39:53.0904 3868 NDIS - ok
23:39:53.0926 3868 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
23:39:54.0034 3868 NdisCap - ok
23:39:54.0065 3868 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
23:39:54.0168 3868 NdisTapi - ok
23:39:54.0205 3868 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
23:39:54.0320 3868 Ndisuio - ok
23:39:54.0351 3868 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
23:39:54.0479 3868 NdisWan - ok
23:39:54.0505 3868 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
23:39:54.0608 3868 NDProxy - ok
23:39:54.0626 3868 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
23:39:54.0742 3868 NetBIOS - ok
23:39:54.0783 3868 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
23:39:54.0902 3868 NetBT - ok
23:39:54.0943 3868 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
23:39:54.0994 3868 Netlogon - ok
23:39:55.0064 3868 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
23:39:55.0208 3868 Netman - ok
23:39:55.0272 3868 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
23:39:55.0419 3868 netprofm - ok
23:39:55.0512 3868 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
23:39:55.0556 3868 NetTcpPortSharing - ok
23:39:55.0610 3868 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
23:39:55.0645 3868 nfrd960 - ok
23:39:55.0715 3868 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
23:39:55.0850 3868 NlaSvc - ok
23:39:55.0878 3868 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
23:39:55.0982 3868 Npfs - ok
23:39:56.0003 3868 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
23:39:56.0116 3868 nsi - ok
23:39:56.0139 3868 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
23:39:56.0243 3868 nsiproxy - ok
23:39:56.0413 3868 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
23:39:56.0564 3868 Ntfs - ok
23:39:56.0705 3868 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
23:39:56.0819 3868 Null - ok
23:39:56.0858 3868 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
23:39:56.0906 3868 nvraid - ok
23:39:56.0938 3868 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
23:39:56.0986 3868 nvstor - ok
23:39:57.0018 3868 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
23:39:57.0067 3868 nv_agp - ok
23:39:57.0190 3868 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
23:39:57.0271 3868 odserv - ok
23:39:57.0292 3868 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
23:39:57.0373 3868 ohci1394 - ok
23:39:57.0421 3868 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
23:39:57.0474 3868 ose - ok
23:39:57.0535 3868 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
23:39:57.0627 3868 p2pimsvc - ok
23:39:57.0677 3868 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
23:39:57.0736 3868 p2psvc - ok
23:39:57.0758 3868 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys
23:39:57.0798 3868 Parport - ok
23:39:57.0845 3868 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
23:39:57.0881 3868 partmgr - ok
23:39:57.0910 3868 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
23:39:57.0993 3868 PcaSvc - ok
23:39:58.0023 3868 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
23:39:58.0072 3868 pci - ok
23:39:58.0093 3868 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
23:39:58.0127 3868 pciide - ok
23:39:58.0165 3868 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
23:39:58.0215 3868 pcmcia - ok
23:39:58.0254 3868 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
23:39:58.0292 3868 pcw - ok
23:39:58.0361 3868 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
23:39:58.0519 3868 PEAUTH - ok
23:39:58.0613 3868 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
23:39:58.0669 3868 PerfHost - ok
23:39:58.0828 3868 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
23:39:59.0013 3868 pla - ok
23:39:59.0092 3868 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
23:39:59.0173 3868 PlugPlay - ok
23:39:59.0198 3868 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
23:39:59.0244 3868 PNRPAutoReg - ok
23:39:59.0294 3868 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
23:39:59.0341 3868 PNRPsvc - ok
23:39:59.0420 3868 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
23:39:59.0568 3868 PolicyAgent - ok
23:39:59.0607 3868 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
23:39:59.0762 3868 Power - ok
23:39:59.0829 3868 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
23:39:59.0947 3868 PptpMiniport - ok
23:39:59.0976 3868 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
23:40:00.0022 3868 Processor - ok
23:40:00.0073 3868 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll
23:40:00.0182 3868 ProfSvc - ok
23:40:00.0220 3868 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
23:40:00.0258 3868 ProtectedStorage - ok
23:40:00.0294 3868 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
23:40:00.0424 3868 Psched - ok
23:40:00.0558 3868 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
23:40:00.0688 3868 ql2300 - ok
23:40:00.0831 3868 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
23:40:00.0875 3868 ql40xx - ok
23:40:00.0920 3868 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
23:40:00.0995 3868 QWAVE - ok
23:40:01.0016 3868 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
23:40:01.0077 3868 QWAVEdrv - ok
23:40:01.0088 3868 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
23:40:01.0201 3868 RasAcd - ok
23:40:01.0257 3868 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
23:40:01.0364 3868 RasAgileVpn - ok
23:40:01.0419 3868 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
23:40:01.0555 3868 RasAuto - ok
23:40:01.0590 3868 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
23:40:01.0720 3868 Rasl2tp - ok
23:40:01.0781 3868 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
23:40:01.0914 3868 RasMan - ok
23:40:01.0939 3868 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
23:40:02.0060 3868 RasPppoe - ok
23:40:02.0119 3868 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
23:40:02.0242 3868 RasSstp - ok
23:40:02.0289 3868 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
23:40:02.0426 3868 rdbss - ok
23:40:02.0446 3868 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys
23:40:02.0491 3868 rdpbus - ok
23:40:02.0508 3868 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
23:40:02.0614 3868 RDPCDD - ok
23:40:02.0638 3868 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
23:40:02.0755 3868 RDPENCDD - ok
23:40:02.0778 3868 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
23:40:02.0882 3868 RDPREFMP - ok
23:40:02.0923 3868 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys
23:40:02.0993 3868 RDPWD - ok
23:40:03.0031 3868 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
23:40:03.0073 3868 rdyboost - ok
23:40:03.0133 3868 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
23:40:03.0263 3868 RemoteAccess - ok
23:40:03.0310 3868 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
23:40:03.0437 3868 RemoteRegistry - ok
23:40:03.0465 3868 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
23:40:03.0592 3868 RpcEptMapper - ok
23:40:03.0609 3868 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
23:40:03.0661 3868 RpcLocator - ok
23:40:03.0716 3868 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
23:40:03.0835 3868 RpcSs - ok
23:40:03.0891 3868 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
23:40:03.0998 3868 rspndr - ok
23:40:04.0066 3868 RSUSBSTOR (135a64530d7699ad48f29d73a658dd11) C:\Windows\System32\Drivers\RtsUStor.sys
23:40:04.0112 3868 RSUSBSTOR - ok
23:40:04.0200 3868 RS_Service (7cb9f0fdd730f4a4ecf6cde15ea12e8a) C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe
23:40:04.0258 3868 RS_Service - ok
23:40:04.0299 3868 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
23:40:04.0336 3868 SamSs - ok
23:40:04.0366 3868 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
23:40:04.0405 3868 sbp2port - ok
23:40:04.0455 3868 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
23:40:04.0584 3868 SCardSvr - ok
23:40:04.0612 3868 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
23:40:04.0724 3868 scfilter - ok
23:40:04.0853 3868 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
23:40:05.0025 3868 Schedule - ok
23:40:05.0066 3868 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
23:40:05.0169 3868 SCPolicySvc - ok
23:40:05.0207 3868 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
23:40:05.0281 3868 SDRSVC - ok
23:40:05.0394 3868 SeaPort (cc781378e7eda615d2cdca3b17829fa4) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
23:40:05.0461 3868 SeaPort - ok
23:40:05.0524 3868 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
23:40:05.0660 3868 secdrv - ok
23:40:05.0706 3868 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
23:40:05.0812 3868 seclogon - ok
23:40:05.0847 3868 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
23:40:05.0987 3868 SENS - ok
23:40:06.0012 3868 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
23:40:06.0104 3868 SensrSvc - ok
23:40:06.0147 3868 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys
23:40:06.0200 3868 Serenum - ok
23:40:06.0232 3868 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys
23:40:06.0309 3868 Serial - ok
23:40:06.0347 3868 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
23:40:06.0425 3868 sermouse - ok
23:40:06.0489 3868 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
23:40:06.0688 3868 SessionEnv - ok
23:40:06.0760 3868 sesvc (4c99e251d89c95dcaaa26f9243747c99) C:\Program Files (x86)\ShadowExplorer\sesvc.exe
23:40:06.0784 3868 sesvc ( UnsignedFile.Multi.Generic ) - warning
23:40:06.0784 3868 sesvc - detected UnsignedFile.Multi.Generic (1)
23:40:06.0799 3868 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
23:40:06.0857 3868 sffdisk - ok
23:40:06.0890 3868 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
23:40:06.0966 3868 sffp_mmc - ok
23:40:06.0979 3868 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
23:40:07.0043 3868 sffp_sd - ok
23:40:07.0056 3868 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
23:40:07.0120 3868 sfloppy - ok
23:40:07.0217 3868 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
23:40:07.0383 3868 SharedAccess - ok
23:40:07.0445 3868 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
23:40:07.0607 3868 ShellHWDetection - ok
23:40:07.0631 3868 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
23:40:07.0666 3868 SiSRaid2 - ok
23:40:07.0695 3868 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
23:40:07.0732 3868 SiSRaid4 - ok
23:40:07.0764 3868 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
23:40:07.0905 3868 Smb - ok
23:40:07.0956 3868 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
23:40:07.0999 3868 SNMPTRAP - ok
23:40:08.0023 3868 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
23:40:08.0056 3868 spldr - ok
23:40:08.0132 3868 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
23:40:08.0287 3868 Spooler - ok
23:40:08.0689 3868 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
23:40:09.0009 3868 sppsvc - ok
23:40:09.0134 3868 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
23:40:09.0252 3868 sppuinotify - ok
23:40:09.0335 3868 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
23:40:09.0454 3868 srv - ok
23:40:09.0513 3868 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
23:40:09.0578 3868 srv2 - ok
23:40:09.0609 3868 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
23:40:09.0686 3868 srvnet - ok
23:40:09.0751 3868 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
23:40:10.0044 3868 SSDPSRV - ok
23:40:10.0137 3868 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
23:40:10.0515 3868 SstpSvc - ok
23:40:10.0555 3868 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
23:40:10.0590 3868 stexstor - ok
23:40:10.0680 3868 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
23:40:10.0777 3868 stisvc - ok
23:40:10.0801 3868 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
23:40:10.0834 3868 swenum - ok
23:40:10.0892 3868 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
23:40:11.0045 3868 swprv - ok
23:40:11.0211 3868 SynTP (02364d8be46a51361b0905736c3f7438) C:\Windows\system32\DRIVERS\SynTP.sys
23:40:11.0327 3868 SynTP - ok
23:40:11.0594 3868 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
23:40:11.0797 3868 SysMain - ok
23:40:11.0908 3868 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
23:40:11.0969 3868 TabletInputService - ok
23:40:12.0020 3868 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
23:40:12.0187 3868 TapiSrv - ok
23:40:12.0220 3868 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
23:40:12.0354 3868 TBS - ok
23:40:12.0565 3868 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
23:40:12.0705 3868 Tcpip - ok
23:40:13.0036 3868 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
23:40:13.0159 3868 TCPIP6 - ok
23:40:13.0286 3868 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
23:40:13.0416 3868 tcpipreg - ok
23:40:13.0463 3868 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
23:40:13.0517 3868 TDPIPE - ok
23:40:13.0559 3868 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
23:40:13.0596 3868 TDTCP - ok
23:40:13.0639 3868 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
23:40:13.0777 3868 tdx - ok
23:40:13.0823 3868 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
23:40:13.0870 3868 TermDD - ok
23:40:13.0955 3868 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
23:40:14.0111 3868 TermService - ok
23:40:14.0136 3868 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
23:40:14.0192 3868 Themes - ok
23:40:14.0223 3868 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
23:40:14.0332 3868 THREADORDER - ok
23:40:14.0359 3868 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
23:40:14.0486 3868 TrkWks - ok
23:40:14.0561 3868 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
23:40:14.0698 3868 TrustedInstaller - ok
23:40:14.0728 3868 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
23:40:14.0842 3868 tssecsrv - ok
23:40:14.0876 3868 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
23:40:14.0932 3868 TsUsbFlt - ok
23:40:14.0954 3868 TsUsbGD (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys
23:40:14.0988 3868 TsUsbGD - ok
23:40:15.0020 3868 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
23:40:15.0152 3868 tunnel - ok
23:40:15.0169 3868 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
23:40:15.0204 3868 uagp35 - ok
23:40:15.0246 3868 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
23:40:15.0375 3868 udfs - ok
23:40:15.0424 3868 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
23:40:15.0467 3868 UI0Detect - ok
23:40:15.0485 3868 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
23:40:15.0526 3868 uliagpkx - ok
23:40:15.0567 3868 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
23:40:15.0618 3868 umbus - ok
23:40:15.0629 3868 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys
23:40:15.0677 3868 UmPass - ok
23:40:15.0733 3868 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
23:40:15.0884 3868 upnphost - ok
23:40:15.0930 3868 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
23:40:15.0991 3868 usbccgp - ok
23:40:16.0035 3868 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
23:40:16.0096 3868 usbcir - ok
23:40:16.0146 3868 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
23:40:16.0219 3868 usbehci - ok
23:40:16.0259 3868 usbfilter (76e2ffad301490ba27b947c6507752fb) C:\Windows\system32\DRIVERS\usbfilter.sys
23:40:16.0289 3868 usbfilter - ok
23:40:16.0372 3868 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
23:40:16.0447 3868 usbhub - ok
23:40:16.0486 3868 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\DRIVERS\usbohci.sys
23:40:16.0538 3868 usbohci - ok
23:40:16.0577 3868 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
23:40:16.0628 3868 usbprint - ok
23:40:16.0668 3868 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
23:40:16.0713 3868 usbscan - ok
23:40:16.0751 3868 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
23:40:16.0825 3868 USBSTOR - ok
23:40:16.0862 3868 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
23:40:16.0904 3868 usbuhci - ok
23:40:16.0946 3868 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\system32\Drivers\usbvideo.sys
23:40:17.0002 3868 usbvideo - ok
23:40:17.0042 3868 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
23:40:17.0162 3868 UxSms - ok
23:40:17.0205 3868 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
23:40:17.0254 3868 VaultSvc - ok
23:40:17.0313 3868 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
23:40:17.0355 3868 vdrvroot - ok
23:40:17.0416 3868 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
23:40:17.0560 3868 vds - ok
23:40:17.0587 3868 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
23:40:17.0630 3868 vga - ok
23:40:17.0655 3868 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
23:40:17.0769 3868 VgaSave - ok
23:40:17.0804 3868 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
23:40:17.0858 3868 vhdmp - ok
23:40:17.0878 3868 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
23:40:17.0912 3868 viaide - ok
23:40:17.0931 3868 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
23:40:17.0966 3868 volmgr - ok
23:40:18.0017 3868 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
23:40:18.0081 3868 volmgrx - ok
23:40:18.0116 3868 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
23:40:18.0164 3868 volsnap - ok
23:40:18.0203 3868 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
23:40:18.0250 3868 vsmraid - ok
23:40:18.0404 3868 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
23:40:18.0610 3868 VSS - ok
23:40:18.0764 3868 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
23:40:18.0831 3868 vwifibus - ok
23:40:18.0877 3868 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
23:40:18.0955 3868 vwififlt - ok
23:40:19.0019 3868 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
23:40:19.0158 3868 W32Time - ok
23:40:19.0190 3868 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
23:40:19.0262 3868 WacomPen - ok
23:40:19.0391 3868 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
23:40:19.0517 3868 WANARP - ok
23:40:19.0525 3868 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
23:40:19.0626 3868 Wanarpv6 - ok
23:40:20.0369 3868 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
23:40:20.0512 3868 wbengine - ok
23:40:20.0643 3868 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
23:40:20.0726 3868 WbioSrvc - ok
23:40:20.0780 3868 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
23:40:20.0887 3868 wcncsvc - ok
23:40:20.0911 3868 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
23:40:20.0979 3868 WcsPlugInService - ok
23:40:21.0030 3868 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
23:40:21.0072 3868 Wd - ok
23:40:21.0150 3868 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
23:40:21.0243 3868 Wdf01000 - ok
23:40:21.0467 3868 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
23:40:21.0619 3868 WdiServiceHost - ok
23:40:21.0629 3868 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
23:40:21.0689 3868 WdiSystemHost - ok
23:40:21.0760 3868 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
23:40:21.0850 3868 WebClient - ok
23:40:21.0942 3868 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
23:40:22.0092 3868 Wecsvc - ok
23:40:22.0133 3868 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
23:40:22.0282 3868 wercplsupport - ok
23:40:22.0325 3868 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
23:40:22.0452 3868 WerSvc - ok
23:40:22.0518 3868 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
23:40:22.0629 3868 WfpLwf - ok
23:40:22.0654 3868 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
23:40:22.0688 3868 WIMMount - ok
23:40:22.0734 3868 WinDefend - ok
23:40:22.0754 3868 WinHttpAutoProxySvc - ok
23:40:22.0823 3868 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
23:40:22.0974 3868 Winmgmt - ok
23:40:23.0163 3868 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
23:40:23.0455 3868 WinRM - ok
23:40:23.0838 3868 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
23:40:23.0999 3868 Wlansvc - ok
23:40:24.0110 3868 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
23:40:24.0160 3868 wlcrasvc - ok
23:40:24.0373 3868 wlidsvc (7e47c328fc4768cb8beafbcfafa70362) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
23:40:24.0540 3868 wlidsvc - ok
23:40:24.0652 3868 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys
23:40:24.0705 3868 WmiAcpi - ok
23:40:24.0767 3868 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
23:40:24.0842 3868 wmiApSrv - ok
23:40:24.0914 3868 WMPNetworkSvc - ok
23:40:24.0963 3868 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
23:40:25.0018 3868 WPCSvc - ok
23:40:25.0041 3868 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
23:40:25.0117 3868 WPDBusEnum - ok
23:40:25.0145 3868 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
23:40:25.0257 3868 ws2ifsl - ok
23:40:25.0351 3868 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll
23:40:25.0450 3868 wscsvc - ok
23:40:25.0460 3868 WSearch - ok
23:40:25.0716 3868 wuauserv (9df12edbc698b0bc353b3ef84861e430) C:\Windows\system32\wuaueng.dll
23:40:26.0098 3868 wuauserv - ok
23:40:26.0283 3868 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
23:40:26.0415 3868 WudfPf - ok
23:40:26.0466 3868 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
23:40:26.0581 3868 WUDFRd - ok
23:40:26.0611 3868 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
23:40:26.0734 3868 wudfsvc - ok
23:40:26.0773 3868 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
23:40:26.0846 3868 WwanSvc - ok
23:40:26.0896 3868 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
23:40:27.0468 3868 \Device\Harddisk0\DR0 - ok
23:40:27.0478 3868 Boot (0x1200) (4c55c7c8406f8445488da0c279a80d68) \Device\Harddisk0\DR0\Partition0
23:40:27.0483 3868 \Device\Harddisk0\DR0\Partition0 - ok
23:40:27.0543 3868 Boot (0x1200) (27fbe250173647bfccf03c6e08bb58f0) \Device\Harddisk0\DR0\Partition1
23:40:27.0548 3868 \Device\Harddisk0\DR0\Partition1 - ok
23:40:27.0550 3868 ============================================================
23:40:27.0550 3868 Scan finished
23:40:27.0550 3868 ============================================================
23:40:27.0591 3216 Detected object count: 1
23:40:27.0591 3216 Actual detected object count: 1
23:41:07.0081 3216 sesvc ( UnsignedFile.Multi.Generic ) - skipped by user
23:41:07.0081 3216 sesvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:41:21.0762 2448 ============================================================
23:41:21.0762 2448 Scan started
23:41:21.0762 2448 Mode: Manual; SigCheck; TDLFS;
23:41:21.0762 2448 ============================================================
23:41:22.0285 2448 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
23:41:22.0362 2448 1394ohci - ok
23:41:22.0414 2448 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
23:41:22.0460 2448 ACPI - ok
23:41:22.0473 2448 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
23:41:22.0516 2448 AcpiPmi - ok
23:41:22.0599 2448 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
23:41:22.0638 2448 AdobeARMservice - ok
23:41:22.0761 2448 AdobeFlashPlayerUpdateSvc (76d5a3d2a50402a0b9b6ed13c4371e79) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
23:41:22.0808 2448 AdobeFlashPlayerUpdateSvc - ok
23:41:22.0883 2448 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
23:41:22.0947 2448 adp94xx - ok
23:41:23.0002 2448 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
23:41:23.0049 2448 adpahci - ok
23:41:23.0081 2448 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
23:41:23.0120 2448 adpu320 - ok
23:41:23.0161 2448 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
23:41:23.0268 2448 AeLookupSvc - ok
23:41:23.0355 2448 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
23:41:23.0402 2448 AFD - ok
23:41:23.0421 2448 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
23:41:23.0454 2448 agp440 - ok
23:41:23.0485 2448 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
23:41:23.0522 2448 ALG - ok
23:41:23.0535 2448 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
23:41:23.0567 2448 aliide - ok
23:41:23.0605 2448 AMD External Events Utility (0497e13936e43065c85be3c9cdc0258b) C:\Windows\system32\atiesrxx.exe
23:41:23.0653 2448 AMD External Events Utility - ok
23:41:23.0665 2448 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
23:41:23.0696 2448 amdide - ok
23:41:23.0714 2448 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
23:41:23.0750 2448 AmdK8 - ok
23:41:24.0373 2448 amdkmdag (679999d8808c1784dcb9bd59c19ae32f) C:\Windows\system32\DRIVERS\atikmdag.sys
23:41:24.0658 2448 amdkmdag - ok
23:41:24.0951 2448 amdkmdap (a4769eaf3936da861b9b1c9e5bd2fc52) C:\Windows\system32\DRIVERS\atikmpag.sys
23:41:25.0004 2448 amdkmdap - ok
23:41:25.0033 2448 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
23:41:25.0069 2448 AmdPPM - ok
23:41:25.0152 2448 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
23:41:25.0197 2448 amdsata - ok
23:41:25.0234 2448 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
23:41:25.0273 2448 amdsbs - ok
23:41:25.0301 2448 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
23:41:25.0334 2448 amdxata - ok
23:41:25.0414 2448 AntiVirSchedulerService (466a0d95960dad3222c896d2cea99993) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
23:41:25.0448 2448 AntiVirSchedulerService - ok
23:41:25.0478 2448 AntiVirService (a489be6bb0aa1ff406b488b60542314b) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
23:41:25.0508 2448 AntiVirService - ok
23:41:25.0527 2448 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
23:41:25.0626 2448 AppID - ok
23:41:25.0661 2448 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
23:41:25.0763 2448 AppIDSvc - ok
23:41:25.0785 2448 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
23:41:25.0885 2448 Appinfo - ok
23:41:25.0905 2448 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
23:41:25.0940 2448 arc - ok
23:41:25.0960 2448 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
23:41:25.0996 2448 arcsas - ok
23:41:26.0008 2448 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
23:41:26.0114 2448 AsyncMac - ok
23:41:26.0141 2448 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
23:41:26.0174 2448 atapi - ok
23:41:26.0212 2448 AtiHDAudioService (4bf5bca6e2608cd8a00bc4a6673a9f47) C:\Windows\system32\drivers\AtihdW76.sys
23:41:26.0270 2448 AtiHDAudioService - ok
23:41:26.0342 2448 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
23:41:26.0479 2448 AudioEndpointBuilder - ok
23:41:26.0498 2448 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
23:41:26.0616 2448 AudioSrv - ok
23:41:26.0643 2448 avgntflt (26e38b5a58c6c55fafbc563eeddb0867) C:\Windows\system32\DRIVERS\avgntflt.sys
23:41:26.0675 2448 avgntflt - ok
23:41:26.0707 2448 avipbb (9d1f00beff84cbbf46d7f052bc7e0565) C:\Windows\system32\DRIVERS\avipbb.sys
23:41:26.0741 2448 avipbb - ok
23:41:26.0759 2448 avkmgr (248db59fc86de44d2779f4c7fb1a567d) C:\Windows\system32\DRIVERS\avkmgr.sys
23:41:26.0789 2448 avkmgr - ok
23:41:26.0812 2448 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
23:41:26.0864 2448 AxInstSV - ok
23:41:26.0918 2448 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
23:41:26.0990 2448 b06bdrv - ok
23:41:27.0034 2448 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
23:41:27.0079 2448 b57nd60a - ok
23:41:27.0172 2448 BBSvc (93ee7d9c35ae7e9ffda148d7805f1421) C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
23:41:27.0224 2448 BBSvc - ok
23:41:27.0623 2448 BCM43XX (85111026f1c5a1c4cce3697f0da7bc1a) C:\Windows\system32\DRIVERS\bcmwl664.sys
23:41:27.0933 2448 BCM43XX - ok
23:41:28.0067 2448 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
23:41:28.0121 2448 BDESVC - ok
23:41:28.0153 2448 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
23:41:28.0264 2448 Beep - ok
23:41:28.0348 2448 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
23:41:28.0491 2448 BFE - ok
23:41:28.0584 2448 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
23:41:28.0740 2448 BITS - ok
23:41:28.0767 2448 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\drivers\blbdrive.sys
23:41:28.0805 2448 blbdrive - ok
23:41:28.0842 2448 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
23:41:28.0887 2448 bowser - ok
23:41:28.0902 2448 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
23:41:28.0946 2448 BrFiltLo - ok
23:41:28.0956 2448 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
23:41:29.0001 2448 BrFiltUp - ok
23:41:29.0028 2448 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
23:41:29.0131 2448 Browser - ok
23:41:29.0169 2448 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\system32\DRIVERS\BrSerId.sys
23:41:29.0226 2448 Brserid - ok
23:41:29.0239 2448 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
23:41:29.0284 2448 BrSerWdm - ok
23:41:29.0295 2448 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
23:41:29.0339 2448 BrUsbMdm - ok
23:41:29.0353 2448 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\system32\DRIVERS\BrUsbSer.sys
23:41:29.0386 2448 BrUsbSer - ok
23:41:29.0406 2448 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys
23:41:29.0451 2448 BTHMODEM - ok
23:41:29.0484 2448 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
23:41:29.0591 2448 bthserv - ok
23:41:29.0624 2448 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
23:41:29.0729 2448 cdfs - ok
23:41:29.0756 2448 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys
23:41:29.0796 2448 cdrom - ok
23:41:29.0821 2448 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
23:41:29.0924 2448 CertPropSvc - ok
23:41:29.0940 2448 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
23:41:29.0985 2448 circlass - ok
23:41:30.0027 2448 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
23:41:30.0090 2448 CLFS - ok
23:41:30.0176 2448 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
23:41:30.0216 2448 clr_optimization_v2.0.50727_32 - ok
23:41:30.0268 2448 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
23:41:30.0308 2448 clr_optimization_v2.0.50727_64 - ok
23:41:30.0372 2448 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
23:41:30.0413 2448 clr_optimization_v4.0.30319_32 - ok
23:41:30.0460 2448 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
23:41:30.0495 2448 clr_optimization_v4.0.30319_64 - ok
23:41:30.0522 2448 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys
23:41:30.0558 2448 CmBatt - ok
23:41:30.0582 2448 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
23:41:30.0616 2448 cmdide - ok
23:41:30.0691 2448 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
23:41:30.0775 2448 CNG - ok
23:41:30.0935 2448 CnxtHdAudService (64ee11cbf385ca6f170fbe93b329b4e0) C:\Windows\system32\drivers\CHDRT64.sys
23:41:31.0058 2448 CnxtHdAudService - ok
23:41:31.0174 2448 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys
23:41:31.0219 2448 Compbatt - ok
23:41:31.0241 2448 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
23:41:31.0285 2448 CompositeBus - ok
23:41:31.0296 2448 COMSysApp - ok
23:41:31.0320 2448 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
23:41:31.0356 2448 crcdisk - ok
23:41:31.0417 2448 CryptSvc (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll
23:41:31.0456 2448 CryptSvc - ok
23:41:31.0500 2448 CxAudMsg (9d0d050170d47e778b624a28c90f23de) C:\Windows\system32\CxAudMsg64.exe
23:41:31.0549 2448 CxAudMsg - ok
23:41:31.0629 2448 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
23:41:31.0749 2448 DcomLaunch - ok
23:41:31.0804 2448 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
23:41:31.0924 2448 defragsvc - ok
23:41:31.0957 2448 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
23:41:32.0061 2448 DfsC - ok
23:41:32.0099 2448 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
23:41:32.0217 2448 Dhcp - ok
23:41:32.0237 2448 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
23:41:32.0344 2448 discache - ok
23:41:32.0368 2448 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
23:41:32.0404 2448 Disk - ok
23:41:32.0456 2448 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
23:41:32.0504 2448 Dnscache - ok
23:41:32.0545 2448 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
23:41:32.0665 2448 dot3svc - ok
23:41:32.0700 2448 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
23:41:32.0813 2448 DPS - ok
23:41:32.0833 2448 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
23:41:32.0875 2448 drmkaud - ok
23:41:32.0983 2448 DsiWMIService (4ab2a58816cc6be771f1d8c768b804c5) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
23:41:33.0054 2448 DsiWMIService - ok
23:41:33.0152 2448 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
23:41:33.0247 2448 DXGKrnl - ok
23:41:33.0279 2448 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
23:41:33.0390 2448 EapHost - ok
23:41:33.0678 2448 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
23:41:33.0882 2448 ebdrv - ok
23:41:34.0002 2448 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
23:41:34.0044 2448 EFS - ok
23:41:34.0128 2448 EgisTec Ticket Service (03e6888da1a85acf14ac2a3c328a9e62) C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe
23:41:34.0187 2448 EgisTec Ticket Service - ok
23:41:34.0304 2448 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
23:41:34.0389 2448 ehRecvr - ok
23:41:34.0427 2448 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
23:41:34.0484 2448 ehSched - ok
23:41:34.0567 2448 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
23:41:34.0638 2448 elxstor - ok
23:41:34.0751 2448 ePowerSvc (753fad8fd476116fa93799b0db77702b) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
23:41:34.0830 2448 ePowerSvc - ok
23:41:34.0921 2448 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
23:41:34.0958 2448 ErrDev - ok
23:41:35.0031 2448 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
23:41:35.0161 2448 EventSystem - ok
23:41:35.0202 2448 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
23:41:35.0323 2448 exfat - ok
23:41:35.0367 2448 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
23:41:35.0481 2448 fastfat - ok
23:41:35.0555 2448 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
23:41:35.0627 2448 Fax - ok
23:41:35.0641 2448 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
23:41:35.0678 2448 fdc - ok
23:41:35.0702 2448 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
23:41:35.0807 2448 fdPHost - ok
23:41:35.0827 2448 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
23:41:35.0935 2448 FDResPub - ok
23:41:35.0956 2448 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
23:41:35.0992 2448 FileInfo - ok
23:41:36.0014 2448 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
23:41:36.0119 2448 Filetrace - ok
23:41:36.0133 2448 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
23:41:36.0168 2448 flpydisk - ok
23:41:36.0214 2448 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
23:41:36.0279 2448 FltMgr - ok
23:41:36.0391 2448 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
23:41:36.0491 2448 FontCache - ok
23:41:36.0569 2448 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
23:41:36.0606 2448 FontCache3.0.0.0 - ok
23:41:36.0651 2448 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
23:41:36.0694 2448 FsDepends - ok
23:41:36.0738 2448 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
23:41:36.0779 2448 Fs_Rec - ok
23:41:36.0820 2448 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
23:41:36.0880 2448 fvevol - ok
23:41:36.0908 2448 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
23:41:36.0943 2448 gagp30kx - ok
23:41:37.0028 2448 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
23:41:37.0167 2448 gpsvc - ok
23:41:37.0231 2448 GREGService (0191dee9b9eb7902af2cf4f67301095d) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
23:41:37.0262 2448 GREGService - ok
23:41:37.0315 2448 gupdate (506708142bc63daba64f2d3ad1dcd5bf) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
23:41:37.0357 2448 gupdate - ok
23:41:37.0367 2448 gupdatem (506708142bc63daba64f2d3ad1dcd5bf) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
23:41:37.0396 2448 gupdatem - ok
23:41:37.0416 2448 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
23:41:37.0451 2448 hcw85cir - ok
23:41:37.0492 2448 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
23:41:37.0559 2448 HdAudAddService - ok
23:41:37.0586 2448 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
23:41:37.0644 2448 HDAudBus - ok
23:41:37.0659 2448 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
23:41:37.0695 2448 HidBatt - ok
23:41:37.0716 2448 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
23:41:37.0761 2448 HidBth - ok
23:41:37.0777 2448 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
23:41:37.0821 2448 HidIr - ok
23:41:37.0837 2448 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
23:41:37.0944 2448 hidserv - ok
23:41:37.0959 2448 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
23:41:37.0995 2448 HidUsb - ok
23:41:38.0018 2448 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
23:41:38.0133 2448 hkmsvc - ok
23:41:38.0166 2448 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
23:41:38.0237 2448 HomeGroupListener - ok
23:41:38.0281 2448 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
23:41:38.0336 2448 HomeGroupProvider - ok
23:41:38.0356 2448 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
23:41:38.0392 2448 HpSAMD - ok
23:41:38.0472 2448 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
23:41:38.0612 2448 HTTP - ok
23:41:38.0631 2448 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
23:41:38.0664 2448 hwpolicy - ok
23:41:38.0702 2448 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
23:41:38.0740 2448 i8042prt - ok
23:41:38.0811 2448 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
23:41:38.0874 2448 iaStorV - ok
23:41:39.0003 2448 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
23:41:39.0086 2448 idsvc - ok
23:41:39.0116 2448 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
23:41:39.0151 2448 iirsp - ok
23:41:39.0252 2448 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
23:41:39.0396 2448 IKEEXT - ok
23:41:39.0416 2448 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
23:41:39.0451 2448 intelide - ok
23:41:39.0468 2448 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\drivers\intelppm.sys
23:41:39.0504 2448 intelppm - ok
23:41:39.0535 2448 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
23:41:39.0652 2448 IPBusEnum - ok
23:41:39.0673 2448 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
23:41:39.0778 2448 IpFilterDriver - ok
23:41:39.0843 2448 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
23:41:39.0975 2448 iphlpsvc - ok
23:41:39.0994 2448 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
23:41:40.0032 2448 IPMIDRV - ok
23:41:40.0055 2448 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
23:41:40.0168 2448 IPNAT - ok
23:41:40.0194 2448 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
23:41:40.0244 2448 IRENUM - ok
23:41:40.0257 2448 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
23:41:40.0290 2448 isapnp - ok
23:41:40.0329 2448 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
23:41:40.0386 2448 iScsiPrt - ok
23:41:40.0412 2448 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
23:41:40.0448 2448 kbdclass - ok
23:41:40.0463 2448 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
23:41:40.0499 2448 kbdhid - ok
23:41:40.0542 2448 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
23:41:40.0575 2448 KeyIso - ok
23:41:40.0600 2448 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
23:41:40.0637 2448 KSecDD - ok
23:41:40.0665 2448 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
23:41:40.0714 2448 KSecPkg - ok
23:41:40.0735 2448 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
23:41:40.0839 2448 ksthunk - ok
23:41:40.0895 2448 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
23:41:41.0028 2448 KtmRm - ok
23:41:41.0060 2448 L1C (6dd5383c9413aae3113faf89e345663d) C:\Windows\system32\DRIVERS\L1C62x64.sys
23:41:41.0091 2448 L1C - ok
23:41:41.0141 2448 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
23:41:41.0268 2448 LanmanServer - ok
23:41:41.0294 2448 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
23:41:41.0409 2448 LanmanWorkstation - ok
23:41:41.0505 2448 Live Updater Service (6bcee9c766815bfff89de7d81af34ce1) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
23:41:41.0561 2448 Live Updater Service - ok
23:41:41.0604 2448 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
23:41:41.0721 2448 lltdio - ok
23:41:41.0782 2448 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
23:41:41.0906 2448 lltdsvc - ok
23:41:41.0930 2448 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
23:41:42.0038 2448 lmhosts - ok
23:41:42.0072 2448 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
23:41:42.0110 2448 LSI_FC - ok
23:41:42.0135 2448 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
23:41:42.0172 2448 LSI_SAS - ok
23:41:42.0190 2448 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
23:41:42.0226 2448 LSI_SAS2 - ok
23:41:42.0250 2448 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
23:41:42.0288 2448 LSI_SCSI - ok
23:41:42.0316 2448 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
23:41:42.0433 2448 luafv - ok
23:41:42.0467 2448 MBAMProtector (dbc08862a71459e74f7538b432c114cc) C:\Windows\system32\drivers\mbam.sys
23:41:42.0502 2448 MBAMProtector - ok
23:41:42.0592 2448 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
23:41:42.0679 2448 MBAMService - ok
23:41:42.0788 2448 McComponentHostService (22a7776c5d8eb5930edf9c8dd0884259) C:\Program Files (x86)\McAfee Security Scan\3.0.207\McCHSvc.exe
23:41:42.0833 2448 McComponentHostService - ok
23:41:42.0869 2448 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
23:41:42.0921 2448 Mcx2Svc - ok
23:41:42.0946 2448 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
23:41:42.0982 2448 megasas - ok
23:41:43.0028 2448 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
23:41:43.0081 2448 MegaSR - ok
23:41:43.0113 2448 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
23:41:43.0224 2448 MMCSS - ok
23:41:43.0244 2448 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
23:41:43.0352 2448 Modem - ok
23:41:43.0379 2448 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
23:41:43.0421 2448 monitor - ok
23:41:43.0442 2448 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
23:41:43.0478 2448 mouclass - ok
23:41:43.0492 2448 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
23:41:43.0530 2448 mouhid - ok
23:41:43.0555 2448 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
23:41:43.0592 2448 mountmgr - ok
23:41:43.0650 2448 MozillaMaintenance (96aa8ba23142cc8e2b30f3cae0c80254) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
23:41:43.0697 2448 MozillaMaintenance - ok
23:41:43.0727 2448 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
23:41:43.0767 2448 mpio - ok
23:41:43.0793 2448 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
23:41:43.0900 2448 mpsdrv - ok
23:41:43.0991 2448 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
23:41:44.0135 2448 MpsSvc - ok
23:41:44.0164 2448 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
23:41:44.0218 2448 MRxDAV - ok
23:41:44.0259 2448 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
23:41:44.0321 2448 mrxsmb - ok
23:41:44.0369 2448 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
23:41:44.0423 2448 mrxsmb10 - ok
23:41:44.0464 2448 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
23:41:44.0511 2448 mrxsmb20 - ok
23:41:44.0538 2448 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
23:41:44.0573 2448 msahci - ok
23:41:44.0601 2448 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
23:41:44.0650 2448 msdsm - ok
23:41:44.0681 2448 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
23:41:44.0732 2448 MSDTC - ok
23:41:44.0772 2448 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
23:41:44.0877 2448 Msfs - ok
23:41:44.0896 2448 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
23:41:45.0000 2448 mshidkmdf - ok
23:41:45.0019 2448 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
23:41:45.0054 2448 msisadrv - ok
23:41:45.0086 2448 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
23:41:45.0204 2448 MSiSCSI - ok
23:41:45.0215 2448 msiserver - ok
23:41:45.0233 2448 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
23:41:45.0336 2448 MSKSSRV - ok
23:41:45.0346 2448 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
23:41:45.0451 2448 MSPCLOCK - ok
23:41:45.0462 2448 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
23:41:45.0567 2448 MSPQM - ok
23:41:45.0618 2448 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
23:41:45.0684 2448 MsRPC - ok
23:41:45.0715 2448 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
23:41:45.0749 2448 mssmbios - ok
23:41:45.0775 2448 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
23:41:45.0880 2448 MSTEE - ok
23:41:45.0892 2448 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
23:41:45.0927 2448 MTConfig - ok
23:41:45.0952 2448 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
23:41:45.0988 2448 Mup - ok
23:41:46.0007 2448 mwlPSDFilter (9b1eac6faf6f37305e822f5588dc8056) C:\Windows\system32\DRIVERS\mwlPSDFilter.sys
23:41:46.0037 2448 mwlPSDFilter - ok
23:41:46.0061 2448 mwlPSDNServ (ad55c1524b296280ed9c6e0d730d35da) C:\Windows\system32\DRIVERS\mwlPSDNServ.sys
23:41:46.0090 2448 mwlPSDNServ - ok
23:41:46.0116 2448 mwlPSDVDisk (2b599e6ec8843637bdd62e7f8f3ba201) C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys
23:41:46.0147 2448 mwlPSDVDisk - ok
23:41:46.0215 2448 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
23:41:46.0352 2448 napagent - ok
23:41:46.0402 2448 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
23:41:46.0470 2448 NativeWifiP - ok
23:41:46.0598 2448 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
23:41:46.0677 2448 NDIS - ok
23:41:46.0703 2448 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
23:41:46.0809 2448 NdisCap - ok
23:41:46.0831 2448 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
23:41:46.0936 2448 NdisTapi - ok
23:41:46.0960 2448 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
23:41:47.0062 2448 Ndisuio - ok
23:41:47.0096 2448 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
23:41:47.0210 2448 NdisWan - ok
23:41:47.0239 2448 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
23:41:47.0344 2448 NDProxy - ok
23:41:47.0370 2448 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
23:41:47.0476 2448 NetBIOS - ok
23:41:47.0516 2448 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
23:41:47.0637 2448 NetBT - ok
23:41:47.0676 2448 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
23:41:47.0711 2448 Netlogon - ok
23:41:47.0763 2448 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
23:41:47.0896 2448 Netman - ok
23:41:47.0946 2448 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
23:41:48.0069 2448 netprofm - ok
23:41:48.0147 2448 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
23:41:48.0180 2448 NetTcpPortSharing - ok
23:41:48.0212 2448 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
23:41:48.0247 2448 nfrd960 - ok
23:41:48.0296 2448 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
23:41:48.0415 2448 NlaSvc - ok
23:41:48.0435 2448 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
23:41:48.0542 2448 Npfs - ok
23:41:48.0572 2448 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
23:41:48.0681 2448 nsi - ok
23:41:48.0697 2448 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
23:41:48.0802 2448 nsiproxy - ok
23:41:48.0982 2448 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
23:41:49.0117 2448 Ntfs - ok
23:41:49.0220 2448 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
23:41:49.0335 2448 Null - ok
23:41:49.0384 2448 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
23:41:49.0431 2448 nvraid - ok
23:41:49.0463 2448 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
23:41:49.0513 2448 nvstor - ok
23:41:49.0543 2448 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
23:41:49.0581 2448 nv_agp - ok
23:41:49.0691 2448 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
23:41:49.0752 2448 odserv - ok
23:41:49.0773 2448 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
23:41:49.0811 2448 ohci1394 - ok
23:41:49.0847 2448 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
23:41:49.0893 2448 ose - ok
23:41:49.0951 2448 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
23:41:50.0020 2448 p2pimsvc - ok
23:41:50.0070 2448 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
23:41:50.0130 2448 p2psvc - ok
23:41:50.0157 2448 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys
23:41:50.0208 2448 Parport - ok
23:41:50.0260 2448 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
23:41:50.0296 2448 partmgr - ok
23:41:50.0325 2448 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
23:41:50.0397 2448 PcaSvc - ok
23:41:50.0429 2448 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
23:41:50.0483 2448 pci - ok
23:41:50.0496 2448 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
23:41:50.0529 2448 pciide - ok
23:41:50.0573 2448 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
23:41:50.0617 2448 pcmcia - ok
23:41:50.0647 2448 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
23:41:50.0683 2448 pcw - ok
23:41:50.0752 2448 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
23:41:50.0885 2448 PEAUTH - ok
23:41:50.0972 2448 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
23:41:51.0013 2448 PerfHost - ok
23:41:51.0163 2448 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
23:41:51.0331 2448 pla - ok
23:41:51.0399 2448 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
23:41:51.0458 2448 PlugPlay - ok
23:41:51.0481 2448 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
23:41:51.0519 2448 PNRPAutoReg - ok
23:41:51.0567 2448 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
23:41:51.0613 2448 PNRPsvc - ok
23:41:51.0691 2448 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
23:41:51.0828 2448 PolicyAgent - ok
23:41:51.0867 2448 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
23:41:51.0980 2448 Power - ok
23:41:52.0046 2448 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
23:41:52.0151 2448 PptpMiniport - ok
23:41:52.0182 2448 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
23:41:52.0221 2448 Processor - ok
23:41:52.0266 2448 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll
23:41:52.0318 2448 ProfSvc - ok
23:41:52.0360 2448 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
23:41:52.0395 2448 ProtectedStorage - ok
23:41:52.0423 2448 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
23:41:52.0537 2448 Psched - ok
23:41:52.0675 2448 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
23:41:52.0800 2448 ql2300 - ok
23:41:52.0897 2448 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
23:41:52.0935 2448 ql40xx - ok
23:41:52.0984 2448 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
23:41:53.0055 2448 QWAVE - ok
23:41:53.0079 2448 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
23:41:53.0131 2448 QWAVEdrv - ok
23:41:53.0141 2448 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
23:41:53.0249 2448 RasAcd - ok
23:41:53.0276 2448 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
23:41:53.0381 2448 RasAgileVpn - ok
23:41:53.0406 2448 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
23:41:53.0525 2448 RasAuto - ok
23:41:53.0552 2448 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
23:41:53.0665 2448 Rasl2tp - ok
23:41:53.0710 2448 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
23:41:53.0840 2448 RasMan - ok
23:41:53.0870 2448 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
23:41:53.0990 2448 RasPppoe - ok
23:41:54.0017 2448 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
23:41:54.0121 2448 RasSstp - ok
23:41:54.0165 2448 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
23:41:54.0294 2448 rdbss - ok
23:41:54.0322 2448 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys
23:41:54.0366 2448 rdpbus - ok
23:41:54.0385 2448 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
23:41:54.0488 2448 RDPCDD - ok
23:41:54.0514 2448 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
23:41:54.0618 2448 RDPENCDD - ok
23:41:54.0643 2448 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
23:41:54.0750 2448 RDPREFMP - ok
23:41:54.0793 2448 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys
23:41:54.0858 2448 RDPWD - ok
23:41:54.0896 2448 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
23:41:54.0937 2448 rdyboost - ok
23:41:54.0976 2448 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
23:41:55.0096 2448 RemoteAccess - ok
23:41:55.0142 2448 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
23:41:55.0271 2448 RemoteRegistry - ok
23:41:55.0296 2448 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
23:41:55.0405 2448 RpcEptMapper - ok
23:41:55.0429 2448 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
23:41:55.0470 2448 RpcLocator - ok
23:41:55.0527 2448 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
23:41:55.0646 2448 RpcSs - ok
23:41:55.0668 2448 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
23:41:55.0777 2448 rspndr - ok
23:41:55.0830 2448 RSUSBSTOR (135a64530d7699ad48f29d73a658dd11) C:\Windows\System32\Drivers\RtsUStor.sys
23:41:55.0885 2448 RSUSBSTOR - ok
23:41:55.0959 2448 RS_Service (7cb9f0fdd730f4a4ecf6cde15ea12e8a) C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe
23:41:56.0014 2448 RS_Service - ok
23:41:56.0054 2448 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
23:41:56.0087 2448 SamSs - ok
23:41:56.0121 2448 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
23:41:56.0159 2448 sbp2port - ok
23:41:56.0200 2448 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
23:41:56.0325 2448 SCardSvr - ok
23:41:56.0346 2448 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
23:41:56.0447 2448 scfilter - ok
23:41:56.0553 2448 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
23:41:56.0712 2448 Schedule - ok
23:41:56.0754 2448 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
23:41:56.0858 2448 SCPolicySvc - ok
23:41:56.0891 2448 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
23:41:56.0945 2448 SDRSVC - ok
23:41:57.0040 2448 SeaPort (cc781378e7eda615d2cdca3b17829fa4) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
23:41:57.0106 2448 SeaPort - ok
23:41:57.0168 2448 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
23:41:57.0275 2448 secdrv - ok
23:41:57.0318 2448 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
23:41:57.0426 2448 seclogon - ok
23:41:57.0449 2448 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
23:41:57.0572 2448 SENS - ok
23:41:57.0596 2448 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
23:41:57.0633 2448 SensrSvc - ok
23:41:57.0660 2448 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys
23:41:57.0696 2448 Serenum - ok
23:41:57.0716 2448 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys
23:41:57.0755 2448 Serial - ok
23:41:57.0769 2448 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
23:41:57.0805 2448 sermouse - ok
23:41:57.0854 2448 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
23:41:57.0961 2448 SessionEnv - ok
23:41:57.0999 2448 sesvc (4c99e251d89c95dcaaa26f9243747c99) C:\Program Files (x86)\ShadowExplorer\sesvc.exe
23:41:58.0011 2448 sesvc ( UnsignedFile.Multi.Generic ) - warning
23:41:58.0011 2448 sesvc - detected UnsignedFile.Multi.Generic (1)
23:41:58.0024 2448 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
23:41:58.0067 2448 sffdisk - ok
23:41:58.0092 2448 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
23:41:58.0136 2448 sffp_mmc - ok
23:41:58.0149 2448 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
23:41:58.0191 2448 sffp_sd - ok
23:41:58.0203 2448 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
23:41:58.0238 2448 sfloppy - ok
23:41:58.0293 2448 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
23:41:58.0429 2448 SharedAccess - ok
23:41:58.0481 2448 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
23:41:58.0610 2448 ShellHWDetection - ok
23:41:58.0627 2448 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
23:41:58.0662 2448 SiSRaid2 - ok
23:41:58.0682 2448 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
23:41:58.0718 2448 SiSRaid4 - ok
23:41:58.0738 2448 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
23:41:58.0845 2448 Smb - ok
23:41:58.0886 2448 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
23:41:58.0927 2448 SNMPTRAP - ok
23:41:58.0939 2448 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
23:41:58.0973 2448 spldr - ok
23:41:59.0041 2448 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
23:41:59.0192 2448 Spooler - ok
23:41:59.0512 2448 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
23:41:59.0783 2448 sppsvc - ok
23:41:59.0900 2448 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
23:42:00.0027 2448 sppuinotify - ok
23:42:00.0112 2448 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
23:42:00.0177 2448 srv - ok
23:42:00.0239 2448 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
23:42:00.0286 2448 srv2 - ok
23:42:00.0319 2448 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
23:42:00.0365 2448 srvnet - ok
23:42:00.0401 2448 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
23:42:00.0526 2448 SSDPSRV - ok
23:42:00.0551 2448 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
23:42:00.0672 2448 SstpSvc - ok
23:42:00.0705 2448 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
23:42:00.0739 2448 stexstor - ok
23:42:00.0819 2448 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
23:42:00.0904 2448 stisvc - ok
23:42:00.0928 2448 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
23:42:00.0962 2448 swenum - ok
23:42:01.0020 2448 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
23:42:01.0160 2448 swprv - ok
23:42:01.0304 2448 SynTP (02364d8be46a51361b0905736c3f7438) C:\Windows\system32\DRIVERS\SynTP.sys
23:42:01.0416 2448 SynTP - ok
23:42:01.0668 2448 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
23:42:01.0808 2448 SysMain - ok
23:42:01.0903 2448 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
23:42:01.0971 2448 TabletInputService - ok
23:42:02.0016 2448 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
23:42:02.0146 2448 TapiSrv - ok
23:42:02.0172 2448 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
23:42:02.0295 2448 TBS - ok
23:42:02.0496 2448 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
23:42:02.0658 2448 Tcpip - ok
23:42:02.0892 2448 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
23:42:03.0004 2448 TCPIP6 - ok
23:42:03.0105 2448 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
23:42:03.0215 2448 tcpipreg - ok
23:42:03.0248 2448 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
23:42:03.0288 2448 TDPIPE - ok
23:42:03.0313 2448 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
23:42:03.0347 2448 TDTCP - ok
23:42:03.0380 2448 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
23:42:03.0487 2448 tdx - ok
23:42:03.0517 2448 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
23:42:03.0552 2448 TermDD - ok
23:42:03.0633 2448 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
23:42:03.0772 2448 TermService - ok
23:42:03.0792 2448 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
23:42:03.0847 2448 Themes - ok
23:42:03.0878 2448 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
23:42:03.0984 2448 THREADORDER - ok
23:42:04.0015 2448 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
23:42:04.0132 2448 TrkWks - ok
23:42:04.0212 2448 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
23:42:04.0344 2448 TrustedInstaller - ok
23:42:04.0372 2448 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
23:42:04.0474 2448 tssecsrv - ok
23:42:04.0498 2448 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
23:42:04.0543 2448 TsUsbFlt - ok
23:42:04.0558 2448 TsUsbGD (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys
23:42:04.0592 2448 TsUsbGD - ok
23:42:04.0637 2448 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
23:42:04.0746 2448 tunnel - ok
23:42:04.0769 2448 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
23:42:04.0805 2448 uagp35 - ok
23:42:04.0848 2448 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
23:42:04.0964 2448 udfs - ok
23:42:05.0002 2448 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
23:42:05.0045 2448 UI0Detect - ok
23:42:05.0062 2448 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
23:42:05.0098 2448 uliagpkx - ok
23:42:05.0123 2448 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
23:42:05.0161 2448 umbus - ok
23:42:05.0172 2448 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys
23:42:05.0210 2448 UmPass - ok
23:42:05.0256 2448 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
23:42:05.0386 2448 upnphost - ok
23:42:05.0419 2448 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
23:42:05.0469 2448 usbccgp - ok
23:42:05.0492 2448 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
23:42:05.0541 2448 usbcir - ok
23:42:05.0582 2448 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
23:42:05.0619 2448 usbehci - ok
23:42:05.0651 2448 usbfilter (76e2ffad301490ba27b947c6507752fb) C:\Windows\system32\DRIVERS\usbfilter.sys
23:42:05.0682 2448 usbfilter - ok
23:42:05.0742 2448 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
23:42:05.0793 2448 usbhub - ok
23:42:05.0824 2448 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\DRIVERS\usbohci.sys
23:42:05.0858 2448 usbohci - ok
23:42:05.0882 2448 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
23:42:05.0927 2448 usbprint - ok
23:42:05.0961 2448 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
23:42:06.0007 2448 usbscan - ok
23:42:06.0045 2448 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
23:42:06.0082 2448 USBSTOR - ok
23:42:06.0111 2448 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
23:42:06.0147 2448 usbuhci - ok
23:42:06.0185 2448 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\system32\Drivers\usbvideo.sys
23:42:06.0241 2448 usbvideo - ok
23:42:06.0280 2448 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
23:42:06.0387 2448 UxSms - ok
23:42:06.0431 2448 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
23:42:06.0465 2448 VaultSvc - ok
23:42:06.0486 2448 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
23:42:06.0525 2448 vdrvroot - ok
23:42:06.0588 2448 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
23:42:06.0720 2448 vds - ok
23:42:06.0748 2448 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
23:42:06.0792 2448 vga - ok
23:42:06.0816 2448 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
23:42:06.0921 2448 VgaSave - ok
23:42:06.0966 2448 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
23:42:07.0020 2448 vhdmp - ok
23:42:07.0039 2448 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
23:42:07.0073 2448 viaide - ok
23:42:07.0093 2448 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
23:42:07.0128 2448 volmgr - ok
23:42:07.0177 2448 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
23:42:07.0239 2448 volmgrx - ok
23:42:07.0276 2448 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
23:42:07.0324 2448 volsnap - ok
23:42:07.0364 2448 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
23:42:07.0412 2448 vsmraid - ok
23:42:07.0558 2448 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
23:42:07.0736 2448 VSS - ok
23:42:07.0870 2448 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
23:42:07.0922 2448 vwifibus - ok
23:42:07.0939 2448 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
23:42:07.0991 2448 vwififlt - ok
23:42:08.0038 2448 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
23:42:08.0169 2448 W32Time - ok
23:42:08.0199 2448 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
23:42:08.0236 2448 WacomPen - ok
23:42:08.0266 2448 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
23:42:08.0371 2448 WANARP - ok
23:42:08.0381 2448 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
23:42:08.0483 2448 Wanarpv6 - ok
23:42:08.0620 2448 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
23:42:08.0725 2448 wbengine - ok
23:42:08.0812 2448 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
23:42:08.0885 2448 WbioSrvc - ok
23:42:08.0927 2448 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
23:42:09.0005 2448 wcncsvc - ok
23:42:09.0027 2448 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
23:42:09.0065 2448 WcsPlugInService - ok
23:42:09.0085 2448 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
23:42:09.0120 2448 Wd - ok
23:42:09.0199 2448 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
23:42:09.0278 2448 Wdf01000 - ok
23:42:09.0330 2448 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
23:42:09.0408 2448 WdiServiceHost - ok
23:42:09.0417 2448 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
23:42:09.0474 2448 WdiSystemHost - ok
23:42:09.0525 2448 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
23:42:09.0595 2448 WebClient - ok
23:42:09.0628 2448 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
23:42:09.0752 2448 Wecsvc - ok
23:42:09.0777 2448 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
23:42:09.0898 2448 wercplsupport - ok
23:42:09.0924 2448 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
23:42:10.0044 2448 WerSvc - ok
23:42:10.0074 2448 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
23:42:10.0180 2448 WfpLwf - ok
23:42:10.0195 2448 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
23:42:10.0229 2448 WIMMount - ok
23:42:10.0267 2448 WinDefend - ok
23:42:10.0289 2448 WinHttpAutoProxySvc - ok
23:42:10.0368 2448 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
23:42:10.0501 2448 Winmgmt - ok
23:42:10.0701 2448 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
23:42:10.0899 2448 WinRM - ok
23:42:11.0073 2448 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
23:42:11.0171 2448 Wlansvc - ok
23:42:11.0233 2448 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
23:42:11.0264 2448 wlcrasvc - ok
23:42:11.0480 2448 wlidsvc (7e47c328fc4768cb8beafbcfafa70362) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
23:42:11.0664 2448 wlidsvc - ok
23:42:11.0768 2448 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys
23:42:11.0801 2448 WmiAcpi - ok
23:42:11.0873 2448 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
23:42:11.0930 2448 wmiApSrv - ok
23:42:11.0964 2448 WMPNetworkSvc - ok
23:42:12.0002 2448 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
23:42:12.0040 2448 WPCSvc - ok
23:42:12.0068 2448 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
23:42:12.0123 2448 WPDBusEnum - ok
23:42:12.0151 2448 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
23:42:12.0255 2448 ws2ifsl - ok
23:42:12.0289 2448 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll
23:42:12.0354 2448 wscsvc - ok
23:42:12.0365 2448 WSearch - ok
23:42:12.0575 2448 wuauserv (9df12edbc698b0bc353b3ef84861e430) C:\Windows\system32\wuaueng.dll
23:42:12.0803 2448 wuauserv - ok
23:42:12.0926 2448 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
23:42:13.0041 2448 WudfPf - ok
23:42:13.0076 2448 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
23:42:13.0188 2448 WUDFRd - ok
23:42:13.0221 2448 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
23:42:13.0338 2448 wudfsvc - ok
23:42:13.0372 2448 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
23:42:13.0458 2448 WwanSvc - ok
23:42:13.0507 2448 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
23:42:14.0100 2448 \Device\Harddisk0\DR0 - ok
23:42:14.0112 2448 Boot (0x1200) (4c55c7c8406f8445488da0c279a80d68) \Device\Harddisk0\DR0\Partition0
23:42:14.0116 2448 \Device\Harddisk0\DR0\Partition0 - ok
23:42:14.0164 2448 Boot (0x1200) (27fbe250173647bfccf03c6e08bb58f0) \Device\Harddisk0\DR0\Partition1
23:42:14.0169 2448 \Device\Harddisk0\DR0\Partition1 - ok
23:42:14.0171 2448 ============================================================
23:42:14.0171 2448 Scan finished
23:42:14.0171 2448 ============================================================
23:42:14.0203 4312 Detected object count: 1
23:42:14.0203 4312 Actual detected object count: 1
23:42:23.0068 4312 sesvc ( UnsignedFile.Multi.Generic ) - skipped by user
23:42:23.0068 4312 sesvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:42:28.0192 3652 Deinitialize success
|
|
19.06.2012, 08:07
| #10 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Verschlüsselungstrojaner Dann bitte jetzt CF ausführen: ComboFix Ein Leitfaden und Tutorium zur Nutzung von ComboFix
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat! Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie Zitat:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
19.06.2012, 12:09
| #11 |
| | Verschlüsselungstrojaner Lieber Arne, hier die Log-Datei von Combofix: Code:
ATTFilter ComboFix 12-06-19.01 - Judith 19.06.2012 12:29:24.1.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.1771.943 [GMT 2:00]
ausgeführt von:: c:\users\Judith\Downloads\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\FullRemove.exe
.
.
((((((((((((((((((((((( Dateien erstellt von 2012-05-19 bis 2012-06-19 ))))))))))))))))))))))))))))))
.
.
2012-06-19 10:42 . 2012-06-19 10:42 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-06-19 07:07 . 2012-05-31 04:04 9013136 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{A197B95B-84EF-4ED8-BC48-2E0B4478CB06}\mpengine.dll
2012-06-15 20:15 . 2012-06-15 20:15 -------- d-----w- c:\users\Judith\AppData\Roaming\www.shadowexplorer.com
2012-06-15 20:14 . 2012-06-15 20:15 -------- d-----w- c:\program files (x86)\ShadowExplorer
2012-06-15 18:55 . 2012-06-15 18:55 -------- d-----w- c:\program files (x86)\ESET
2012-06-13 13:27 . 2012-04-26 05:41 77312 ----a-w- c:\windows\system32\rdpwsx.dll
2012-06-13 13:27 . 2012-04-26 05:41 149504 ----a-w- c:\windows\system32\rdpcorekmts.dll
2012-06-13 13:27 . 2012-04-26 05:34 9216 ----a-w- c:\windows\system32\rdrmemptylst.exe
2012-06-13 13:27 . 2012-05-01 05:40 209920 ----a-w- c:\windows\system32\profsvc.dll
2012-06-13 13:27 . 2012-04-28 03:55 210944 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-06-13 13:27 . 2012-05-15 01:32 3146752 ----a-w- c:\windows\system32\win32k.sys
2012-06-13 13:27 . 2012-05-04 11:06 5559664 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-06-13 13:27 . 2012-05-04 10:03 3913072 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2012-06-13 13:27 . 2012-05-04 10:03 3968368 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2012-06-13 13:27 . 2012-04-07 12:31 3216384 ----a-w- c:\windows\system32\msi.dll
2012-06-13 13:27 . 2012-04-07 11:26 2342400 ----a-w- c:\windows\SysWow64\msi.dll
2012-06-13 13:26 . 2012-04-24 05:37 1462272 ----a-w- c:\windows\system32\crypt32.dll
2012-06-13 13:26 . 2012-04-24 05:37 184320 ----a-w- c:\windows\system32\cryptsvc.dll
2012-06-13 13:26 . 2012-04-24 05:37 140288 ----a-w- c:\windows\system32\cryptnet.dll
2012-06-13 13:26 . 2012-04-24 04:36 140288 ----a-w- c:\windows\SysWow64\cryptsvc.dll
2012-06-13 13:26 . 2012-04-24 04:36 1158656 ----a-w- c:\windows\SysWow64\crypt32.dll
2012-06-13 13:26 . 2012-04-24 04:36 103936 ----a-w- c:\windows\SysWow64\cryptnet.dll
2012-06-12 18:30 . 2012-06-12 18:30 -------- d-----w- c:\programdata\WinZip
2012-06-12 10:39 . 2012-06-12 10:39 -------- d-----w- c:\users\Judith\AppData\Roaming\Malwarebytes
2012-06-12 10:39 . 2012-06-12 10:39 -------- d-----w- c:\programdata\Malwarebytes
2012-06-12 10:39 . 2012-06-12 10:39 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-06-12 10:39 . 2012-04-04 13:56 24904 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-06-12 08:33 . 2012-06-16 20:41 -------- d-----w- c:\users\Judith\Szsrxdtff
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-05-09 15:43 . 2011-12-03 15:19 98848 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2012-05-09 15:43 . 2011-12-03 15:19 132832 ----a-w- c:\windows\system32\drivers\avipbb.sys
2012-05-08 17:05 . 2012-04-05 10:08 419488 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-05-08 17:05 . 2011-08-29 16:49 70304 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-05-05 07:27 . 2012-04-14 09:04 8744608 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe
2012-04-04 19:36 . 2012-04-04 19:36 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll
2012-03-30 11:35 . 2012-05-11 11:19 1918320 ----a-w- c:\windows\system32\drivers\tcpip.sys
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"SuiteTray"="c:\program files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe" [2010-09-28 340336]
"EgisTecPMMUpdate"="c:\program files (x86)\EgisTec IPS\PmmUpdate.exe" [2010-09-17 407920]
"EgisUpdate"="c:\program files (x86)\EgisTec IPS\EgisUpdate.exe" [2010-09-17 201584]
"LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2011-03-14 1081424]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-01-11 336384]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2012-05-09 348624]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-04-04 462408]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"IsMyWinLockerReboot"="msiexec.exe" [2010-11-21 73216]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Acer VCM.lnk - c:\program files (x86)\Acer\Acer VCM\AcerVCM.exe [2011-4-15 704104]
McAfee Security Scan Plus.lnk - c:\program files (x86)\McAfee Security Scan\3.0.207\SSScheduler.exe [2011-6-17 272528]
PDFCreator.lnk - c:\program files (x86)\PDFCreator\PDFCreator.exe [2012-2-13 2641920]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Google Update-Dienst (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-04-28 116648]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-08 257696]
R3 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-03-01 183560]
R3 EgisTec Ticket Service;EgisTec Ticket Service;c:\program files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe [2010-09-28 172912]
R3 gupdatem;Google Update-Dienst (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-04-28 116648]
R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files (x86)\McAfee Security Scan\3.0.207\McCHSvc.exe [2011-06-17 237008]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-04-27 129976]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\System32\Drivers\RtsUStor.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [x]
S1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\DRIVERS\mwlPSDFilter.sys [x]
S1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\DRIVERS\mwlPSDNServ.sys [x]
S1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\DRIVERS\mwlPSDVDisk.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2012-05-09 86224]
S2 CxAudMsg;Conexant Audio Message Service;c:\windows\system32\CxAudMsg64.exe [x]
S2 DsiWMIService;Dritek WMI Service;c:\program files (x86)\Launch Manager\dsiwmis.exe [2011-03-14 352336]
S2 ePowerSvc;Acer ePower Service;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe [2011-01-28 868224]
S2 GREGService;GREGService;c:\program files (x86)\Acer\Registration\GREGsvc.exe [2010-01-08 23584]
S2 Live Updater Service;Live Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe [2011-01-31 244624]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-04-04 654408]
S2 RS_Service;Raw Socket Service;c:\program files (x86)\Acer\Acer VCM\RS_Service.exe [2010-01-29 260640]
S2 sesvc;ShadowExplorer Service;c:\program files (x86)\ShadowExplorer\sesvc.exe [2011-01-02 9216]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [x]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]
S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [x]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - WS2IFSL
.
Inhalt des "geplante Tasks" Ordners
.
2012-06-19 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-05 17:05]
.
2012-06-19 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-04-28 09:26]
.
2012-06-19 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-04-28 09:26]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Acer ePower Management"="c:\program files\Acer\Acer ePower Management\ePowerTray.exe" [2011-01-28 862088]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.de/
mStart Page = hxxp://acer.msn.com
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Nach Microsoft E&xel exportieren - c:\progra~2\MICROS~4\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.2.1
FF - ProfilePath - c:\users\Judith\AppData\Roaming\Mozilla\Firefox\Profiles\2fbozq77.default\
FF - prefs.js: network.proxy.type - 0
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Toolbar-Locked - (no file)
Wow6432Node-HKCU-Run-Skype - c:\program files (x86)\Skype\Phone\Skype.exe
Toolbar-Locked - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Nico Mak Computing\WinZip]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe
c:\program files (x86)\Launch Manager\LMutilps32.exe
c:\program files (x86)\Microsoft\BingBar\SeaPort.EXE
.
**************************************************************************
.
Zeit der Fertigstellung: 2012-06-19 12:53:00 - PC wurde neu gestartet
ComboFix-quarantined-files.txt 2012-06-19 10:52
.
Vor Suchlauf: 6 Verzeichnis(se), 208.914.722.816 Bytes frei
Nach Suchlauf: 13 Verzeichnis(se), 208.718.200.832 Bytes frei
.
- - End Of File - - D58301776E90A1AB9AABBB17C7974EB5
|
|
19.06.2012, 12:37
| #12 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Verschlüsselungstrojaner Bitte nun Logs mit GMER und OSAM erstellen und posten. GMER stürzt häufiger ab, wenn das Tool auch beim 2. Mal nicht will, lass es einfach weg und führ nur OSAM aus - die Online-Abfrage durch OSAM bitte überspringen. Bei OSAM bitte darauf auch achten, dass Du das Log auch als *.log und nicht *.html oder so abspeicherst. Hinweis: Zum Entpacken von OSAM bitte WinRAR oder 7zip verwenden! Stell auch unbedingt den Virenscanner ab, besonders der Scanner von McAfee meldet oft einen Fehalarm in OSAM! Downloade dir bitte  aswMBR.exe und speichere die Datei auf deinem Desktop.
Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none). Noch ein Hinweis: Sollte aswMBR abstürzen und es kommt eine Meldung wie "aswMBR.exe funktioniert nicht mehr, dann mach Folgendes: Starte aswMBR neu, wähle unten links im Drop-Down-Menü (unten links im Fenster von aswMBR) bei "AV scan" (none) aus und klick nochmal auf den Scan-Button.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
19.06.2012, 21:03
| #13 |
| | Verschlüsselungstrojaner Lieber Arne, habe alles durchgeführt. Hier das Log von GMER: Code:
ATTFilter GMER 1.0.15.15641 - hxxp://www.gmer.net
Rootkit scan 2012-06-19 20:55:03
Windows 6.1.7601 Service Pack 1
Running: dezb9rgn.exe
---- Registry - GMER 1.0.15 ----
Reg HKLM\SYSTEM\CurrentControlSet\Control\Network\{4d36e975-e325-11ce-bfc1-08002be10318}\{2B07FAA1-8217-4E30-B5EC-FD4501E773BB}\Linkage@Route "{1B309225-D5F9-49B7-84DE-D0F555F3BD00}"?"{B4DBC79B-7F68-4266-91F5-64F4CA70DFDA}"?
Reg HKLM\SYSTEM\CurrentControlSet\Control\Network\{4d36e975-e325-11ce-bfc1-08002be10318}\{2B07FAA1-8217-4E30-B5EC-FD4501E773BB}\Linkage@Export \Device\TCPIP6TUNNEL_{1B309225-D5F9-49B7-84DE-D0F555F3BD00}?\Device\TCPIP6TUNNEL_{B4DBC79B-7F68-4266-91F5-64F4CA70DFDA}?
---- EOF - GMER 1.0.15 ----
Code:
ATTFilter Report of OSAM: Autorun Manager v5.0.11926.0 hxxp://www.online-solutions.ru/en/ Saved at 21:33:16 on 19.06.2012 OS: Windows 7 Home Premium Edition Service Pack 1 (Build 7601), 64-bit Default Browser: Mozilla Corporation Firefox 12.0 Scanner Settings [x] Rootkits detection (hidden registry) [x] Rootkits detection (hidden files) [x] Retrieve files information [x] Check Microsoft signatures Filters [ ] Trusted entries [ ] Empty entries [x] Hidden registry entries (rootkit activity) [x] Exclusively opened files [x] Not found files [x] Files without detailed information [x] Existing files [ ] Non-startable services [ ] Non-startable drivers [x] Active entries [x] Disabled entries [Common] -----( %SystemRoot%\Tasks )----- "GoogleUpdateTaskMachineCore.job" - "Google Inc." - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe "GoogleUpdateTaskMachineUA.job" - "Google Inc." - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe "Adobe Flash Player Updater.job" - "Adobe Systems Incorporated" - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [Drivers] -----( HKLM\SYSTEM\CurrentControlSet\Services )----- "avgntflt" (avgntflt) - "Avira GmbH" - C:\Windows\System32\DRIVERS\avgntflt.sys "avipbb" (avipbb) - "Avira GmbH" - C:\Windows\System32\DRIVERS\avipbb.sys "avkmgr" (avkmgr) - "Avira GmbH" - C:\Windows\System32\DRIVERS\avkmgr.sys "catchme" (catchme) - ? - C:\ComboFix\catchme.sys (File not found) "MBAMProtector" (MBAMProtector) - "Malwarebytes Corporation" - C:\Windows\system32\drivers\mbam.sys [Explorer] -----( HKLM\Software\Classes\Folder\shellex\ColumnHandlers )----- {F9DB5320-233E-11D1-9F84-707F02C10627} "PDF Shell Extension" - "Adobe Systems, Inc." - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll -----( HKLM\Software\Classes\Protocols\Filter )----- {807563E5-5146-11D5-A672-00B0D022E945} "Microsoft Office InfoPath XML Mime Filter" - "Microsoft Corporation" - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL -----( HKLM\Software\Classes\Protocols\Handler )----- {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} "Album Download IE Asynchronous Pluggable Protocol Interface" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll {314111c7-a502-11d2-bbca-00c04f8ec294} "HxProtocol Class" - "Microsoft Corporation" - C:\Program Files (x86)\Common Files\Microsoft Shared\Help\hxds.dll {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} "IEProtocolHandler Class" - "Skype Technologies" - C:\Program Files (x86)\Acer\Acer VCM\Skype4COM.dll {03C514A3-1EFB-4856-9F99-10D7BE1653C0} "Windows Live Mail HTML Asynchronous Pluggable Protocol Handler" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )----- {5E2121EE-0300-11D4-8D3B-444553540000} "Catalyst Context Menu extension" - ? - (File not found | COM-object registry key not found) {42042206-2D85-11D3-8CFF-005004838597} "Microsoft Office HTML Icon Handler" - "Microsoft Corporation" - C:\Program Files (x86)\Microsoft Office\Office12\msohevi.dll {993BE281-6695-4BA5-8A2A-7AACBFAAB69E} "Microsoft Office Metadata Handler" - "Microsoft Corporation" - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\msoshext.dll {C41662BB-1FA0-4CE0-8DC5-9B7F8279FF97} "Microsoft Office Thumbnail Handler" - "Microsoft Corporation" - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\msoshext.dll {2BE99FD4-A181-4996-BFA9-58C5FFD11F6C} "Windows Live Photo Gallery Autoplay Drop Target" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe {00F30F64-AC33-42F5-8FD1-5DC2D3FDE06C} "Windows Live Photo Gallery Editor Drop Target" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe {00F3712A-CA79-45B4-9E4D-D7891E7F8B9D} "Windows Live Photo Gallery Editor Shim" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\PhotoViewerShim.dll {00F30F90-3E96-453B-AFCD-D71989ECC2C7} "Windows Live Photo Gallery Viewer Autoplay Shim" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\PhotoViewerShim.dll {00F33137-EE26-412F-8D71-F84E4C2C6625} "Windows Live Photo Gallery Viewer Autoplay Shim" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\PhotoViewerShim.dll {00F374B7-B390-4884-B372-2FC349F2172B} "Windows Live Photo Gallery Viewer Drop Target" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe {00F346CB-35A4-465B-8B8F-65A29DBAB1F6} "Windows Live Photo Gallery Viewer Shim" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\PhotoViewerShim.dll {0563DB41-F538-4B37-A92D-4659049B7766} "WLMD Message Handler" - ? - (File not found | COM-object registry key not found) {06A2568A-CED6-4187-BB20-400B8C02BE5A} "{06A2568A-CED6-4187-BB20-400B8C02BE5A}" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoAcquireWizard.exe [Internet Explorer] -----( HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser )----- ITBar7Height "ITBar7Height" - ? - (File not found | COM-object registry key not found) <binary data> "ITBar7Layout" - ? - (File not found | COM-object registry key not found) -----( HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units )----- {8AD9C840-044E-11D1-B3E9-00805F499D93} "Java Plug-in 1.6.0_31" - "Sun Microsystems, Inc." - C:\Program Files (x86)\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} "Java Plug-in 1.6.0_31" - "Sun Microsystems, Inc." - C:\Program Files (x86)\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} "Java Plug-in 1.6.0_31" - "Sun Microsystems, Inc." - C:\Program Files (x86)\Java\jre6\bin\npjpi160_31.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab -----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions )----- {5F7B1267-94A9-47F5-98DB-E99415F33AEC} "@C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll {FF059E31-CC5A-4E2E-BF3B-96E929D65503} "Research" - "Microsoft Corporation" - C:\PROGRA~2\MICROS~4\Office12\REFIEBAR.DLL -----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar )----- {8dcb7100-df86-4384-8842-8fa844297b3f} "Bing Bar" - "Microsoft Corporation." - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll Locked "Locked" - ? - (File not found | COM-object registry key not found) -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects )----- {18DF081C-E8AD-4283-A596-FA578C2EBDC3} "Adobe PDF Link Helper" - "Adobe Systems Incorporated" - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll {d2ce3e00-f94a-4740-988e-03dc2f38c34f} "Bing Bar Helper" - "Microsoft Corporation." - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll {DBC80044-A445-435b-BC74-9C25C1C588A9} "Java(tm) Plug-In 2 SSV Helper" - "Sun Microsystems, Inc." - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} "Java(tm) Plug-In SSV Helper" - "Sun Microsystems, Inc." - C:\Program Files (x86)\Java\jre6\bin\ssv.dll {27B4851A-3207-45A2-B947-BE8AFE6163AB} "McAfee Phishing Filter" - ? - c:\progra~1\mcafee\msk\mskapbho.dll (File not found) {9030D464-4C02-4ABF-8ECC-5164760863C6} "Windows Live ID Sign-in Helper" - "Microsoft Corp." - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [LSA Providers] -----( HKLM\SYSTEM\CurrentControlSet\Control\Lsa )----- "Security Packages" - "Microsoft Corp." - C:\Windows\system32\livessp.dll [Logon] -----( %APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup )----- "desktop.ini" - ? - C:\Users\Judith\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini -----( %AllUsersProfile%\Microsoft\Windows\Start Menu\Programs\Startup )----- "Acer VCM.lnk" - "Acer Incorporated" - C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe (Shortcut exists | File exists) "desktop.ini" - ? - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini "McAfee Security Scan Plus.lnk" - "McAfee, Inc." - C:\Program Files (x86)\McAfee Security Scan\3.0.207\SSScheduler.exe (Shortcut exists | File exists) "PDFCreator.lnk" - "pdfforge hxxp://www.pdfforge.org/" - C:\Program Files (x86)\PDFCreator\PDFCreator.exe (Shortcut exists | File exists) -----( HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server\Wds\rdpwd )----- "StartupPrograms" - ? - rdpclip (File not found) -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Run )----- "Adobe ARM" - "Adobe Systems Incorporated" - "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "avgnt" - "Avira Operations GmbH & Co. KG" - "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min "EgisTecPMMUpdate" - "Egis Technology Inc." - "C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe" "EgisUpdate" - "Egis Technology Inc." - "C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe" -d "LManager" - "Dritek System Inc." - C:\Program Files (x86)\Launch Manager\LManager.exe "Malwarebytes' Anti-Malware" - "Malwarebytes Corporation" - "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray "StartCCC" - "Advanced Micro Devices, Inc." - "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun "SuiteTray" - "Egis Technology Inc." - "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe" "SunJavaUpdateSched" - "Sun Microsystems, Inc." - "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [Print Monitors] -----( HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors )----- "PDFCreator" - ? - C:\Windows\system32\pdfcmnnt.dll (File found, but it contains no detailed information) [Services] -----( HKLM\SYSTEM\CurrentControlSet\Services )----- "@%ProgramFiles%\Windows Defender\MsMpRes.dll,-103" (WinDefend) - ? - C:\Program Files (x86)\Windows Defender\mpsvc.dll (File not found) "@%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101" (WMPNetworkSvc) - ? - "C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe" (File not found) "@C:\Windows\system32\CxAudMsg64.exe,-100" (CxAudMsg) - "Conexant Systems Inc." - C:\Windows\system32\CxAudMsg64.exe "Acer ePower Service" (ePowerSvc) - "Acer Incorporated" - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe "Adobe Acrobat Update Service" (AdobeARMservice) - "Adobe Systems Incorporated" - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe "Adobe Flash Player Update Service" (AdobeFlashPlayerUpdateSvc) - "Adobe Systems Incorporated" - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe "Avira Echtzeit Scanner" (AntiVirService) - "Avira Operations GmbH & Co. KG" - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe "Avira Planer" (AntiVirSchedulerService) - "Avira Operations GmbH & Co. KG" - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe "Bing Bar Update Service" (BBSvc) - "Microsoft Corporation." - C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE "Dritek WMI Service" (DsiWMIService) - "Dritek System Inc." - C:\Program Files (x86)\Launch Manager\dsiwmis.exe "EgisTec Ticket Service" (EgisTec Ticket Service) - "Egis Technology Inc. " - C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe "Google Update-Dienst (gupdate)" (gupdate) - "Google Inc." - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe "Google Update-Dienst (gupdatem)" (gupdatem) - "Google Inc." - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe "GREGService" (GREGService) - "Acer Incorporated" - C:\Program Files (x86)\Acer\Registration\GREGsvc.exe "Live Updater Service" (Live Updater Service) - "Acer Incorporated" - C:\Program Files\Acer\Acer Updater\UpdaterService.exe "MBAMService" (MBAMService) - "Malwarebytes Corporation" - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe "McAfee Security Scan Component Host Service" (McComponentHostService) - "McAfee, Inc." - C:\Program Files (x86)\McAfee Security Scan\3.0.207\McCHSvc.exe "Microsoft .NET Framework NGEN v4.0.30319_X64" (clr_optimization_v4.0.30319_64) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe "Microsoft .NET Framework NGEN v4.0.30319_X86" (clr_optimization_v4.0.30319_32) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe "Microsoft Office Diagnostics Service" (odserv) - "Microsoft Corporation" - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE "Mozilla Maintenance Service" (MozillaMaintenance) - "Mozilla Foundation" - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe "Office Source Engine" (ose) - "Microsoft Corporation" - C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE "Raw Socket Service" (RS_Service) - "Acer Incorporated" - C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe "SeaPort" (SeaPort) - "Microsoft Corporation" - C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE "ShadowExplorer Service" (sesvc) - "www.shadowexplorer.com" - C:\Program Files (x86)\ShadowExplorer\sesvc.exe "Windows Live ID Sign-in Assistant" (wlidsvc) - "Microsoft Corp." - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [Winsock Providers] -----( HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries )----- "WindowsLive Local NSP" - "Microsoft Corp." - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL "WindowsLive NSP" - "Microsoft Corp." - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL ===[ Logfile end ]=========================================[ Logfile end ]=== If You have questions or want to get some help, You can visit hxxp://forum.online-solutions.ru  Code:
ATTFilter aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-06-19 21:34:06
-----------------------------
21:34:06.962 OS Version: Windows x64 6.1.7601 Service Pack 1
21:34:06.963 Number of processors: 2 586 0x100
21:34:06.965 ComputerName: JUDITH-PC UserName: Judith
21:34:08.399 Initialize success
21:36:01.065 AVAST engine defs: 12061900
21:37:25.263 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
21:37:25.269 Disk 0 Vendor: ST320LT020-9YG142 0001SDM1 Size: 305245MB BusType: 11
21:37:25.305 Disk 0 MBR read successfully
21:37:25.313 Disk 0 MBR scan
21:37:25.325 Disk 0 Windows 7 default MBR code
21:37:25.337 Disk 0 Partition 1 00 27 Hidden NTFS WinRE NTFS 14336 MB offset 2048
21:37:25.369 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 29362176
21:37:25.391 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 290807 MB offset 29566976
21:37:25.441 Disk 0 scanning C:\Windows\system32\drivers
21:37:39.713 Service scanning
21:38:10.685 Modules scanning
21:38:10.708 Disk 0 trace - called modules:
21:38:10.762 ntoskrnl.exe CLASSPNP.SYS disk.sys ataport.SYS PCIIDEX.SYS hal.dll msahci.sys
21:38:10.779 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8002453060]
21:38:10.794 3 CLASSPNP.SYS[fffff880019a643f] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa8001f47500]
21:38:11.825 AVAST engine scan C:\Windows
21:38:16.068 AVAST engine scan C:\Windows\system32
21:43:34.594 AVAST engine scan C:\Windows\system32\drivers
21:43:58.936 AVAST engine scan C:\Users\Judith
21:46:25.394 Disk 0 MBR has been saved successfully to "C:\Users\Judith\Desktop\MBR.dat"
21:46:25.421 The log file has been saved successfully to "C:\Users\Judith\Desktop\aswMBR.txt"
aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-06-19 21:47:20
-----------------------------
21:47:20.694 OS Version: Windows x64 6.1.7601 Service Pack 1
21:47:20.694 Number of processors: 2 586 0x100
21:47:20.697 ComputerName: JUDITH-PC UserName: Judith
21:47:24.695 Initialize success
21:47:38.376 AVAST engine defs: 12061900
21:47:47.064 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
21:47:47.071 Disk 0 Vendor: ST320LT020-9YG142 0001SDM1 Size: 305245MB BusType: 11
21:47:47.114 Disk 0 MBR read successfully
21:47:47.121 Disk 0 MBR scan
21:47:47.133 Disk 0 Windows 7 default MBR code
21:47:47.145 Disk 0 Partition 1 00 27 Hidden NTFS WinRE NTFS 14336 MB offset 2048
21:47:47.177 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 29362176
21:47:47.200 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 290807 MB offset 29566976
21:47:47.251 Disk 0 scanning C:\Windows\system32\drivers
21:48:07.646 Service scanning
21:48:38.033 Modules scanning
21:48:38.054 Disk 0 trace - called modules:
21:48:38.088 ntoskrnl.exe CLASSPNP.SYS disk.sys ataport.SYS PCIIDEX.SYS hal.dll msahci.sys
21:48:38.104 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8002453060]
21:48:38.121 3 CLASSPNP.SYS[fffff880019a643f] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa8001f47500]
21:48:46.019 AVAST engine scan C:\Windows
21:48:58.522 AVAST engine scan C:\Windows\system32
21:54:12.752 AVAST engine scan C:\Windows\system32\drivers
21:54:31.141 AVAST engine scan C:\Users\Judith
22:00:13.360 Disk 0 MBR has been saved successfully to "C:\Users\Judith\Desktop\MBR.dat"
22:00:13.389 The log file has been saved successfully to "C:\Users\Judith\Desktop\aswMBR.txt"
Judith |
|
20.06.2012, 10:59
| #14 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Verschlüsselungstrojaner Sieht ok aus. Wir sollten fast durch sein. Mach bitte zur Kontrolle Vollscans mit Malwarebytes und SUPERAntiSpyware und poste die Logs. Denk dran beide Tools zu updaten vor dem Scan!!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
20.06.2012, 21:59
| #15 |
| | Verschlüsselungstrojaner Hier die Log von SuperAntiSpyware: Code:
ATTFilter SUPERAntiSpyware Scan Log
hxxp://www.superantispyware.com
Generated 06/20/2012 at 08:24 PM
Application Version : 5.0.1150
Core Rules Database Version : 8764
Trace Rules Database Version: 6576
Scan type : Complete Scan
Total Scan Time : 02:57:32
Operating System Information
Windows 7 Home Premium 64-bit, Service Pack 1 (Build 6.01.7601)
UAC On - Limited User
Memory items scanned : 565
Memory threats detected : 0
Registry items scanned : 65357
Registry threats detected : 0
File items scanned : 145525
File threats detected : 501
Adware.Tracking Cookie
C:\Users\Judith\AppData\Roaming\Microsoft\Windows\Cookies\F9ZY8VAO.txt [ /atdmt.com ]
C:\Users\Judith\AppData\Roaming\Microsoft\Windows\Cookies\353RVZJY.txt [ /smartadserver.com ]
C:\Users\Judith\AppData\Roaming\Microsoft\Windows\Cookies\2AETUTIL.txt [ /partypoker.com ]
C:\Users\Judith\AppData\Roaming\Microsoft\Windows\Cookies\04P5RCNL.txt [ /track.adform.net ]
C:\Users\Judith\AppData\Roaming\Microsoft\Windows\Cookies\LUBLW34I.txt [ /tracking.quisma.com ]
C:\Users\Judith\AppData\Roaming\Microsoft\Windows\Cookies\9YZCIPQL.txt [ /mediaplex.com ]
C:\Users\Judith\AppData\Roaming\Microsoft\Windows\Cookies\KQQEE1CF.txt [ /ad.zanox.com ]
C:\Users\Judith\AppData\Roaming\Microsoft\Windows\Cookies\RK48X4UJ.txt [ /dyntracker.com ]
C:\Users\Judith\AppData\Roaming\Microsoft\Windows\Cookies\0C5UZ39R.txt [ /apmebf.com ]
C:\Users\Judith\AppData\Roaming\Microsoft\Windows\Cookies\T8GS3AUM.txt [ /adform.net ]
C:\Users\Judith\AppData\Roaming\Microsoft\Windows\Cookies\4JK3LS2J.txt [ /zanox.com ]
C:\Users\Judith\AppData\Roaming\Microsoft\Windows\Cookies\QV1E02AE.txt [ /fastclick.net ]
C:\USERS\JUDITH\AppData\Roaming\Microsoft\Windows\Cookies\Low\IU3JG3EB.txt [ Cookie:judith@atdmt.com/ ]
C:\USERS\JUDITH\AppData\Roaming\Microsoft\Windows\Cookies\Low\HXI9O6IV.txt [ Cookie:judith@tradedoubler.com/ ]
C:\USERS\JUDITH\AppData\Roaming\Microsoft\Windows\Cookies\Low\6YSF6F25.txt [ Cookie:judith@accounts.google.com/ ]
C:\USERS\JUDITH\AppData\Roaming\Microsoft\Windows\Cookies\Low\MX5NS1Q2.txt [ Cookie:judith@de.partypoker.com/ ]
C:\USERS\JUDITH\AppData\Roaming\Microsoft\Windows\Cookies\Low\Q2RKKILE.txt [ Cookie:judith@partypoker.com/ ]
C:\USERS\JUDITH\AppData\Roaming\Microsoft\Windows\Cookies\Low\43XMBAOW.txt [ Cookie:judith@adviva.net/ ]
C:\USERS\JUDITH\AppData\Roaming\Microsoft\Windows\Cookies\Low\FYK3K9I2.txt [ Cookie:judith@track.adform.net/ ]
C:\USERS\JUDITH\AppData\Roaming\Microsoft\Windows\Cookies\Low\V3J5P9RZ.txt [ Cookie:judith@zanox-affiliate.de/ ]
C:\USERS\JUDITH\AppData\Roaming\Microsoft\Windows\Cookies\Low\GC2ACXNA.txt [ Cookie:judith@tracking.quisma.com/ ]
C:\USERS\JUDITH\AppData\Roaming\Microsoft\Windows\Cookies\Low\C6R88UDF.txt [ Cookie:judith@germanwings.112.2o7.net/ ]
C:\USERS\JUDITH\AppData\Roaming\Microsoft\Windows\Cookies\Low\D99UDNA4.txt [ Cookie:judith@invitemedia.com/ ]
C:\USERS\JUDITH\AppData\Roaming\Microsoft\Windows\Cookies\Low\1A8WRI2A.txt [ Cookie:judith@adserver2.clipkit.de/ ]
C:\USERS\JUDITH\AppData\Roaming\Microsoft\Windows\Cookies\Low\DQE2FCLE.txt [ Cookie:judith@www.ad-track.de/ ]
C:\USERS\JUDITH\AppData\Roaming\Microsoft\Windows\Cookies\Low\BA1QUI9J.txt [ Cookie:judith@ad.zanox.com/ ]
C:\USERS\JUDITH\AppData\Roaming\Microsoft\Windows\Cookies\Low\KV13C6RB.txt [ Cookie:judith@questionmarket.com/ ]
C:\USERS\JUDITH\AppData\Roaming\Microsoft\Windows\Cookies\Low\5ZH8Q55M.txt [ Cookie:judith@apmebf.com/ ]
C:\USERS\JUDITH\AppData\Roaming\Microsoft\Windows\Cookies\Low\2W3ADY3Y.txt [ Cookie:judith@www.etracker.de/ ]
C:\USERS\JUDITH\AppData\Roaming\Microsoft\Windows\Cookies\Low\FQBX12ZQ.txt [ Cookie:judith@ad.yieldmanager.com/ ]
C:\USERS\JUDITH\AppData\Roaming\Microsoft\Windows\Cookies\Low\judith@microsoftwindows.112.2o7[1].txt [ Cookie:judith@microsoftwindows.112.2o7.net/ ]
C:\USERS\JUDITH\AppData\Roaming\Microsoft\Windows\Cookies\Low\FN84VOKQ.txt [ Cookie:judith@adform.net/ ]
C:\USERS\JUDITH\AppData\Roaming\Microsoft\Windows\Cookies\Low\65CVETQF.txt [ Cookie:judith@content.yieldmanager.com/ ]
C:\USERS\JUDITH\AppData\Roaming\Microsoft\Windows\Cookies\Low\GJHA8MV8.txt [ Cookie:judith@zedo.com/ ]
C:\USERS\JUDITH\AppData\Roaming\Microsoft\Windows\Cookies\Low\DXXF2K3Y.txt [ Cookie:judith@studivz.adfarm1.adition.com/ ]
C:\USERS\JUDITH\AppData\Roaming\Microsoft\Windows\Cookies\Low\judith@a.revenuemax[1].txt [ Cookie:judith@a.revenuemax.de/ ]
C:\USERS\JUDITH\AppData\Roaming\Microsoft\Windows\Cookies\Low\judith@www.mediamarkt[1].txt [ Cookie:judith@www.mediamarkt.de/ ]
C:\USERS\JUDITH\AppData\Roaming\Microsoft\Windows\Cookies\Low\R2O6CNHH.txt [ Cookie:judith@ad3.adfarm1.adition.com/ ]
C:\USERS\JUDITH\AppData\Roaming\Microsoft\Windows\Cookies\Low\B44TQ4WC.txt [ Cookie:judith@tracking.mindshare.de/ ]
C:\USERS\JUDITH\AppData\Roaming\Microsoft\Windows\Cookies\Low\7QH8AK2J.txt [ Cookie:judith@de.sitestat.com/ing-diba/de/ ]
C:\USERS\JUDITH\AppData\Roaming\Microsoft\Windows\Cookies\Low\W77XX0TL.txt [ Cookie:judith@doubleclick.net/ ]
C:\USERS\JUDITH\AppData\Roaming\Microsoft\Windows\Cookies\Low\KRCQGGAJ.txt [ Cookie:judith@eyewonder.com/ ]
C:\USERS\JUDITH\AppData\Roaming\Microsoft\Windows\Cookies\Low\MGL9QHCF.txt [ Cookie:judith@zanox.com/ ]
C:\USERS\JUDITH\AppData\Roaming\Microsoft\Windows\Cookies\Low\O8I1II06.txt [ Cookie:judith@amazon-adsystem.com/ ]
C:\USERS\JUDITH\AppData\Roaming\Microsoft\Windows\Cookies\Low\197F6FKQ.txt [ Cookie:judith@ad1.adfarm1.adition.com/ ]
C:\USERS\JUDITH\AppData\Roaming\Microsoft\Windows\Cookies\Low\JU6VKZ6C.txt [ Cookie:judith@www.usenext.de/ ]
C:\USERS\JUDITH\AppData\Roaming\Microsoft\Windows\Cookies\Low\3GB555CF.txt [ Cookie:judith@in.getclicky.com/ ]
C:\USERS\JUDITH\AppData\Roaming\Microsoft\Windows\Cookies\Low\0ZA1GBQC.txt [ Cookie:judith@c.atdmt.com/ ]
C:\USERS\JUDITH\AppData\Roaming\Microsoft\Windows\Cookies\Low\ZGOOBI99.txt [ Cookie:judith@www.burstnet.com/ ]
C:\USERS\JUDITH\AppData\Roaming\Microsoft\Windows\Cookies\Low\KDO1CZ5D.txt [ Cookie:judith@webmasterplan.com/ ]
C:\USERS\JUDITH\AppData\Roaming\Microsoft\Windows\Cookies\Low\WTQMX5MD.txt [ Cookie:judith@traffictrack.de/ ]
C:\USERS\JUDITH\AppData\Roaming\Microsoft\Windows\Cookies\Low\WYWJF2JK.txt [ Cookie:judith@www.googleadservices.com/pagead/conversion/1052039368/ ]
C:\USERS\JUDITH\AppData\Roaming\Microsoft\Windows\Cookies\Low\SOLP7AU1.txt [ Cookie:judith@adfarm1.adition.com/ ]
C:\USERS\JUDITH\AppData\Roaming\Microsoft\Windows\Cookies\Low\MHOJHGRN.txt [ Cookie:judith@ad4.adfarm1.adition.com/ ]
C:\USERS\JUDITH\AppData\Roaming\Microsoft\Windows\Cookies\Low\RQ0RWELN.txt [ Cookie:judith@eas.apm.emediate.eu/ ]
C:\USERS\JUDITH\AppData\Roaming\Microsoft\Windows\Cookies\Low\N7JFT6LT.txt [ Cookie:judith@advertising.com/ ]
C:\USERS\JUDITH\AppData\Roaming\Microsoft\Windows\Cookies\Low\QRRNP675.txt [ Cookie:judith@stats.justhost.com/ ]
C:\USERS\JUDITH\AppData\Roaming\Microsoft\Windows\Cookies\Low\8KR2G4BO.txt [ Cookie:judith@rts.pgmediaserve.com/ ]
C:\USERS\JUDITH\AppData\Roaming\Microsoft\Windows\Cookies\Low\QLJY9FVD.txt [ Cookie:judith@de.sitestat.com/is24/is24/ ]
C:\USERS\JUDITH\AppData\Roaming\Microsoft\Windows\Cookies\Low\9OSUH4MQ.txt [ Cookie:judith@clickfuse.com/ ]
C:\USERS\JUDITH\AppData\Roaming\Microsoft\Windows\Cookies\Low\A2PIQOXB.txt [ Cookie:judith@ru4.com/ ]
C:\USERS\JUDITH\AppData\Roaming\Microsoft\Windows\Cookies\Low\JG035XGF.txt [ Cookie:judith@fastclick.net/ ]
C:\USERS\JUDITH\AppData\Roaming\Microsoft\Windows\Cookies\Low\QYLZBSNL.txt [ Cookie:judith@tracking.hostgator.com/ ]
C:\USERS\JUDITH\AppData\Roaming\Microsoft\Windows\Cookies\Low\LGIR845Z.txt [ Cookie:judith@www.googleadservices.com/pagead/conversion/1070482875/ ]
C:\USERS\JUDITH\AppData\Roaming\Microsoft\Windows\Cookies\Low\ES9OID9A.txt [ Cookie:judith@track.webtrekk.net/523478367474333/ ]
C:\USERS\JUDITH\AppData\Roaming\Microsoft\Windows\Cookies\Low\B7P1WNBE.txt [ Cookie:judith@edates.traffective-tracking.com/ ]
C:\USERS\JUDITH\AppData\Roaming\Microsoft\Windows\Cookies\Low\HUQMUIAQ.txt [ Cookie:judith@mmotraffic.com/ ]
C:\USERS\JUDITH\AppData\Roaming\Microsoft\Windows\Cookies\Low\POJVLKL6.txt [ Cookie:judith@adtech.de/ ]
C:\USERS\JUDITH\AppData\Roaming\Microsoft\Windows\Cookies\Low\GOVQMLFA.txt [ Cookie:judith@www.googleadservices.com/pagead/conversion/1007229786/ ]
C:\USERS\JUDITH\AppData\Roaming\Microsoft\Windows\Cookies\Low\9J7VRW0L.txt [ Cookie:judith@azjmp.com/ ]
C:\USERS\JUDITH\AppData\Roaming\Microsoft\Windows\Cookies\Low\IPI6WU7L.txt [ Cookie:judith@fr.sitestat.com/eurosport/ ]
C:\USERS\JUDITH\AppData\Roaming\Microsoft\Windows\Cookies\Low\U8BRY40N.txt [ Cookie:judith@revsci.net/ ]
C:\USERS\JUDITH\AppData\Roaming\Microsoft\Windows\Cookies\Low\AQ3PXXL0.txt [ Cookie:judith@casalemedia.com/ ]
C:\USERS\JUDITH\AppData\Roaming\Microsoft\Windows\Cookies\Low\MWD2A3ZX.txt [ Cookie:judith@specificclick.net/ ]
C:\USERS\JUDITH\AppData\Roaming\Microsoft\Windows\Cookies\Low\XOIQWW1Q.txt [ Cookie:judith@trackalyzer.com/ ]
C:\USERS\JUDITH\AppData\Roaming\Microsoft\Windows\Cookies\Low\FB5YW1JY.txt [ Cookie:judith@track.effiliation.com/servlet/ ]
C:\USERS\JUDITH\AppData\Roaming\Microsoft\Windows\Cookies\Low\DWVPT3D2.txt [ Cookie:judith@nl.sitestat.com/elsevier/elsevier-com/ ]
C:\USERS\JUDITH\AppData\Roaming\Microsoft\Windows\Cookies\Low\9PHI1T0S.txt [ Cookie:judith@elitepartner.de/ ]
C:\USERS\JUDITH\AppData\Roaming\Microsoft\Windows\Cookies\Low\ZH12BOTI.txt [ Cookie:judith@t2.trackalyzer.com/ ]
C:\USERS\JUDITH\AppData\Roaming\Microsoft\Windows\Cookies\Low\CUR959ZS.txt [ Cookie:judith@photobox.112.2o7.net/ ]
C:\USERS\JUDITH\AppData\Roaming\Microsoft\Windows\Cookies\Low\DDN0GXCM.txt [ Cookie:judith@im.banner.t-online.de/ ]
C:\USERS\JUDITH\AppData\Roaming\Microsoft\Windows\Cookies\Low\PD9DH7GW.txt [ Cookie:judith@yadro.ru/ ]
C:\USERS\JUDITH\AppData\Roaming\Microsoft\Windows\Cookies\Low\PBVCD1N1.txt [ Cookie:judith@ad.adnet.de/ ]
C:\USERS\JUDITH\AppData\Roaming\Microsoft\Windows\Cookies\Low\7PSER7R0.txt [ Cookie:judith@2o7.net/ ]
C:\USERS\JUDITH\AppData\Roaming\Microsoft\Windows\Cookies\Low\A1GXQXNJ.txt [ Cookie:judith@yieldmanager.net/ ]
C:\USERS\JUDITH\Cookies\F9ZY8VAO.txt [ Cookie:judith@atdmt.com/ ]
C:\USERS\JUDITH\Cookies\2AETUTIL.txt [ Cookie:judith@partypoker.com/ ]
C:\USERS\JUDITH\Cookies\04P5RCNL.txt [ Cookie:judith@track.adform.net/ ]
C:\USERS\JUDITH\Cookies\LUBLW34I.txt [ Cookie:judith@tracking.quisma.com/ ]
C:\USERS\JUDITH\Cookies\KQQEE1CF.txt [ Cookie:judith@ad.zanox.com/ ]
C:\USERS\JUDITH\Cookies\RK48X4UJ.txt [ Cookie:judith@dyntracker.com/ ]
C:\USERS\JUDITH\Cookies\0C5UZ39R.txt [ Cookie:judith@apmebf.com/ ]
C:\USERS\JUDITH\Cookies\T8GS3AUM.txt [ Cookie:judith@adform.net/ ]
C:\USERS\JUDITH\Cookies\4JK3LS2J.txt [ Cookie:judith@zanox.com/ ]
C:\USERS\JUDITH\Cookies\QV1E02AE.txt [ Cookie:judith@fastclick.net/ ]
delivery.ibanner.de [ C:\USERS\JUDITH\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\U42VJ9JX ]
http-s3.videoservices.netzathleten-media.de [ C:\USERS\JUDITH\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\U42VJ9JX ]
ia.media-imdb.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\U42VJ9JX ]
imagesrv.adition.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\U42VJ9JX ]
media.mtvnservices.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\U42VJ9JX ]
media1.break.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\U42VJ9JX ]
media3.break.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\U42VJ9JX ]
s0.2mdn.net [ C:\USERS\JUDITH\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\U42VJ9JX ]
secure-it.imrworldwide.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\U42VJ9JX ]
secure-us.imrworldwide.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\U42VJ9JX ]
www.elitepartner.de [ C:\USERS\JUDITH\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\U42VJ9JX ]
C:\USERS\JUDITH\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\JUDITH@TRACKING.DC-STORM[2].TXT [ /TRACKING.DC-STORM ]
.a.revenuemax.de [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.tracking.dc-storm.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.tracking.dc-storm.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
nl.sitestat.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.xiti.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.atdmt.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.amazon-adsystem.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.amazon-adsystem.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.adxvalue.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.adxvalue.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.adxvalue.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.adxvalue.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.histats.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.histats.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
track.effiliation.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
eas.apm.emediate.eu [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.apmebf.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.mediaplex.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.imrworldwide.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
tradefx.advertserve.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
tracking.sim-technik.de [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.specificclick.net [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.apmebf.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
counter.hitslink.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.c1.atdmt.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
eas.apm.emediate.eu [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
zbox.zanox.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
e2.emediate.se [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.guj.122.2o7.net [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.zedo.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.ibanner.de [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.zedo.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.ero-advertising.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.ero-advertising.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.clicksor.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.clicksor.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.ad.adnet.de [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.clickfuse.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.doubleclick.net [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.adserver.adtechus.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.technoratimedia.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.elitepartner.de [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.elitepartner.de [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
www.elitepartner.de [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
www.elitepartner.de [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
www.elitepartner-akademie.de [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
www.elitepartner-akademie.de [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
track.effiliation.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
www.openisbn.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.mm.chitika.net [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
tracking.tchibo.de [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.eyewonder.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.eyewonder.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.adxvalue.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.elitepartner.de [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.tracking.quisma.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
tracking.quisma.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
tracking.quisma.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
tracking.quisma.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.doubleclick.net [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.gostats.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.imrworldwide.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
adserver.doccheck.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.yieldmanager.net [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.adxvalue.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
ad.zanox.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.adxvalue.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.adbrite.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.lfstmedia.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.lfstmedia.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.mediafire.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.mediafire.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.mediafire.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
www.openisbn.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
www.openisbn.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
www.openisbn.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
www.openisbn.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
www.openisbn.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
www.openisbn.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
www.openisbn.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
www.openisbn.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.ad.adnet.de [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
server.adform.net [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.im.banner.t-online.de [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
clicks.pangora.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
clicks.pangora.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
flagcounter.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.elitepartner.de [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.burstnet.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.tracking.quisma.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
static.freewebs.getclicky.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.tacoda.at.atwola.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.tacoda.at.atwola.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.at.atwola.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.tacoda.at.atwola.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.advertising.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.advertising.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.ar.atwola.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.accounts.google.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.accounts.google.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
s2.trafficmaxx.de [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
eas.apm.emediate.eu [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.im.banner.t-online.de [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
media.gan-online.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.yadro.ru [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
server.adform.net [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
mediathek.daserste.de [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.ru4.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.ru4.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.lucidmedia.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
fl01.ct2.comclick.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
fl01.ct2.comclick.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.elitepartner.de [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.apmebf.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.statcounter.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
eas.apm.emediate.eu [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.tracking.quisma.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.unister-adservices.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.atdmt.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.c.atdmt.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.c.atdmt.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.tracking.quisma.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.eyewonder.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.eyewonder.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.unister-adservices.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.unister-adservices.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
track.adform.net [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
tracking.dc-storm.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
tracking.dc-storm.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.bs.serving-sys.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
accounts.youtube.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.www.burstnet.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
tomtailor.dyntracker.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.elitepartner.de [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.elitepartner.de [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
counters.gigya.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.questionmarket.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
eas.apm.emediate.eu [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
tracking.quisma.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
tracking.quisma.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.tracking.quisma.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
www.burstnet.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
statse.webtrendslive.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.247realmedia.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.at.atwola.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.doubleclick.net [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.beiersdorf.122.2o7.net [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
eas.apm.emediate.eu [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.traffictrack.de [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.elitepartner.de [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.questionmarket.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
ww251.smartadserver.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.fastclick.net [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.elitepartner.de [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.unister-adservices.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.unister-adservices.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
ad4.adfarm1.adition.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
ad.dyntracker.de [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
www.zanox-affiliate.de [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.ad.adnet.de [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.ad.adnet.de [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.adviva.net [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.tribalfusion.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
mediathek.daserste.de [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.bs.serving-sys.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
adfarm1.adition.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.zanox-affiliate.de [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
ad.dyntracker.de [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
accounts.youtube.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
accounts.google.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.adform.net [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.elitepartner.de [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
ad1.adfarm1.adition.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.zanox.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
adx.chip.de [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
adx.chip.de [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
adx.chip.de [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
adx.chip.de [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
adx.chip.de [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
adx.chip.de [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
adx.chip.de [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.mediaplex.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
www.elitepartner.de [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
ad.zanox.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.advertising.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.advertising.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.kontera.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.adbrite.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
server.adformdsp.net [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
server.adformdsp.net [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.adformdsp.net [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
ad3.adfarm1.adition.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
track.adform.net [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.adform.net [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.adform.net [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.elitepartner.de [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.doubleclick.net [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.elitepartner.de [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.elitepartner.de [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.elitepartner.de [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.www.elitepartner.de [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
ad2.adfarm1.adition.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
Code:
ATTFilter Malwarebytes Anti-Malware (Test) 1.61.0.1400 www.malwarebytes.org Datenbank Version: v2012.06.20.03 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 Judith :: JUDITH-PC [Administrator] Schutz: Aktiviert 20.06.2012 14:41:03 mbam-log-2012-06-20 (14-41-03).txt Art des Suchlaufs: Vollständiger Suchlauf Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 348941 Laufzeit: 2 Stunde(n), 19 Minute(n), 59 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) |
|
| Themen zu Verschlüsselungstrojaner |
| antivir, bildschirm, blockiert, computer, dateien, desktop, dringend, e-mail, email, fehlermeldung, formatieren, infiziert., keine viren, namen, neue, ordner, programm, programme, schwarzer bildschirm, security, senden, task-manager, update, viren, virus, windows |
Textbox von OTL - wenn OTL auf deutsch ist wird sie mit 
beschriftet
.
Linear-Darstellung
