| |
| |||||||
Log-Analyse und Auswertung: Fehlermeldung beim Neustart C:\ Users\User\AppData\Local\Temp\wgsdgsdgdsgsd.exeWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
17.10.2012, 21:48
| #31 |
 |  Fehlermeldung beim Neustart C:\ Users\User\AppData\Local\Temp\wgsdgsdgdsgsd.exe Hab sie gelöscht |
|
17.10.2012, 22:03
| #32 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Fehlermeldung beim Neustart C:\ Users\User\AppData\Local\Temp\wgsdgsdgdsgsd.exe Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten Anleitung und Downloadlink hier => http://www.trojaner-board.de/82358-t...entfernen.html
__________________Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm! Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet, Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten. Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition ( meistens Laufwerk C: ) nach, da speichert der TDSS-Killer seine Logs. Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten! 
__________________ |
|
17.10.2012, 22:21
| #33 |
| | Fehlermeldung beim Neustart C:\ Users\User\AppData\Local\Temp\wgsdgsdgdsgsd.exe Kaspersky Log:
__________________Code:
ATTFilter 23:18:42.0925 2332 TDSS rootkit removing tool 2.8.13.0 Oct 12 2012 17:26:47
23:18:43.0113 2332 ============================================================
23:18:43.0113 2332 Current date / time: 2012/10/17 23:18:43.0113
23:18:43.0113 2332 SystemInfo:
23:18:43.0113 2332
23:18:43.0113 2332 OS Version: 6.1.7601 ServicePack: 1.0
23:18:43.0113 2332 Product type: Workstation
23:18:43.0113 2332 ComputerName: NATALIE-HP
23:18:43.0113 2332 UserName: Natalie
23:18:43.0113 2332 Windows directory: C:\Windows
23:18:43.0113 2332 System windows directory: C:\Windows
23:18:43.0113 2332 Running under WOW64
23:18:43.0113 2332 Processor architecture: Intel x64
23:18:43.0113 2332 Number of processors: 2
23:18:43.0113 2332 Page size: 0x1000
23:18:43.0113 2332 Boot type: Normal boot
23:18:43.0113 2332 ============================================================
23:18:44.0860 2332 BG loaded
23:18:45.0375 2332 Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
23:18:45.0390 2332 ============================================================
23:18:45.0390 2332 \Device\Harddisk0\DR0:
23:18:45.0390 2332 MBR partitions:
23:18:45.0390 2332 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800
23:18:45.0390 2332 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x48098800
23:18:45.0390 2332 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x480FC800, BlocksNum 0x1F6B800
23:18:45.0390 2332 \Device\Harddisk0\DR0\Partition4: MBR, Type 0xC, StartLBA 0x4A068000, BlocksNum 0x7EFAB0
23:18:45.0390 2332 ============================================================
23:18:45.0421 2332 C: <-> \Device\Harddisk0\DR0\Partition2
23:18:45.0453 2332 D: <-> \Device\Harddisk0\DR0\Partition3
23:18:45.0468 2332 E: <-> \Device\Harddisk0\DR0\Partition4
23:18:45.0468 2332 ============================================================
23:18:45.0468 2332 Initialize success
23:18:45.0468 2332 ============================================================
|
|
18.10.2012, 09:26
| #34 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Fehlermeldung beim Neustart C:\ Users\User\AppData\Local\Temp\wgsdgsdgdsgsd.exe Log wurde falsch erstellt, bitte nochmal richtig machen
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
18.10.2012, 16:52
| #35 |
| | Fehlermeldung beim Neustart C:\ Users\User\AppData\Local\Temp\wgsdgsdgdsgsd.exe Log Kaspersky Part 1 Musste den Log aufteilen da die Zeichen begrenzt sind. Code:
ATTFilter 17:44:02.0217 3628 TDSS rootkit removing tool 2.8.13.0 Oct 12 2012 17:26:47
17:44:02.0337 3628 ============================================================
17:44:02.0337 3628 Current date / time: 2012/10/18 17:44:02.0337
17:44:02.0337 3628 SystemInfo:
17:44:02.0337 3628
17:44:02.0337 3628 OS Version: 6.1.7601 ServicePack: 1.0
17:44:02.0337 3628 Product type: Workstation
17:44:02.0337 3628 ComputerName: NATALIE-HP
17:44:02.0337 3628 UserName: Natalie
17:44:02.0337 3628 Windows directory: C:\Windows
17:44:02.0337 3628 System windows directory: C:\Windows
17:44:02.0337 3628 Running under WOW64
17:44:02.0337 3628 Processor architecture: Intel x64
17:44:02.0337 3628 Number of processors: 2
17:44:02.0337 3628 Page size: 0x1000
17:44:02.0337 3628 Boot type: Normal boot
17:44:02.0337 3628 ============================================================
17:44:03.0807 3628 Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:44:03.0807 3628 ============================================================
17:44:03.0807 3628 \Device\Harddisk0\DR0:
17:44:03.0807 3628 MBR partitions:
17:44:03.0807 3628 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800
17:44:03.0807 3628 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x48098800
17:44:03.0807 3628 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x480FC800, BlocksNum 0x1F6B800
17:44:03.0807 3628 \Device\Harddisk0\DR0\Partition4: MBR, Type 0xC, StartLBA 0x4A068000, BlocksNum 0x7EFAB0
17:44:03.0807 3628 ============================================================
17:44:03.0827 3628 C: <-> \Device\Harddisk0\DR0\Partition2
17:44:03.0867 3628 D: <-> \Device\Harddisk0\DR0\Partition3
17:44:03.0877 3628 E: <-> \Device\Harddisk0\DR0\Partition4
17:44:03.0877 3628 ============================================================
17:44:03.0877 3628 Initialize success
17:44:03.0877 3628 ============================================================
17:45:13.0347 6840 ============================================================
17:45:13.0347 6840 Scan started
17:45:13.0347 6840 Mode: Manual; SigCheck; TDLFS;
17:45:13.0347 6840 ============================================================
17:45:17.0177 6840 ================ Scan system memory ========================
17:45:17.0177 6840 System memory - ok
17:45:17.0177 6840 ================ Scan services =============================
17:45:17.0487 6840 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
17:45:17.0657 6840 1394ohci - ok
17:45:17.0677 6840 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
17:45:17.0697 6840 ACPI - ok
17:45:17.0737 6840 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
17:45:17.0857 6840 AcpiPmi - ok
17:45:17.0987 6840 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
17:45:17.0997 6840 AdobeARMservice - ok
17:45:18.0147 6840 [ 44C00A385CA9DBC1D5CF3781F8C26AEA ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
17:45:18.0167 6840 AdobeFlashPlayerUpdateSvc - ok
17:45:18.0227 6840 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
17:45:18.0247 6840 adp94xx - ok
17:45:18.0287 6840 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
17:45:18.0307 6840 adpahci - ok
17:45:18.0377 6840 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
17:45:18.0387 6840 adpu320 - ok
17:45:18.0427 6840 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
17:45:18.0617 6840 AeLookupSvc - ok
17:45:18.0757 6840 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
17:45:18.0817 6840 AFD - ok
17:45:18.0857 6840 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
17:45:18.0877 6840 agp440 - ok
17:45:18.0907 6840 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
17:45:19.0007 6840 ALG - ok
17:45:19.0127 6840 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
17:45:19.0137 6840 aliide - ok
17:45:19.0207 6840 [ 715B02B892C5BA46471EFC8DCD2AE934 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
17:45:19.0387 6840 AMD External Events Utility - ok
17:45:19.0507 6840 AMD FUEL Service - ok
17:45:19.0567 6840 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
17:45:19.0607 6840 amdide - ok
17:45:19.0667 6840 [ 6A2EEB0C4133B20773BB3DD0B7B377B4 ] amdiox64 C:\Windows\system32\DRIVERS\amdiox64.sys
17:45:19.0687 6840 amdiox64 - ok
17:45:19.0737 6840 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
17:45:19.0787 6840 AmdK8 - ok
17:45:20.0157 6840 [ 7054D5D028B6CA727D0575192D633FA9 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
17:45:20.0527 6840 amdkmdag - ok
17:45:20.0567 6840 [ 1CD2BC11467FD5FC7BE9827A9F3D8566 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
17:45:20.0637 6840 amdkmdap - ok
17:45:20.0757 6840 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
17:45:20.0787 6840 AmdPPM - ok
17:45:20.0887 6840 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
17:45:20.0907 6840 amdsata - ok
17:45:20.0927 6840 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
17:45:20.0947 6840 amdsbs - ok
17:45:20.0967 6840 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
17:45:20.0987 6840 amdxata - ok
17:45:21.0027 6840 [ F9D46B6B322708BD5AFCC8767EBDC901 ] amd_sata C:\Windows\system32\DRIVERS\amd_sata.sys
17:45:21.0037 6840 amd_sata - ok
17:45:21.0057 6840 [ 329CC9C7E20DEEBCD4CD10816193EF14 ] amd_xata C:\Windows\system32\DRIVERS\amd_xata.sys
17:45:21.0067 6840 amd_xata - ok
17:45:21.0097 6840 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
17:45:21.0227 6840 AppID - ok
17:45:21.0257 6840 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
17:45:21.0307 6840 AppIDSvc - ok
17:45:21.0347 6840 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
17:45:21.0387 6840 Appinfo - ok
17:45:21.0437 6840 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
17:45:21.0457 6840 arc - ok
17:45:21.0487 6840 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
17:45:21.0527 6840 arcsas - ok
17:45:21.0677 6840 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
17:45:21.0747 6840 aspnet_state - ok
17:45:21.0767 6840 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
17:45:21.0827 6840 AsyncMac - ok
17:45:21.0867 6840 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
17:45:21.0887 6840 atapi - ok
17:45:21.0957 6840 [ 4BF5BCA6E2608CD8A00BC4A6673A9F47 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
17:45:21.0967 6840 AtiHDAudioService - ok
17:45:22.0007 6840 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
17:45:22.0087 6840 AudioEndpointBuilder - ok
17:45:22.0107 6840 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
17:45:22.0157 6840 AudioSrv - ok
17:45:22.0607 6840 [ B41F0E54105801538D56623271A0AE49 ] AVGIDSAgent C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
17:45:22.0727 6840 AVGIDSAgent - ok
17:45:22.0797 6840 [ F1A99DA71E6549D7D944596E15142866 ] AVGIDSDriver C:\Windows\system32\DRIVERS\avgidsdrivera.sys
17:45:22.0827 6840 AVGIDSDriver - ok
17:45:22.0857 6840 [ E6CB84918C1ABE84AAAF749D2EA4E764 ] AVGIDSHA C:\Windows\system32\DRIVERS\avgidsha.sys
17:45:22.0877 6840 AVGIDSHA - ok
17:45:22.0907 6840 [ 5989592A91A17587799792A81E1541D4 ] Avgldx64 C:\Windows\system32\DRIVERS\avgldx64.sys
17:45:22.0917 6840 Avgldx64 - ok
17:45:22.0947 6840 [ 3FC43AA02545FCDDC22817829114DEC8 ] Avgloga C:\Windows\system32\DRIVERS\avgloga.sys
17:45:22.0957 6840 Avgloga - ok
17:45:22.0977 6840 [ EAFF19168F26FA225EB679547B718051 ] Avgmfx64 C:\Windows\system32\DRIVERS\avgmfx64.sys
17:45:22.0997 6840 Avgmfx64 - ok
17:45:23.0027 6840 [ FE4F444DBE4BBBDFD8FECF49398DEFC7 ] Avgrkx64 C:\Windows\system32\DRIVERS\avgrkx64.sys
17:45:23.0037 6840 Avgrkx64 - ok
17:45:23.0097 6840 [ 6E634525613D48A1D1657FB21F21F3B2 ] Avgtdia C:\Windows\system32\DRIVERS\avgtdia.sys
17:45:23.0127 6840 Avgtdia - ok
17:45:23.0187 6840 [ A3B21D3CD9185734698AB4C5D7D8F182 ] avgtp C:\Windows\system32\drivers\avgtpx64.sys
17:45:23.0207 6840 avgtp - ok
17:45:23.0237 6840 [ 0D2EB149AFF89A307E5D82D0A2B78439 ] avgwd C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
17:45:23.0257 6840 avgwd - ok
17:45:23.0317 6840 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
17:45:23.0407 6840 AxInstSV - ok
17:45:23.0477 6840 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
17:45:23.0537 6840 b06bdrv - ok
17:45:23.0587 6840 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
17:45:23.0627 6840 b57nd60a - ok
17:45:23.0797 6840 [ 9E84A931DBEE0292E38ED672F6293A99 ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl664.sys
17:45:23.0907 6840 BCM43XX - ok
17:45:23.0937 6840 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
17:45:23.0987 6840 BDESVC - ok
17:45:24.0037 6840 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
17:45:24.0087 6840 Beep - ok
17:45:24.0147 6840 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
17:45:24.0307 6840 BFE - ok
17:45:24.0367 6840 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
17:45:24.0467 6840 BITS - ok
17:45:24.0507 6840 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
17:45:24.0547 6840 blbdrive - ok
17:45:24.0577 6840 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
17:45:24.0607 6840 bowser - ok
17:45:24.0647 6840 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
17:45:24.0687 6840 BrFiltLo - ok
17:45:24.0797 6840 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
17:45:24.0837 6840 BrFiltUp - ok
17:45:24.0877 6840 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
17:45:24.0917 6840 Browser - ok
17:45:24.0987 6840 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
17:45:25.0067 6840 Brserid - ok
17:45:25.0107 6840 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
17:45:25.0147 6840 BrSerWdm - ok
17:45:25.0187 6840 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
17:45:25.0217 6840 BrUsbMdm - ok
17:45:25.0227 6840 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
17:45:25.0267 6840 BrUsbSer - ok
17:45:25.0287 6840 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
17:45:25.0317 6840 BTHMODEM - ok
17:45:25.0357 6840 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
17:45:25.0397 6840 bthserv - ok
17:45:25.0437 6840 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
17:45:25.0497 6840 cdfs - ok
17:45:25.0547 6840 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
17:45:25.0567 6840 cdrom - ok
17:45:25.0597 6840 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
17:45:25.0637 6840 CertPropSvc - ok
17:45:25.0677 6840 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
17:45:25.0707 6840 circlass - ok
17:45:25.0777 6840 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
17:45:25.0827 6840 CLFS - ok
17:45:26.0047 6840 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:45:26.0077 6840 clr_optimization_v2.0.50727_32 - ok
17:45:26.0187 6840 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
17:45:26.0217 6840 clr_optimization_v2.0.50727_64 - ok
17:45:26.0307 6840 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:45:26.0387 6840 clr_optimization_v4.0.30319_32 - ok
17:45:26.0437 6840 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
17:45:26.0447 6840 clr_optimization_v4.0.30319_64 - ok
17:45:26.0487 6840 [ 50F92C943F18B070F166D019DFAB3D9A ] clwvd C:\Windows\system32\DRIVERS\clwvd.sys
17:45:26.0497 6840 clwvd - ok
17:45:26.0547 6840 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
17:45:26.0577 6840 CmBatt - ok
17:45:26.0587 6840 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
17:45:26.0607 6840 cmdide - ok
17:45:26.0647 6840 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
17:45:26.0677 6840 CNG - ok
17:45:26.0817 6840 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
17:45:26.0847 6840 Compbatt - ok
17:45:26.0917 6840 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
17:45:26.0967 6840 CompositeBus - ok
17:45:26.0987 6840 COMSysApp - ok
17:45:27.0047 6840 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
17:45:27.0077 6840 crcdisk - ok
17:45:27.0147 6840 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
17:45:27.0197 6840 CryptSvc - ok
17:45:27.0397 6840 [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
17:45:27.0487 6840 cvhsvc - ok
17:45:27.0547 6840 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
17:45:27.0617 6840 DcomLaunch - ok
17:45:27.0647 6840 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
17:45:27.0707 6840 defragsvc - ok
17:45:27.0757 6840 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
17:45:27.0817 6840 DfsC - ok
17:45:27.0867 6840 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
17:45:27.0917 6840 Dhcp - ok
17:45:27.0937 6840 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
17:45:28.0007 6840 discache - ok
17:45:28.0077 6840 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
17:45:28.0097 6840 Disk - ok
17:45:28.0127 6840 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
17:45:28.0177 6840 Dnscache - ok
17:45:28.0207 6840 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
17:45:28.0267 6840 dot3svc - ok
17:45:28.0317 6840 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
17:45:28.0367 6840 DPS - ok
17:45:28.0407 6840 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
17:45:28.0437 6840 drmkaud - ok
17:45:28.0527 6840 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
17:45:28.0567 6840 DXGKrnl - ok
17:45:28.0607 6840 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
17:45:28.0677 6840 EapHost - ok
17:45:29.0117 6840 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
17:45:29.0287 6840 ebdrv - ok
17:45:29.0357 6840 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
17:45:29.0557 6840 EFS - ok
17:45:29.0677 6840 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
17:45:29.0747 6840 ehRecvr - ok
17:45:29.0787 6840 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
17:45:29.0827 6840 ehSched - ok
17:45:29.0977 6840 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
17:45:30.0057 6840 elxstor - ok
17:45:30.0167 6840 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
17:45:30.0197 6840 ErrDev - ok
17:45:30.0277 6840 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
17:45:30.0337 6840 EventSystem - ok
17:45:30.0407 6840 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
17:45:30.0487 6840 exfat - ok
17:45:30.0527 6840 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
17:45:30.0597 6840 fastfat - ok
17:45:30.0657 6840 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
17:45:30.0727 6840 Fax - ok
17:45:30.0757 6840 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
17:45:30.0797 6840 fdc - ok
17:45:30.0827 6840 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
17:45:30.0867 6840 fdPHost - ok
17:45:30.0887 6840 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
17:45:30.0947 6840 FDResPub - ok
17:45:31.0007 6840 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
17:45:31.0017 6840 FileInfo - ok
17:45:31.0047 6840 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
17:45:31.0117 6840 Filetrace - ok
17:45:31.0157 6840 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
17:45:31.0167 6840 flpydisk - ok
17:45:31.0237 6840 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
17:45:31.0257 6840 FltMgr - ok
17:45:31.0367 6840 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
17:45:31.0507 6840 FontCache - ok
17:45:31.0577 6840 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
17:45:31.0607 6840 FontCache3.0.0.0 - ok
17:45:31.0667 6840 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
17:45:31.0707 6840 FsDepends - ok
17:45:31.0747 6840 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
17:45:31.0757 6840 Fs_Rec - ok
17:45:31.0817 6840 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
17:45:31.0847 6840 fvevol - ok
17:45:31.0877 6840 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
17:45:31.0897 6840 gagp30kx - ok
17:45:31.0937 6840 [ C403C5DB49A0F9AAF4F2128EDC0106D8 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
17:45:31.0957 6840 GamesAppService - ok
17:45:31.0997 6840 [ A4198F2BD8AA592CB90476277A81B5E1 ] ggflt C:\Windows\system32\DRIVERS\ggflt.sys
17:45:32.0037 6840 ggflt - ok
17:45:32.0057 6840 [ D266350BDAAB9EB6C1AEC370EEAAFF3A ] ggsemc C:\Windows\system32\DRIVERS\ggsemc.sys
17:45:32.0077 6840 ggsemc - ok
17:45:32.0117 6840 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
17:45:32.0167 6840 gpsvc - ok
17:45:32.0217 6840 [ C1B577B2169900F4CF7190C39F085794 ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
17:45:32.0237 6840 gusvc - ok
17:45:32.0277 6840 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
17:45:32.0307 6840 hcw85cir - ok
17:45:32.0337 6840 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
17:45:32.0377 6840 HdAudAddService - ok
17:45:32.0407 6840 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
17:45:32.0447 6840 HDAudBus - ok
17:45:32.0457 6840 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
17:45:32.0487 6840 HidBatt - ok
17:45:32.0517 6840 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
17:45:32.0547 6840 HidBth - ok
17:45:32.0567 6840 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
17:45:32.0587 6840 HidIr - ok
17:45:32.0617 6840 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
17:45:32.0677 6840 hidserv - ok
17:45:32.0717 6840 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\drivers\hidusb.sys
17:45:32.0737 6840 HidUsb - ok
17:45:32.0747 6840 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
17:45:32.0817 6840 hkmsvc - ok
17:45:32.0867 6840 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
17:45:32.0927 6840 HomeGroupListener - ok
17:45:32.0967 6840 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
17:45:32.0997 6840 HomeGroupProvider - ok
17:45:33.0107 6840 [ 13BB1114451C63BFB41BA7DAA4D70A29 ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
17:45:33.0137 6840 HP Support Assistant Service - ok
17:45:33.0197 6840 [ 6A181452D4E240B8ECC7614B9A19BDE9 ] HPClientSvc C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
17:45:33.0217 6840 HPClientSvc - ok
17:45:33.0347 6840 [ 02CE63D8DD5E6DD5CEFF336191C0859E ] HPDrvMntSvc.exe C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
17:45:33.0367 6840 HPDrvMntSvc.exe - ok
17:45:33.0557 6840 [ 5DA42D24712E00728CEA2342A65009B2 ] hpqcxs08 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
17:45:33.0587 6840 hpqcxs08 - ok
17:45:33.0617 6840 [ D86A39BF100069444D026D22D9A6E555 ] hpqddsvc C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
17:45:33.0627 6840 hpqddsvc - ok
17:45:33.0717 6840 [ E7C7829BA0395E48F8C8FE16B8832344 ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
17:45:33.0767 6840 hpqwmiex - ok
17:45:33.0807 6840 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
17:45:33.0817 6840 HpSAMD - ok
17:45:33.0887 6840 [ 77C15D7E8F002A173EEBFF0B20CD697D ] HPWMISVC C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
17:45:33.0897 6840 HPWMISVC - ok
17:45:33.0947 6840 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
17:45:34.0017 6840 HTTP - ok
17:45:34.0037 6840 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
17:45:34.0047 6840 hwpolicy - ok
17:45:34.0097 6840 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
17:45:34.0117 6840 i8042prt - ok
17:45:34.0147 6840 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
17:45:34.0167 6840 iaStorV - ok
17:45:34.0357 6840 [ 2C3CC41FEFCB77E2826886E6B7EF93AE ] IconMan_R C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
17:45:34.0407 6840 IconMan_R - ok
17:45:34.0497 6840 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
17:45:34.0547 6840 idsvc - ok
17:45:34.0577 6840 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
17:45:34.0587 6840 iirsp - ok
17:45:34.0647 6840 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
17:45:34.0727 6840 IKEEXT - ok
17:45:34.0757 6840 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
17:45:34.0777 6840 intelide - ok
17:45:34.0817 6840 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\drivers\intelppm.sys
17:45:34.0847 6840 intelppm - ok
17:45:34.0867 6840 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
17:45:34.0927 6840 IPBusEnum - ok
17:45:34.0947 6840 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:45:34.0987 6840 IpFilterDriver - ok
17:45:35.0077 6840 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
17:45:35.0187 6840 iphlpsvc - ok
17:45:35.0207 6840 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
17:45:35.0237 6840 IPMIDRV - ok
17:45:35.0247 6840 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
17:45:35.0307 6840 IPNAT - ok
17:45:35.0337 6840 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
17:45:35.0357 6840 IRENUM - ok
17:45:35.0367 6840 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
17:45:35.0377 6840 isapnp - ok
17:45:35.0447 6840 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
17:45:35.0497 6840 iScsiPrt - ok
17:45:35.0547 6840 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
17:45:35.0557 6840 kbdclass - ok
17:45:35.0577 6840 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
17:45:35.0607 6840 kbdhid - ok
17:45:35.0627 6840 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
17:45:35.0637 6840 KeyIso - ok
17:45:35.0697 6840 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
17:45:35.0717 6840 KSecDD - ok
17:45:35.0777 6840 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
17:45:35.0817 6840 KSecPkg - ok
17:45:35.0847 6840 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
17:45:35.0887 6840 ksthunk - ok
17:45:35.0927 6840 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
17:45:35.0987 6840 KtmRm - ok
17:45:36.0027 6840 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
17:45:36.0077 6840 LanmanServer - ok
17:45:36.0107 6840 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
17:45:36.0177 6840 LanmanWorkstation - ok
17:45:36.0197 6840 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
17:45:36.0257 6840 lltdio - ok
17:45:36.0297 6840 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
17:45:36.0367 6840 lltdsvc - ok
17:45:36.0387 6840 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
17:45:36.0437 6840 lmhosts - ok
17:45:36.0477 6840 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
17:45:36.0487 6840 LSI_FC - ok
17:45:36.0507 6840 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
17:45:36.0517 6840 LSI_SAS - ok
17:45:36.0557 6840 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
17:45:36.0567 6840 LSI_SAS2 - ok
17:45:36.0597 6840 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
17:45:36.0617 6840 LSI_SCSI - ok
17:45:36.0637 6840 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
17:45:36.0687 6840 luafv - ok
17:45:36.0747 6840 [ B9FC4CCE5758B816F27DD4D1EED11841 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
17:45:36.0767 6840 MBAMProtector - ok
17:45:36.0827 6840 [ 0DCF16B1449811EFA47AB52CAC84093C ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
17:45:36.0847 6840 MBAMScheduler - ok
17:45:36.0887 6840 [ 9EAABA4D601004BEA4DAA6E146E19A96 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
17:45:36.0917 6840 MBAMService - ok
17:45:36.0977 6840 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
17:45:37.0007 6840 Mcx2Svc - ok
17:45:37.0027 6840 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
17:45:37.0047 6840 megasas - ok
17:45:37.0087 6840 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
17:45:37.0117 6840 MegaSR - ok
17:45:37.0147 6840 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
17:45:37.0227 6840 MMCSS - ok
17:45:37.0247 6840 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
17:45:37.0327 6840 Modem - ok
17:45:37.0367 6840 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
17:45:37.0417 6840 monitor - ok
17:45:37.0427 6840 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
17:45:37.0447 6840 mouclass - ok
17:45:37.0477 6840 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\drivers\mouhid.sys
17:45:37.0507 6840 mouhid - ok
17:45:37.0537 6840 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
17:45:37.0547 6840 mountmgr - ok
17:45:37.0617 6840 [ 4D7F2682D29B92A6251B17957AA0B985 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
17:45:37.0627 6840 MozillaMaintenance - ok
17:45:37.0677 6840 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
17:45:37.0707 6840 mpio - ok
17:45:37.0727 6840 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
17:45:37.0777 6840 mpsdrv - ok
17:45:37.0837 6840 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
17:45:37.0907 6840 MpsSvc - ok
17:45:37.0947 6840 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
17:45:37.0987 6840 MRxDAV - ok
17:45:38.0007 6840 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
17:45:38.0057 6840 mrxsmb - ok
17:45:38.0097 6840 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:45:38.0147 6840 mrxsmb10 - ok
17:45:38.0177 6840 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:45:38.0197 6840 mrxsmb20 - ok
17:45:38.0217 6840 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
17:45:38.0237 6840 msahci - ok
17:45:38.0297 6840 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
17:45:38.0317 6840 msdsm - ok
17:45:38.0347 6840 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
17:45:38.0397 6840 MSDTC - ok
17:45:38.0447 6840 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
17:45:38.0497 6840 Msfs - ok
17:45:38.0517 6840 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
17:45:38.0577 6840 mshidkmdf - ok
17:45:38.0607 6840 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
17:45:38.0627 6840 msisadrv - ok
17:45:38.0657 6840 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
17:45:38.0737 6840 MSiSCSI - ok
17:45:38.0737 6840 msiserver - ok
17:45:38.0787 6840 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
17:45:38.0847 6840 MSKSSRV - ok
17:45:38.0867 6840 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
17:45:38.0917 6840 MSPCLOCK - ok
17:45:38.0957 6840 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
17:45:38.0997 6840 MSPQM - ok
17:45:39.0047 6840 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
17:45:39.0077 6840 MsRPC - ok
17:45:39.0097 6840 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
17:45:39.0117 6840 mssmbios - ok
17:45:39.0147 6840 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
17:45:39.0197 6840 MSTEE - ok
17:45:39.0217 6840 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
17:45:39.0237 6840 MTConfig - ok
17:45:39.0257 6840 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
17:45:39.0267 6840 Mup - ok
17:45:39.0307 6840 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
17:45:39.0367 6840 napagent - ok
17:45:39.0417 6840 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
17:45:39.0457 6840 NativeWifiP - ok
17:45:39.0507 6840 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
17:45:39.0577 6840 NDIS - ok
17:45:39.0617 6840 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
17:45:39.0667 6840 NdisCap - ok
17:45:39.0707 6840 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
17:45:39.0747 6840 NdisTapi - ok
17:45:39.0767 6840 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
17:45:39.0807 6840 Ndisuio - ok
17:45:39.0847 6840 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
17:45:39.0907 6840 NdisWan - ok
17:45:39.0937 6840 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
17:45:39.0967 6840 NDProxy - ok
17:45:40.0017 6840 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
17:45:40.0067 6840 NetBIOS - ok
17:45:40.0087 6840 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
17:45:40.0137 6840 NetBT - ok
17:45:40.0147 6840 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
17:45:40.0167 6840 Netlogon - ok
17:45:40.0207 6840 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
17:45:40.0277 6840 Netman - ok
17:45:40.0307 6840 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:45:40.0337 6840 NetMsmqActivator - ok
17:45:40.0357 6840 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:45:40.0377 6840 NetPipeActivator - ok
17:45:40.0417 6840 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
17:45:40.0487 6840 netprofm - ok
17:45:40.0517 6840 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:45:40.0527 6840 NetTcpActivator - ok
17:45:40.0537 6840 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:45:40.0547 6840 NetTcpPortSharing - ok
17:45:40.0587 6840 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
17:45:40.0607 6840 nfrd960 - ok
17:45:40.0667 6840 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
17:45:40.0727 6840 NlaSvc - ok
17:45:40.0767 6840 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
17:45:40.0837 6840 Npfs - ok
17:45:40.0887 6840 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
17:45:40.0927 6840 nsi - ok
17:45:40.0947 6840 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
17:45:41.0037 6840 nsiproxy - ok
17:45:41.0137 6840 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
17:45:41.0187 6840 Ntfs - ok
17:45:41.0207 6840 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
17:45:41.0257 6840 Null - ok
17:45:41.0287 6840 [ A85B4F2EF3A7304A5399EF0526423040 ] NVENETFD C:\Windows\system32\DRIVERS\nvm62x64.sys
17:45:41.0327 6840 NVENETFD - ok
17:45:41.0357 6840 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
17:45:41.0367 6840 nvraid - ok
17:45:41.0427 6840 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
17:45:41.0457 6840 nvstor - ok
17:45:41.0487 6840 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
17:45:41.0507 6840 nv_agp - ok
17:45:41.0537 6840 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
17:45:41.0547 6840 ohci1394 - ok
17:45:41.0587 6840 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
17:45:41.0597 6840 ose - ok
17:45:41.0777 6840 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
17:45:41.0887 6840 osppsvc - ok
17:45:41.0937 6840 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
17:45:41.0977 6840 p2pimsvc - ok
17:45:42.0057 6840 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
17:45:42.0097 6840 p2psvc - ok
17:45:42.0127 6840 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
17:45:42.0147 6840 Parport - ok
17:45:42.0167 6840 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
17:45:42.0177 6840 partmgr - ok
17:45:42.0197 6840 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
17:45:42.0237 6840 PcaSvc - ok
17:45:42.0267 6840 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
17:45:42.0287 6840 pci - ok
17:45:42.0307 6840 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
17:45:42.0327 6840 pciide - ok
17:45:42.0357 6840 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
17:45:42.0377 6840 pcmcia - ok
17:45:42.0387 6840 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
17:45:42.0407 6840 pcw - ok
17:45:42.0477 6840 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
17:45:42.0557 6840 PEAUTH - ok
17:45:42.0677 6840 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
17:45:42.0707 6840 PerfHost - ok
17:45:42.0787 6840 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
17:45:42.0907 6840 pla - ok
17:45:42.0957 6840 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
17:45:42.0997 6840 PlugPlay - ok
17:45:43.0027 6840 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
17:45:43.0057 6840 PNRPAutoReg - ok
17:45:43.0127 6840 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
17:45:43.0137 6840 PNRPsvc - ok
17:45:43.0187 6840 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
17:45:43.0257 6840 PolicyAgent - ok
17:45:43.0297 6840 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
17:45:43.0357 6840 Power - ok
17:45:43.0397 6840 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
17:45:43.0447 6840 PptpMiniport - ok
17:45:43.0477 6840 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
17:45:43.0497 6840 Processor - ok
17:45:43.0547 6840 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
17:45:43.0577 6840 ProfSvc - ok
17:45:43.0607 6840 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
17:45:43.0617 6840 ProtectedStorage - ok
17:45:43.0637 6840 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
17:45:43.0687 6840 Psched - ok
17:45:43.0827 6840 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
17:45:43.0907 6840 ql2300 - ok
17:45:43.0947 6840 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
17:45:43.0957 6840 ql40xx - ok
17:45:43.0987 6840 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
17:45:44.0007 6840 QWAVE - ok
17:45:44.0037 6840 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
17:45:44.0057 6840 QWAVEdrv - ok
17:45:44.0077 6840 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
17:45:44.0127 6840 RasAcd - ok
17:45:44.0167 6840 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
17:45:44.0207 6840 RasAgileVpn - ok
17:45:44.0237 6840 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
17:45:44.0307 6840 RasAuto - ok
17:45:44.0337 6840 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
17:45:44.0387 6840 Rasl2tp - ok
17:45:44.0417 6840 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
17:45:44.0467 6840 RasMan - ok
17:45:44.0477 6840 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
17:45:44.0527 6840 RasPppoe - ok
17:45:44.0567 6840 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
17:45:44.0617 6840 RasSstp - ok
17:45:44.0677 6840 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
17:45:44.0757 6840 rdbss - ok
17:45:44.0767 6840 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
17:45:44.0797 6840 rdpbus - ok
17:45:44.0817 6840 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
17:45:44.0867 6840 RDPCDD - ok
17:45:44.0887 6840 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
17:45:44.0937 6840 RDPENCDD - ok
17:45:44.0957 6840 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
17:45:45.0007 6840 RDPREFMP - ok
17:45:45.0047 6840 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
17:45:45.0077 6840 RDPWD - ok
17:45:45.0117 6840 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
17:45:45.0137 6840 rdyboost - ok
17:45:45.0167 6840 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
17:45:45.0227 6840 RemoteAccess - ok
17:45:45.0257 6840 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
17:45:45.0307 6840 RemoteRegistry - ok
17:45:45.0337 6840 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
17:45:45.0387 6840 RpcEptMapper - ok
17:45:45.0407 6840 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
17:45:45.0447 6840 RpcLocator - ok
17:45:45.0487 6840 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
17:45:45.0527 6840 RpcSs - ok
17:45:45.0567 6840 [ D5C3E1629A3F7F0857D27949252B94CE ] RSPCIESTOR C:\Windows\system32\DRIVERS\RtsPStor.sys
17:45:45.0577 6840 RSPCIESTOR - ok
17:45:45.0617 6840 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
17:45:45.0667 6840 rspndr - ok
17:45:45.0707 6840 [ A73ED14670220307874AD6BC2F279349 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
17:45:45.0727 6840 RTL8167 - ok
17:45:45.0787 6840 [ 507B708A731DED6B992E3F664A93288B ] RTL8192Ce C:\Windows\system32\DRIVERS\rtl8192Ce.sys
17:45:45.0817 6840 RTL8192Ce - ok
17:45:45.0867 6840 [ 0031DD0C5D4446DA0A3E02617DC6D642 ] s1039bus C:\Windows\system32\DRIVERS\s1039bus.sys
17:45:45.0887 6840 s1039bus - ok
17:45:45.0917 6840 [ 98C7DBE2290D8CB0235E9528F6A1A53D ] s1039mdfl C:\Windows\system32\DRIVERS\s1039mdfl.sys
17:45:45.0927 6840 s1039mdfl - ok
17:45:45.0997 6840 [ 7EF052A067D862ECD2A2335914611074 ] s1039mdm C:\Windows\system32\DRIVERS\s1039mdm.sys
17:45:46.0017 6840 s1039mdm - ok
17:45:46.0087 6840 [ BCC3F31F1FE1E78A5BA2CD6A0E44BA64 ] s1039mgmt C:\Windows\system32\DRIVERS\s1039mgmt.sys
17:45:46.0107 6840 s1039mgmt - ok
17:45:46.0167 6840 [ A0CF11BFFA41176CCD54E701CEB68921 ] s1039nd5 C:\Windows\system32\DRIVERS\s1039nd5.sys
17:45:46.0197 6840 s1039nd5 - ok
17:45:46.0237 6840 [ BD2DA968C5DCEF51BA8014FBAC7A0B6A ] s1039obex C:\Windows\system32\DRIVERS\s1039obex.sys
17:45:46.0277 6840 s1039obex - ok
17:45:46.0327 6840 [ 96B4051B65C1974258A8A33A03C0B082 ] s1039unic C:\Windows\system32\DRIVERS\s1039unic.sys
17:45:46.0347 6840 s1039unic - ok
17:45:46.0367 6840 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
17:45:46.0387 6840 SamSs - ok
17:45:46.0397 6840 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
17:45:46.0407 6840 sbp2port - ok
17:45:46.0437 6840 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
17:45:46.0487 6840 SCardSvr - ok
17:45:46.0537 6840 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
17:45:46.0607 6840 scfilter - ok
17:45:46.0657 6840 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
17:45:46.0727 6840 Schedule - ok
17:45:46.0767 6840 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
17:45:46.0807 6840 SCPolicySvc - ok
17:45:46.0847 6840 [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
17:45:46.0877 6840 sdbus - ok
17:45:46.0907 6840 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
17:45:46.0967 6840 SDRSVC - ok
17:45:46.0997 6840 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
17:45:47.0037 6840 secdrv - ok
17:45:47.0067 6840 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
17:45:47.0107 6840 seclogon - ok
17:45:47.0127 6840 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
17:45:47.0187 6840 SENS - ok
17:45:47.0197 6840 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
17:45:47.0237 6840 SensrSvc - ok
17:45:47.0277 6840 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys
17:45:47.0287 6840 Serenum - ok
17:45:47.0307 6840 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys
17:45:47.0337 6840 Serial - ok
17:45:47.0377 6840 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
17:45:47.0407 6840 sermouse - ok
17:45:47.0437 6840 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
17:45:47.0497 6840 SessionEnv - ok
17:45:47.0517 6840 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
17:45:47.0537 6840 sffdisk - ok
17:45:47.0547 6840 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
17:45:47.0587 6840 sffp_mmc - ok
17:45:47.0607 6840 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
17:45:47.0637 6840 sffp_sd - ok
17:45:47.0667 6840 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
17:45:47.0687 6840 sfloppy - ok
17:45:47.0737 6840 [ C6CC9297BD53E5229653303E556AA539 ] Sftfs C:\Windows\system32\DRIVERS\Sftfslh.sys
17:45:47.0757 6840 Sftfs - ok
17:45:47.0827 6840 [ 13693B6354DD6E72DC5131DA7D764B90 ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
17:45:47.0857 6840 sftlist - ok
17:45:47.0907 6840 [ 390AA7BC52CEE43F6790CDEA1E776703 ] Sftplay C:\Windows\system32\DRIVERS\Sftplaylh.sys
17:45:47.0917 6840 Sftplay - ok
17:45:47.0947 6840 [ 617E29A0B0A2807466560D4C4E338D3E ] Sftredir C:\Windows\system32\DRIVERS\Sftredirlh.sys
17:45:47.0957 6840 Sftredir - ok
17:45:48.0007 6840 [ 8F571F016FA1976F445147E9E6C8AE9B ] Sftvol C:\Windows\system32\DRIVERS\Sftvollh.sys
17:45:48.0017 6840 Sftvol - ok
17:45:48.0037 6840 [ C3CDDD18F43D44AB713CF8C4916F7696 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
17:45:48.0057 6840 sftvsa - ok
17:45:48.0087 6840 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
17:45:48.0147 6840 SharedAccess - ok
17:45:48.0177 6840 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
17:45:48.0227 6840 ShellHWDetection - ok
17:45:48.0267 6840 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
17:45:48.0287 6840 SiSRaid2 - ok
17:45:48.0317 6840 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
17:45:48.0327 6840 SiSRaid4 - ok
17:45:48.0357 6840 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
17:45:48.0417 6840 Smb - ok
17:45:48.0447 6840 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
17:45:48.0477 6840 SNMPTRAP - ok
17:45:48.0507 6840 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
17:45:48.0517 6840 spldr - ok
17:45:48.0557 6840 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
17:45:48.0597 6840 Spooler - ok
17:45:48.0717 6840 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
17:45:48.0817 6840 sppsvc - ok
17:45:48.0857 6840 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
17:45:48.0897 6840 sppuinotify - ok
17:45:48.0927 6840 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
17:45:48.0967 6840 srv - ok
17:45:49.0047 6840 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
17:45:49.0097 6840 srv2 - ok
17:45:49.0137 6840 [ 0C4540311E11664B245A263E1154CEF8 ] SrvHsfHDA C:\Windows\system32\DRIVERS\VSTAZL6.SYS
17:45:49.0157 6840 SrvHsfHDA - ok
17:45:49.0267 6840 [ 02071D207A9858FBE3A48CBFD59C4A04 ] SrvHsfV92 C:\Windows\system32\DRIVERS\VSTDPV6.SYS
17:45:49.0347 6840 SrvHsfV92 - ok
17:45:49.0427 6840 [ 18E40C245DBFAF36FD0134A7EF2DF396 ] SrvHsfWinac C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
17:45:49.0477 6840 SrvHsfWinac - ok
17:45:49.0537 6840 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
17:45:49.0577 6840 srvnet - ok
17:45:49.0607 6840 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
17:45:49.0667 6840 SSDPSRV - ok
17:45:49.0687 6840 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
17:45:49.0727 6840 SstpSvc - ok
17:45:49.0787 6840 [ 293A556E04F815477AE93E07B35065E6 ] STacSV C:\Program Files\IDT\WDM\STacSV64.exe
17:45:49.0827 6840 STacSV - ok
17:45:49.0847 6840 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
17:45:49.0867 6840 stexstor - ok
17:45:49.0917 6840 [ AA3C0336514C239A171F00A6902B59B8 ] STHDA C:\Windows\system32\DRIVERS\stwrt64.sys
17:45:49.0947 6840 STHDA - ok
17:45:49.0987 6840 [ DECACB6921DED1A38642642685D77DAC ] StillCam C:\Windows\system32\DRIVERS\serscan.sys
17:45:50.0027 6840 StillCam - ok
17:45:50.0067 6840 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
17:45:50.0177 6840 stisvc - ok
17:45:50.0197 6840 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
17:45:50.0207 6840 swenum - ok
17:45:50.0237 6840 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
17:45:50.0297 6840 swprv - ok
17:45:50.0347 6840 [ AC3CC98B1BDB6540021D3FFB105AC2B9 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
17:45:50.0367 6840 SynTP - ok
17:45:50.0427 6840 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
17:45:50.0517 6840 SysMain - ok
17:45:50.0547 6840 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
17:45:50.0577 6840 TabletInputService - ok
17:45:50.0647 6840 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
17:45:50.0697 6840 TapiSrv - ok
17:45:50.0737 6840 [ 4430E9B4C60AAB672D16E801BAD0555E ] tbhsd C:\Windows\system32\drivers\tbhsd.sys
17:45:50.0747 6840 tbhsd - ok
17:45:50.0777 6840 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
17:45:50.0827 6840 TBS - ok
17:45:50.0907 6840 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip C:\Windows\system32\drivers\tcpip.sys
17:45:50.0987 6840 Tcpip - ok
17:45:51.0047 6840 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
17:45:51.0097 6840 TCPIP6 - ok
17:45:51.0127 6840 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
17:45:51.0187 6840 tcpipreg - ok
17:45:51.0197 6840 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
17:45:51.0237 6840 TDPIPE - ok
17:45:51.0257 6840 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
17:45:51.0267 6840 TDTCP - ok
17:45:51.0287 6840 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
17:45:51.0347 6840 tdx - ok
17:45:51.0377 6840 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
17:45:51.0397 6840 TermDD - ok
17:45:51.0467 6840 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
17:45:51.0567 6840 TermService - ok
17:45:51.0607 6840 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
17:45:51.0627 6840 Themes - ok
17:45:51.0667 6840 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
17:45:51.0707 6840 THREADORDER - ok
17:45:51.0747 6840 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
17:45:51.0797 6840 TrkWks - ok
17:45:51.0847 6840 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
17:45:51.0907 6840 TrustedInstaller - ok
17:45:51.0937 6840 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
17:45:51.0987 6840 tssecsrv - ok
17:45:52.0007 6840 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
17:45:52.0037 6840 TsUsbFlt - ok
17:45:52.0067 6840 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
17:45:52.0107 6840 TsUsbGD - ok
17:45:52.0147 6840 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
17:45:52.0207 6840 tunnel - ok
17:45:52.0237 6840 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
17:45:52.0247 6840 uagp35 - ok
17:45:52.0317 6840 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
17:45:52.0397 6840 udfs - ok
17:45:52.0427 6840 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
17:45:52.0437 6840 UI0Detect - ok
17:45:52.0457 6840 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
17:45:52.0477 6840 uliagpkx - ok
17:45:52.0507 6840 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
17:45:52.0537 6840 umbus - ok
17:45:52.0547 6840 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
17:45:52.0577 6840 UmPass - ok
17:45:52.0627 6840 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
17:45:52.0687 6840 upnphost - ok
17:45:52.0717 6840 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
17:45:52.0787 6840 usbccgp - ok
17:45:52.0817 6840 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
17:45:52.0837 6840 usbcir - ok
17:45:52.0867 6840 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
17:45:52.0897 6840 usbehci - ok
17:45:52.0917 6840 [ 573D192E268F0C5B486B7E96F661E538 ] usbfilter C:\Windows\system32\DRIVERS\usbfilter.sys
17:45:52.0927 6840 usbfilter - ok
17:45:52.0947 6840 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
17:45:52.0977 6840 usbhub - ok
17:45:52.0997 6840 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
17:45:53.0017 6840 usbohci - ok
17:45:53.0057 6840 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\drivers\usbprint.sys
17:45:53.0077 6840 usbprint - ok
17:45:53.0097 6840 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
17:45:53.0137 6840 USBSTOR - ok
17:45:53.0157 6840 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
17:45:53.0177 6840 usbuhci - ok
17:45:53.0207 6840 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
17:45:53.0227 6840 usbvideo - ok
17:45:53.0257 6840 [ 70D05EE263568A742D14E1876DF80532 ] usb_rndisx C:\Windows\system32\drivers\usb8023x.sys
17:45:53.0287 6840 usb_rndisx - ok
17:45:53.0307 6840 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
17:45:53.0377 6840 UxSms - ok
17:45:53.0397 6840 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
17:45:53.0407 6840 VaultSvc - ok
17:45:53.0427 6840 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
17:45:53.0447 6840 vdrvroot - ok
17:45:53.0477 6840 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
17:45:53.0557 6840 vds - ok
17:45:53.0597 6840 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
17:45:53.0617 6840 vga - ok
17:45:53.0637 6840 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
17:45:53.0697 6840 VgaSave - ok
17:45:53.0717 6840 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
17:45:53.0737 6840 vhdmp - ok
17:45:53.0757 6840 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
17:45:53.0787 6840 viaide - ok
17:45:53.0827 6840 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
17:45:53.0837 6840 volmgr - ok
17:45:53.0857 6840 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
17:45:53.0877 6840 volmgrx - ok
17:45:53.0917 6840 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
17:45:53.0937 6840 volsnap - ok
17:45:53.0977 6840 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
17:45:53.0997 6840 vsmraid - ok
17:45:54.0087 6840 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
17:45:54.0207 6840 VSS - ok
17:45:54.0297 6840 [ 40DBA03782BCC10685A8C200C5EBDCD0 ] vToolbarUpdater12.2.6 C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\12.2.6\ToolbarUpdater.exe
17:45:54.0327 6840 vToolbarUpdater12.2.6 - ok
17:45:54.0377 6840 [ F117D00BBB401C61CE3E9F3B846D0821 ] vToolbarUpdater13.2.0 C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe
17:45:54.0407 6840 vToolbarUpdater13.2.0 - ok
17:45:54.0417 6840 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
17:45:54.0447 6840 vwifibus - ok
17:45:54.0477 6840 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
17:45:54.0497 6840 vwififlt - ok
17:45:54.0527 6840 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
17:45:54.0577 6840 W32Time - ok
17:45:54.0607 6840 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
17:45:54.0647 6840 WacomPen - ok
17:45:54.0697 6840 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
17:45:54.0737 6840 WANARP - ok
17:45:54.0747 6840 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
17:45:54.0787 6840 Wanarpv6 - ok
17:45:54.0857 6840 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
17:45:54.0957 6840 wbengine - ok
17:45:54.0987 6840 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
17:45:55.0017 6840 WbioSrvc - ok
17:45:55.0067 6840 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
17:45:55.0117 6840 wcncsvc - ok
17:45:55.0127 6840 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
17:45:55.0157 6840 WcsPlugInService - ok
17:45:55.0187 6840 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
17:45:55.0197 6840 Wd - ok
17:45:55.0237 6840 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
17:45:55.0257 6840 Wdf01000 - ok
17:45:55.0297 6840 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
17:45:55.0387 6840 WdiServiceHost - ok
17:45:55.0397 6840 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
17:45:55.0417 6840 WdiSystemHost - ok
17:45:55.0447 6840 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
17:45:55.0497 6840 WebClient - ok
17:45:55.0557 6840 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
17:45:55.0627 6840 Wecsvc - ok
17:45:55.0647 6840 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
17:45:55.0687 6840 wercplsupport - ok
17:45:55.0707 6840 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
17:45:55.0747 6840 WerSvc - ok
17:45:55.0787 6840 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
17:45:55.0827 6840 WfpLwf - ok
17:45:55.0847 6840 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
17:45:55.0857 6840 WIMMount - ok
17:45:55.0897 6840 WinDefend - ok
17:45:55.0907 6840 WinHttpAutoProxySvc - ok
17:45:55.0977 6840 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
17:45:56.0047 6840 Winmgmt - ok
17:45:56.0127 6840 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
17:45:56.0237 6840 WinRM - ok
17:45:56.0287 6840 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
17:45:56.0317 6840 WinUsb - ok
17:45:56.0357 6840 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
17:45:56.0407 6840 Wlansvc - ok
17:45:56.0457 6840 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
17:45:56.0467 6840 wlcrasvc - ok
17:45:56.0707 6840 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
17:45:56.0797 6840 wlidsvc - ok
17:45:56.0837 6840 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
17:45:56.0857 6840 WmiAcpi - ok
17:45:56.0887 6840 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
17:45:56.0937 6840 wmiApSrv - ok
17:45:56.0967 6840 WMPNetworkSvc - ok
17:45:56.0987 6840 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
17:45:57.0017 6840 WPCSvc - ok
17:45:57.0027 6840 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
17:45:57.0047 6840 WPDBusEnum - ok
17:45:57.0077 6840 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
17:45:57.0137 6840 ws2ifsl - ok
17:45:57.0167 6840 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
17:45:57.0197 6840 wscsvc - ok
17:45:57.0257 6840 [ 8D918B1DB190A4D9B1753A66FA8C96E8 ] WSDPrintDevice C:\Windows\system32\DRIVERS\WSDPrint.sys
17:45:57.0287 6840 WSDPrintDevice - ok
17:45:57.0297 6840 WSearch - ok
17:45:57.0417 6840 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
17:45:57.0517 6840 wuauserv - ok
17:45:57.0547 6840 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
17:45:57.0597 6840 WudfPf - ok
17:45:57.0647 6840 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
17:45:57.0707 6840 WUDFRd - ok
17:45:57.0727 6840 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
17:45:57.0767 6840 wudfsvc - ok
17:45:57.0807 6840 [ CE8CF9DE9CBFDAA318BD04D8BE3FCADA ] WwanSvc C:\Windows\System32\wwansvc.dll
17:45:57.0857 6840 WwanSvc - ok
17:45:57.0887 6840 ================ Scan global ===============================
17:45:57.0917 6840 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
17:45:57.0957 6840 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
17:45:57.0967 6840 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
17:45:57.0997 6840 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
17:45:58.0027 6840 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
17:45:58.0027 6840 [Global] - ok
17:45:58.0027 6840 ================ Scan MBR ==================================
17:45:58.0037 6840 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
17:46:00.0317 6840 \Device\Harddisk0\DR0 - ok
17:46:00.0317 6840 ================ Scan VBR ==================================
17:46:00.0337 6840 [ 36CA5B3828452A54C26591083E50DAEA ] \Device\Harddisk0\DR0\Partition1
17:46:00.0367 6840 \Device\Harddisk0\DR0\Partition1 - ok
17:46:00.0377 6840 [ A31ECB611B7EB1CE3426DBE05B5C864E ] \Device\Harddisk0\DR0\Partition2
17:46:00.0387 6840 \Device\Harddisk0\DR0\Partition2 - ok
17:46:00.0417 6840 [ E8C8D218B33D85140C04804829E23F62 ] \Device\Harddisk0\DR0\Partition3
17:46:00.0417 6840 \Device\Harddisk0\DR0\Partition3 - ok
17:46:00.0477 6840 [ 7D1A8692A9F14A8006184433C8AE8FDC ] \Device\Harddisk0\DR0\Partition4
17:46:00.0477 6840 \Device\Harddisk0\DR0\Partition4 - ok
17:46:00.0487 6840 ============================================================
17:46:00.0487 6840 Scan finished
17:46:00.0487 6840 ============================================================
17:46:00.0507 3224 Detected object count: 0
17:46:00.0507 3224 Actual detected object count: 0
17:46:12.0527 6756 ============================================================
17:46:12.0527 6756 Scan started
17:46:12.0527 6756 Mode: Manual; SigCheck; TDLFS;
17:46:12.0527 6756 ============================================================
17:46:13.0157 6756 ================ Scan system memory ========================
17:46:13.0157 6756 System memory - ok
17:46:13.0167 6756 ================ Scan services =============================
17:46:14.0057 6756 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
17:46:14.0097 6756 1394ohci - ok
17:46:14.0137 6756 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
17:46:14.0157 6756 ACPI - ok
17:46:14.0197 6756 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
17:46:14.0217 6756 AcpiPmi - ok
17:46:14.0417 6756 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
17:46:14.0437 6756 AdobeARMservice - ok
17:46:15.0107 6756 [ 44C00A385CA9DBC1D5CF3781F8C26AEA ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
17:46:15.0137 6756 AdobeFlashPlayerUpdateSvc - ok
17:46:15.0187 6756 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
17:46:15.0217 6756 adp94xx - ok
17:46:15.0267 6756 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
17:46:15.0297 6756 adpahci - ok
17:46:15.0327 6756 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
17:46:15.0337 6756 adpu320 - ok
17:46:15.0397 6756 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
17:46:15.0447 6756 AeLookupSvc - ok
17:46:15.0497 6756 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
17:46:15.0517 6756 AFD - ok
17:46:15.0577 6756 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
17:46:15.0597 6756 agp440 - ok
17:46:15.0627 6756 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
17:46:15.0647 6756 ALG - ok
17:46:15.0677 6756 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
17:46:15.0707 6756 aliide - ok
17:46:15.0747 6756 [ 715B02B892C5BA46471EFC8DCD2AE934 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
17:46:15.0767 6756 AMD External Events Utility - ok
17:46:15.0847 6756 AMD FUEL Service - ok
17:46:15.0907 6756 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
17:46:15.0917 6756 amdide - ok
17:46:15.0937 6756 [ 6A2EEB0C4133B20773BB3DD0B7B377B4 ] amdiox64 C:\Windows\system32\DRIVERS\amdiox64.sys
17:46:15.0947 6756 amdiox64 - ok
17:46:15.0967 6756 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
17:46:15.0977 6756 AmdK8 - ok
17:46:16.0387 6756 [ 7054D5D028B6CA727D0575192D633FA9 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
17:46:16.0537 6756 amdkmdag - ok
17:46:16.0587 6756 [ 1CD2BC11467FD5FC7BE9827A9F3D8566 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
17:46:16.0617 6756 amdkmdap - ok
17:46:16.0647 6756 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
17:46:16.0657 6756 AmdPPM - ok
17:46:16.0687 6756 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
17:46:16.0697 6756 amdsata - ok
17:46:16.0727 6756 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
17:46:16.0747 6756 amdsbs - ok
17:46:16.0777 6756 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
17:46:16.0787 6756 amdxata - ok
17:46:16.0827 6756 [ F9D46B6B322708BD5AFCC8767EBDC901 ] amd_sata C:\Windows\system32\DRIVERS\amd_sata.sys
17:46:16.0837 6756 amd_sata - ok
17:46:16.0867 6756 [ 329CC9C7E20DEEBCD4CD10816193EF14 ] amd_xata C:\Windows\system32\DRIVERS\amd_xata.sys
17:46:16.0877 6756 amd_xata - ok
17:46:16.0907 6756 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
17:46:16.0947 6756 AppID - ok
17:46:16.0987 6756 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
17:46:17.0027 6756 AppIDSvc - ok
17:46:17.0037 6756 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
17:46:17.0077 6756 Appinfo - ok
17:46:17.0107 6756 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
17:46:17.0117 6756 arc - ok
17:46:17.0147 6756 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
17:46:17.0167 6756 arcsas - ok
17:46:17.0247 6756 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
17:46:17.0277 6756 aspnet_state - ok
17:46:17.0297 6756 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
17:46:17.0327 6756 AsyncMac - ok
17:46:17.0357 6756 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
17:46:17.0377 6756 atapi - ok
17:46:17.0407 6756 [ 4BF5BCA6E2608CD8A00BC4A6673A9F47 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
17:46:17.0427 6756 AtiHDAudioService - ok
17:46:17.0457 6756 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
17:46:17.0497 6756 AudioEndpointBuilder - ok
17:46:17.0527 6756 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
17:46:17.0577 6756 AudioSrv - ok
17:46:17.0977 6756 [ B41F0E54105801538D56623271A0AE49 ] AVGIDSAgent C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
17:46:18.0087 6756 AVGIDSAgent - ok
17:46:18.0157 6756 [ F1A99DA71E6549D7D944596E15142866 ] AVGIDSDriver C:\Windows\system32\DRIVERS\avgidsdrivera.sys
17:46:18.0177 6756 AVGIDSDriver - ok
17:46:18.0207 6756 [ E6CB84918C1ABE84AAAF749D2EA4E764 ] AVGIDSHA C:\Windows\system32\DRIVERS\avgidsha.sys
17:46:18.0217 6756 AVGIDSHA - ok
17:46:18.0247 6756 [ 5989592A91A17587799792A81E1541D4 ] Avgldx64 C:\Windows\system32\DRIVERS\avgldx64.sys
17:46:18.0267 6756 Avgldx64 - ok
17:46:18.0327 6756 [ 3FC43AA02545FCDDC22817829114DEC8 ] Avgloga C:\Windows\system32\DRIVERS\avgloga.sys
17:46:18.0357 6756 Avgloga - ok
17:46:18.0387 6756 [ EAFF19168F26FA225EB679547B718051 ] Avgmfx64 C:\Windows\system32\DRIVERS\avgmfx64.sys
17:46:18.0397 6756 Avgmfx64 - ok
17:46:18.0457 6756 [ FE4F444DBE4BBBDFD8FECF49398DEFC7 ] Avgrkx64 C:\Windows\system32\DRIVERS\avgrkx64.sys
17:46:18.0487 6756 Avgrkx64 - ok
17:46:18.0517 6756 [ 6E634525613D48A1D1657FB21F21F3B2 ] Avgtdia C:\Windows\system32\DRIVERS\avgtdia.sys
17:46:18.0537 6756 Avgtdia - ok
17:46:18.0567 6756 [ A3B21D3CD9185734698AB4C5D7D8F182 ] avgtp C:\Windows\system32\drivers\avgtpx64.sys
17:46:18.0597 6756 avgtp - ok
17:46:18.0657 6756 [ 0D2EB149AFF89A307E5D82D0A2B78439 ] avgwd C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
17:46:18.0667 6756 avgwd - ok
17:46:18.0737 6756 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
17:46:18.0767 6756 AxInstSV - ok
17:46:18.0837 6756 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
17:46:18.0857 6756 b06bdrv - ok
17:46:18.0907 6756 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
17:46:18.0927 6756 b57nd60a - ok
17:46:19.0007 6756 [ 9E84A931DBEE0292E38ED672F6293A99 ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl664.sys
17:46:19.0047 6756 BCM43XX - ok
17:46:19.0087 6756 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
17:46:19.0097 6756 BDESVC - ok
17:46:19.0137 6756 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
17:46:19.0177 6756 Beep - ok
17:46:19.0247 6756 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
17:46:19.0307 6756 BFE - ok
17:46:19.0357 6756 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
17:46:19.0407 6756 BITS - ok
17:46:19.0477 6756 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
17:46:19.0497 6756 blbdrive - ok
17:46:19.0547 6756 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
17:46:19.0567 6756 bowser - ok
17:46:19.0587 6756 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
17:46:19.0597 6756 BrFiltLo - ok
17:46:19.0627 6756 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
17:46:19.0657 6756 BrFiltUp - ok
17:46:19.0717 6756 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
17:46:19.0737 6756 Browser - ok
17:46:19.0777 6756 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
17:46:19.0807 6756 Brserid - ok
17:46:19.0887 6756 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
17:46:19.0907 6756 BrSerWdm - ok
17:46:19.0937 6756 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
17:46:19.0947 6756 BrUsbMdm - ok
17:46:19.0967 6756 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
17:46:19.0977 6756 BrUsbSer - ok
17:46:19.0997 6756 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
17:46:20.0017 6756 BTHMODEM - ok
17:46:20.0067 6756 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
17:46:20.0107 6756 bthserv - ok
17:46:20.0157 6756 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
17:46:20.0197 6756 cdfs - ok
17:46:20.0267 6756 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
17:46:20.0287 6756 cdrom - ok
17:46:20.0347 6756 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
17:46:20.0407 6756 CertPropSvc - ok
17:46:20.0457 6756 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
17:46:20.0487 6756 circlass - ok
17:46:20.0557 6756 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
17:46:20.0577 6756 CLFS - ok
17:46:20.0657 6756 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:46:20.0687 6756 clr_optimization_v2.0.50727_32 - ok
17:46:20.0747 6756 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
17:46:20.0757 6756 clr_optimization_v2.0.50727_64 - ok
17:46:20.0917 6756 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:46:20.0927 6756 clr_optimization_v4.0.30319_32 - ok
17:46:21.0007 6756 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
17:46:21.0017 6756 clr_optimization_v4.0.30319_64 - ok
17:46:21.0057 6756 [ 50F92C943F18B070F166D019DFAB3D9A ] clwvd C:\Windows\system32\DRIVERS\clwvd.sys
17:46:21.0067 6756 clwvd - ok
17:46:21.0097 6756 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
17:46:21.0117 6756 CmBatt - ok
17:46:21.0127 6756 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
17:46:21.0137 6756 cmdide - ok
17:46:21.0197 6756 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
17:46:21.0217 6756 CNG - ok
17:46:21.0237 6756 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
17:46:21.0247 6756 Compbatt - ok
17:46:21.0287 6756 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
17:46:21.0307 6756 CompositeBus - ok
17:46:21.0307 6756 COMSysApp - ok
17:46:21.0337 6756 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
17:46:21.0347 6756 crcdisk - ok
17:46:21.0397 6756 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
17:46:21.0407 6756 CryptSvc - ok
17:46:21.0517 6756 [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
17:46:21.0547 6756 cvhsvc - ok
17:46:21.0587 6756 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
17:46:21.0627 6756 DcomLaunch - ok
17:46:21.0657 6756 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
17:46:21.0697 6756 defragsvc - ok
17:46:21.0737 6756 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
17:46:21.0767 6756 DfsC - ok
17:46:21.0797 6756 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
17:46:21.0837 6756 Dhcp - ok
17:46:21.0847 6756 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
17:46:21.0887 6756 discache - ok
17:46:21.0907 6756 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
17:46:21.0917 6756 Disk - ok
17:46:21.0967 6756 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
17:46:21.0977 6756 Dnscache - ok
17:46:22.0017 6756 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
17:46:22.0067 6756 dot3svc - ok
17:46:22.0087 6756 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
17:46:22.0127 6756 DPS - ok
17:46:22.0187 6756 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
17:46:22.0197 6756 drmkaud - ok
17:46:22.0287 6756 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
17:46:22.0317 6756 DXGKrnl - ok
17:46:22.0357 6756 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
17:46:22.0397 6756 EapHost - ok
17:46:22.0547 6756 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
17:46:22.0607 6756 ebdrv - ok
17:46:22.0667 6756 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
17:46:22.0687 6756 EFS - ok
17:46:22.0827 6756 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
17:46:22.0857 6756 ehRecvr - ok
17:46:22.0887 6756 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
17:46:22.0907 6756 ehSched - ok
17:46:22.0937 6756 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
17:46:22.0967 6756 elxstor - ok
17:46:22.0997 6756 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
17:46:23.0007 6756 ErrDev - ok
17:46:23.0077 6756 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
17:46:23.0137 6756 EventSystem - ok
17:46:23.0177 6756 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
17:46:23.0217 6756 exfat - ok
17:46:23.0247 6756 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
17:46:23.0287 6756 fastfat - ok
17:46:23.0337 6756 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
17:46:23.0377 6756 Fax - ok
17:46:23.0397 6756 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
17:46:23.0417 6756 fdc - ok
17:46:23.0437 6756 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
17:46:23.0477 6756 fdPHost - ok
17:46:23.0497 6756 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
17:46:23.0537 6756 FDResPub - ok
17:46:23.0587 6756 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
17:46:23.0597 6756 FileInfo - ok
17:46:23.0617 6756 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
17:46:23.0657 6756 Filetrace - ok
17:46:23.0687 6756 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
17:46:23.0717 6756 flpydisk - ok
17:46:23.0747 6756 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
17:46:23.0767 6756 FltMgr - ok
17:46:23.0847 6756 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
17:46:23.0887 6756 FontCache - ok
17:46:23.0957 6756 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
17:46:23.0987 6756 FontCache3.0.0.0 - ok
17:46:24.0027 6756 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
17:46:24.0037 6756 FsDepends - ok
17:46:24.0077 6756 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
17:46:24.0087 6756 Fs_Rec - ok
17:46:24.0117 6756 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
17:46:24.0137 6756 fvevol - ok
17:46:24.0167 6756 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
17:46:24.0187 6756 gagp30kx - ok
17:46:24.0247 6756 [ C403C5DB49A0F9AAF4F2128EDC0106D8 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
17:46:24.0267 6756 GamesAppService - ok
17:46:24.0337 6756 [ A4198F2BD8AA592CB90476277A81B5E1 ] ggflt C:\Windows\system32\DRIVERS\ggflt.sys
17:46:24.0357 6756 ggflt - ok
17:46:24.0377 6756 [ D266350BDAAB9EB6C1AEC370EEAAFF3A ] ggsemc C:\Windows\system32\DRIVERS\ggsemc.sys
17:46:24.0387 6756 ggsemc - ok
17:46:24.0437 6756 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
17:46:24.0487 6756 gpsvc - ok
17:46:24.0517 6756 [ C1B577B2169900F4CF7190C39F085794 ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
17:46:24.0537 6756 gusvc - ok
17:46:24.0567 6756 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
17:46:24.0577 6756 hcw85cir - ok
17:46:24.0597 6756 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
17:46:24.0617 6756 HdAudAddService - ok
17:46:24.0647 6756 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
17:46:24.0667 6756 HDAudBus - ok
17:46:24.0687 6756 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
17:46:24.0697 6756 HidBatt - ok
17:46:24.0737 6756 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
17:46:24.0777 6756 HidBth - ok
17:46:24.0807 6756 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
17:46:24.0817 6756 HidIr - ok
17:46:24.0857 6756 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
17:46:24.0887 6756 hidserv - ok
17:46:24.0907 6756 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\drivers\hidusb.sys
17:46:24.0917 6756 HidUsb - ok
17:46:24.0967 6756 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
17:46:24.0997 6756 hkmsvc - ok
17:46:25.0047 6756 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
17:46:25.0067 6756 HomeGroupListener - ok
17:46:25.0097 6756 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
17:46:25.0137 6756 HomeGroupProvider - ok
17:46:25.0247 6756 [ 13BB1114451C63BFB41BA7DAA4D70A29 ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
17:46:25.0267 6756 HP Support Assistant Service - ok
17:46:25.0327 6756 [ 6A181452D4E240B8ECC7614B9A19BDE9 ] HPClientSvc C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
17:46:25.0347 6756 HPClientSvc - ok
17:46:25.0457 6756 [ 02CE63D8DD5E6DD5CEFF336191C0859E ] HPDrvMntSvc.exe C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
17:46:25.0477 6756 HPDrvMntSvc.exe - ok
17:46:25.0647 6756 [ 5DA42D24712E00728CEA2342A65009B2 ] hpqcxs08 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
17:46:25.0667 6756 hpqcxs08 - ok
17:46:25.0687 6756 [ D86A39BF100069444D026D22D9A6E555 ] hpqddsvc C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
17:46:25.0697 6756 hpqddsvc - ok
17:46:25.0767 6756 [ E7C7829BA0395E48F8C8FE16B8832344 ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
17:46:25.0807 6756 hpqwmiex - ok
17:46:25.0827 6756 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
17:46:25.0837 6756 HpSAMD - ok
17:46:25.0907 6756 [ 77C15D7E8F002A173EEBFF0B20CD697D ] HPWMISVC C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
17:46:25.0927 6756 HPWMISVC - ok
17:46:25.0967 6756 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
17:46:26.0027 6756 HTTP - ok
17:46:26.0047 6756 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
17:46:26.0057 6756 hwpolicy - ok
17:46:26.0087 6756 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
17:46:26.0107 6756 i8042prt - ok
17:46:26.0147 6756 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
17:46:26.0167 6756 iaStorV - ok
17:46:26.0287 6756 [ 2C3CC41FEFCB77E2826886E6B7EF93AE ] IconMan_R C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
17:46:26.0337 6756 IconMan_R - ok
17:46:26.0427 6756 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows
|
|
18.10.2012, 16:53
| #36 |
| | Fehlermeldung beim Neustart C:\ Users\User\AppData\Local\Temp\wgsdgsdgdsgsd.exe Part 2 Code:
ATTFilter Communication Foundation\infocard.exe
17:46:26.0457 6756 idsvc - ok
17:46:26.0477 6756 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
17:46:26.0497 6756 iirsp - ok
17:46:26.0547 6756 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
17:46:26.0597 6756 IKEEXT - ok
17:46:26.0627 6756 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
17:46:26.0647 6756 intelide - ok
17:46:26.0687 6756 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\drivers\intelppm.sys
17:46:26.0697 6756 intelppm - ok
17:46:26.0737 6756 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
17:46:26.0777 6756 IPBusEnum - ok
17:46:26.0787 6756 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:46:26.0827 6756 IpFilterDriver - ok
17:46:26.0887 6756 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
17:46:26.0937 6756 iphlpsvc - ok
17:46:26.0977 6756 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
17:46:26.0987 6756 IPMIDRV - ok
17:46:27.0007 6756 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
17:46:27.0047 6756 IPNAT - ok
17:46:27.0097 6756 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
17:46:27.0107 6756 IRENUM - ok
17:46:27.0137 6756 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
17:46:27.0147 6756 isapnp - ok
17:46:27.0197 6756 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
17:46:27.0217 6756 iScsiPrt - ok
17:46:27.0257 6756 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
17:46:27.0287 6756 kbdclass - ok
17:46:27.0307 6756 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
17:46:27.0317 6756 kbdhid - ok
17:46:27.0327 6756 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
17:46:27.0337 6756 KeyIso - ok
17:46:27.0417 6756 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
17:46:27.0447 6756 KSecDD - ok
17:46:27.0477 6756 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
17:46:27.0497 6756 KSecPkg - ok
17:46:27.0527 6756 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
17:46:27.0567 6756 ksthunk - ok
17:46:27.0617 6756 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
17:46:27.0677 6756 KtmRm - ok
17:46:27.0717 6756 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
17:46:27.0757 6756 LanmanServer - ok
17:46:27.0787 6756 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
17:46:27.0827 6756 LanmanWorkstation - ok
17:46:27.0857 6756 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
17:46:27.0897 6756 lltdio - ok
17:46:27.0917 6756 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
17:46:27.0967 6756 lltdsvc - ok
17:46:27.0977 6756 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
17:46:28.0017 6756 lmhosts - ok
17:46:28.0047 6756 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
17:46:28.0057 6756 LSI_FC - ok
17:46:28.0077 6756 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
17:46:28.0087 6756 LSI_SAS - ok
17:46:28.0137 6756 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
17:46:28.0147 6756 LSI_SAS2 - ok
17:46:28.0157 6756 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
17:46:28.0177 6756 LSI_SCSI - ok
17:46:28.0197 6756 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
17:46:28.0247 6756 luafv - ok
17:46:28.0287 6756 [ B9FC4CCE5758B816F27DD4D1EED11841 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
17:46:28.0297 6756 MBAMProtector - ok
17:46:28.0337 6756 [ 0DCF16B1449811EFA47AB52CAC84093C ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
17:46:28.0347 6756 MBAMScheduler - ok
17:46:28.0367 6756 [ 9EAABA4D601004BEA4DAA6E146E19A96 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
17:46:28.0387 6756 MBAMService - ok
17:46:28.0447 6756 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
17:46:28.0467 6756 Mcx2Svc - ok
17:46:28.0497 6756 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
17:46:28.0517 6756 megasas - ok
17:46:28.0587 6756 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
17:46:28.0637 6756 MegaSR - ok
17:46:28.0707 6756 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
17:46:28.0767 6756 MMCSS - ok
17:46:28.0817 6756 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
17:46:28.0867 6756 Modem - ok
17:46:28.0907 6756 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
17:46:28.0917 6756 monitor - ok
17:46:28.0957 6756 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
17:46:28.0967 6756 mouclass - ok
17:46:29.0027 6756 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\drivers\mouhid.sys
17:46:29.0037 6756 mouhid - ok
17:46:29.0067 6756 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
17:46:29.0087 6756 mountmgr - ok
17:46:29.0137 6756 [ 4D7F2682D29B92A6251B17957AA0B985 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
17:46:29.0167 6756 MozillaMaintenance - ok
17:46:29.0207 6756 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
17:46:29.0227 6756 mpio - ok
17:46:29.0247 6756 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
17:46:29.0287 6756 mpsdrv - ok
17:46:29.0317 6756 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
17:46:29.0367 6756 MpsSvc - ok
17:46:29.0407 6756 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
17:46:29.0427 6756 MRxDAV - ok
17:46:29.0477 6756 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
17:46:29.0497 6756 mrxsmb - ok
17:46:29.0547 6756 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:46:29.0567 6756 mrxsmb10 - ok
17:46:29.0607 6756 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:46:29.0637 6756 mrxsmb20 - ok
17:46:29.0677 6756 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
17:46:29.0697 6756 msahci - ok
17:46:29.0727 6756 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
17:46:29.0747 6756 msdsm - ok
17:46:29.0777 6756 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
17:46:29.0797 6756 MSDTC - ok
17:46:29.0837 6756 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
17:46:29.0877 6756 Msfs - ok
17:46:29.0897 6756 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
17:46:29.0937 6756 mshidkmdf - ok
17:46:29.0987 6756 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
17:46:30.0017 6756 msisadrv - ok
17:46:30.0057 6756 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
17:46:30.0097 6756 MSiSCSI - ok
17:46:30.0097 6756 msiserver - ok
17:46:30.0157 6756 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
17:46:30.0187 6756 MSKSSRV - ok
17:46:30.0207 6756 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
17:46:30.0247 6756 MSPCLOCK - ok
17:46:30.0257 6756 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
17:46:30.0297 6756 MSPQM - ok
17:46:30.0347 6756 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
17:46:30.0367 6756 MsRPC - ok
17:46:30.0407 6756 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
17:46:30.0417 6756 mssmbios - ok
17:46:30.0447 6756 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
17:46:30.0487 6756 MSTEE - ok
17:46:30.0507 6756 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
17:46:30.0517 6756 MTConfig - ok
17:46:30.0537 6756 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
17:46:30.0547 6756 Mup - ok
17:46:30.0617 6756 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
17:46:30.0687 6756 napagent - ok
17:46:30.0747 6756 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
17:46:30.0777 6756 NativeWifiP - ok
17:46:30.0927 6756 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
17:46:30.0967 6756 NDIS - ok
17:46:30.0987 6756 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
17:46:31.0027 6756 NdisCap - ok
17:46:31.0077 6756 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
17:46:31.0127 6756 NdisTapi - ok
17:46:31.0147 6756 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
17:46:31.0177 6756 Ndisuio - ok
17:46:31.0227 6756 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
17:46:31.0277 6756 NdisWan - ok
17:46:31.0457 6756 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
17:46:31.0507 6756 NDProxy - ok
17:46:31.0777 6756 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
17:46:31.0817 6756 NetBIOS - ok
17:46:31.0847 6756 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
17:46:31.0887 6756 NetBT - ok
17:46:31.0907 6756 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
17:46:31.0917 6756 Netlogon - ok
17:46:32.0007 6756 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
17:46:32.0067 6756 Netman - ok
17:46:32.0187 6756 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:46:32.0217 6756 NetMsmqActivator - ok
17:46:32.0247 6756 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:46:32.0267 6756 NetPipeActivator - ok
17:46:32.0397 6756 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
17:46:32.0467 6756 netprofm - ok
17:46:32.0507 6756 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:46:32.0517 6756 NetTcpActivator - ok
17:46:32.0557 6756 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:46:32.0567 6756 NetTcpPortSharing - ok
17:46:32.0607 6756 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
17:46:32.0617 6756 nfrd960 - ok
17:46:32.0717 6756 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
17:46:32.0777 6756 NlaSvc - ok
17:46:32.0817 6756 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
17:46:32.0867 6756 Npfs - ok
17:46:32.0887 6756 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
17:46:32.0927 6756 nsi - ok
17:46:32.0947 6756 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
17:46:32.0987 6756 nsiproxy - ok
17:46:33.0097 6756 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
17:46:33.0147 6756 Ntfs - ok
17:46:33.0177 6756 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
17:46:33.0217 6756 Null - ok
17:46:33.0247 6756 [ A85B4F2EF3A7304A5399EF0526423040 ] NVENETFD C:\Windows\system32\DRIVERS\nvm62x64.sys
17:46:33.0267 6756 NVENETFD - ok
17:46:33.0287 6756 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
17:46:33.0307 6756 nvraid - ok
17:46:33.0327 6756 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
17:46:33.0347 6756 nvstor - ok
17:46:33.0367 6756 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
17:46:33.0377 6756 nv_agp - ok
17:46:33.0427 6756 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
17:46:33.0447 6756 ohci1394 - ok
17:46:33.0487 6756 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
17:46:33.0507 6756 ose - ok
17:46:33.0767 6756 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
17:46:33.0867 6756 osppsvc - ok
17:46:33.0917 6756 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
17:46:33.0937 6756 p2pimsvc - ok
17:46:33.0967 6756 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
17:46:33.0987 6756 p2psvc - ok
17:46:34.0027 6756 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
17:46:34.0047 6756 Parport - ok
17:46:34.0077 6756 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
17:46:34.0087 6756 partmgr - ok
17:46:34.0137 6756 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
17:46:34.0157 6756 PcaSvc - ok
17:46:34.0217 6756 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
17:46:34.0227 6756 pci - ok
17:46:34.0267 6756 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
17:46:34.0277 6756 pciide - ok
17:46:34.0337 6756 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
17:46:34.0357 6756 pcmcia - ok
17:46:34.0397 6756 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
17:46:34.0407 6756 pcw - ok
17:46:34.0437 6756 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
17:46:34.0487 6756 PEAUTH - ok
17:46:34.0817 6756 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
17:46:34.0837 6756 PerfHost - ok
17:46:35.0037 6756 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
17:46:35.0117 6756 pla - ok
17:46:35.0157 6756 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
17:46:35.0197 6756 PlugPlay - ok
17:46:35.0227 6756 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
17:46:35.0237 6756 PNRPAutoReg - ok
17:46:35.0257 6756 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
17:46:35.0277 6756 PNRPsvc - ok
17:46:35.0337 6756 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
17:46:35.0397 6756 PolicyAgent - ok
17:46:35.0427 6756 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
17:46:35.0477 6756 Power - ok
17:46:35.0527 6756 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
17:46:35.0577 6756 PptpMiniport - ok
17:46:35.0627 6756 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
17:46:35.0637 6756 Processor - ok
17:46:35.0727 6756 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
17:46:35.0757 6756 ProfSvc - ok
17:46:35.0777 6756 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
17:46:35.0787 6756 ProtectedStorage - ok
17:46:35.0807 6756 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
17:46:35.0847 6756 Psched - ok
17:46:35.0927 6756 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
17:46:35.0977 6756 ql2300 - ok
17:46:36.0037 6756 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
17:46:36.0047 6756 ql40xx - ok
17:46:36.0077 6756 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
17:46:36.0097 6756 QWAVE - ok
17:46:36.0137 6756 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
17:46:36.0157 6756 QWAVEdrv - ok
17:46:36.0177 6756 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
17:46:36.0207 6756 RasAcd - ok
17:46:36.0257 6756 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
17:46:36.0297 6756 RasAgileVpn - ok
17:46:36.0317 6756 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
17:46:36.0367 6756 RasAuto - ok
17:46:36.0387 6756 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
17:46:36.0427 6756 Rasl2tp - ok
17:46:36.0467 6756 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
17:46:36.0507 6756 RasMan - ok
17:46:36.0537 6756 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
17:46:36.0577 6756 RasPppoe - ok
17:46:36.0617 6756 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
17:46:36.0657 6756 RasSstp - ok
17:46:36.0707 6756 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
17:46:36.0747 6756 rdbss - ok
17:46:36.0777 6756 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
17:46:36.0787 6756 rdpbus - ok
17:46:36.0817 6756 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
17:46:36.0857 6756 RDPCDD - ok
17:46:36.0897 6756 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
17:46:36.0937 6756 RDPENCDD - ok
17:46:36.0957 6756 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
17:46:36.0997 6756 RDPREFMP - ok
17:46:37.0037 6756 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
17:46:37.0057 6756 RDPWD - ok
17:46:37.0097 6756 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
17:46:37.0107 6756 rdyboost - ok
17:46:37.0157 6756 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
17:46:37.0197 6756 RemoteAccess - ok
17:46:37.0307 6756 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
17:46:37.0367 6756 RemoteRegistry - ok
17:46:37.0407 6756 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
17:46:37.0457 6756 RpcEptMapper - ok
17:46:37.0517 6756 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
17:46:37.0527 6756 RpcLocator - ok
17:46:37.0577 6756 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
17:46:37.0617 6756 RpcSs - ok
17:46:37.0687 6756 [ D5C3E1629A3F7F0857D27949252B94CE ] RSPCIESTOR C:\Windows\system32\DRIVERS\RtsPStor.sys
17:46:37.0707 6756 RSPCIESTOR - ok
17:46:37.0737 6756 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
17:46:37.0777 6756 rspndr - ok
17:46:37.0817 6756 [ A73ED14670220307874AD6BC2F279349 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
17:46:37.0837 6756 RTL8167 - ok
17:46:37.0937 6756 [ 507B708A731DED6B992E3F664A93288B ] RTL8192Ce C:\Windows\system32\DRIVERS\rtl8192Ce.sys
17:46:37.0997 6756 RTL8192Ce - ok
17:46:38.0037 6756 [ 0031DD0C5D4446DA0A3E02617DC6D642 ] s1039bus C:\Windows\system32\DRIVERS\s1039bus.sys
17:46:38.0047 6756 s1039bus - ok
17:46:38.0087 6756 [ 98C7DBE2290D8CB0235E9528F6A1A53D ] s1039mdfl C:\Windows\system32\DRIVERS\s1039mdfl.sys
17:46:38.0097 6756 s1039mdfl - ok
17:46:38.0167 6756 [ 7EF052A067D862ECD2A2335914611074 ] s1039mdm C:\Windows\system32\DRIVERS\s1039mdm.sys
17:46:38.0197 6756 s1039mdm - ok
17:46:38.0257 6756 [ BCC3F31F1FE1E78A5BA2CD6A0E44BA64 ] s1039mgmt C:\Windows\system32\DRIVERS\s1039mgmt.sys
17:46:38.0267 6756 s1039mgmt - ok
17:46:38.0297 6756 [ A0CF11BFFA41176CCD54E701CEB68921 ] s1039nd5 C:\Windows\system32\DRIVERS\s1039nd5.sys
17:46:38.0307 6756 s1039nd5 - ok
17:46:38.0317 6756 [ BD2DA968C5DCEF51BA8014FBAC7A0B6A ] s1039obex C:\Windows\system32\DRIVERS\s1039obex.sys
17:46:38.0337 6756 s1039obex - ok
17:46:38.0347 6756 [ 96B4051B65C1974258A8A33A03C0B082 ] s1039unic C:\Windows\system32\DRIVERS\s1039unic.sys
17:46:38.0367 6756 s1039unic - ok
17:46:38.0387 6756 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
17:46:38.0397 6756 SamSs - ok
17:46:38.0417 6756 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
17:46:38.0437 6756 sbp2port - ok
17:46:38.0467 6756 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
17:46:38.0507 6756 SCardSvr - ok
17:46:38.0537 6756 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
17:46:38.0577 6756 scfilter - ok
17:46:38.0627 6756 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
17:46:38.0677 6756 Schedule - ok
17:46:38.0717 6756 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
17:46:38.0747 6756 SCPolicySvc - ok
17:46:38.0777 6756 [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
17:46:38.0797 6756 sdbus - ok
17:46:38.0827 6756 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
17:46:38.0837 6756 SDRSVC - ok
17:46:38.0877 6756 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
17:46:38.0907 6756 secdrv - ok
17:46:38.0927 6756 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
17:46:38.0967 6756 seclogon - ok
17:46:38.0987 6756 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
17:46:39.0027 6756 SENS - ok
17:46:39.0037 6756 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
17:46:39.0047 6756 SensrSvc - ok
17:46:39.0067 6756 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys
17:46:39.0077 6756 Serenum - ok
17:46:39.0097 6756 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys
17:46:39.0107 6756 Serial - ok
17:46:39.0147 6756 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
17:46:39.0157 6756 sermouse - ok
17:46:39.0197 6756 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
17:46:39.0237 6756 SessionEnv - ok
17:46:39.0257 6756 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
17:46:39.0267 6756 sffdisk - ok
17:46:39.0287 6756 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
17:46:39.0307 6756 sffp_mmc - ok
17:46:39.0337 6756 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
17:46:39.0357 6756 sffp_sd - ok
17:46:39.0387 6756 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
17:46:39.0397 6756 sfloppy - ok
17:46:39.0457 6756 [ C6CC9297BD53E5229653303E556AA539 ] Sftfs C:\Windows\system32\DRIVERS\Sftfslh.sys
17:46:39.0487 6756 Sftfs - ok
17:46:39.0537 6756 [ 13693B6354DD6E72DC5131DA7D764B90 ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
17:46:39.0577 6756 sftlist - ok
17:46:39.0597 6756 [ 390AA7BC52CEE43F6790CDEA1E776703 ] Sftplay C:\Windows\system32\DRIVERS\Sftplaylh.sys
17:46:39.0617 6756 Sftplay - ok
17:46:39.0657 6756 [ 617E29A0B0A2807466560D4C4E338D3E ] Sftredir C:\Windows\system32\DRIVERS\Sftredirlh.sys
17:46:39.0667 6756 Sftredir - ok
17:46:39.0687 6756 [ 8F571F016FA1976F445147E9E6C8AE9B ] Sftvol C:\Windows\system32\DRIVERS\Sftvollh.sys
17:46:39.0697 6756 Sftvol - ok
17:46:39.0717 6756 [ C3CDDD18F43D44AB713CF8C4916F7696 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
17:46:39.0737 6756 sftvsa - ok
17:46:39.0767 6756 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
17:46:39.0817 6756 SharedAccess - ok
17:46:39.0857 6756 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
17:46:39.0907 6756 ShellHWDetection - ok
17:46:39.0937 6756 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
17:46:39.0947 6756 SiSRaid2 - ok
17:46:39.0987 6756 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
17:46:39.0997 6756 SiSRaid4 - ok
17:46:40.0027 6756 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
17:46:40.0067 6756 Smb - ok
17:46:40.0097 6756 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
17:46:40.0117 6756 SNMPTRAP - ok
17:46:40.0157 6756 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
17:46:40.0167 6756 spldr - ok
17:46:40.0217 6756 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
17:46:40.0237 6756 Spooler - ok
17:46:40.0367 6756 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
17:46:40.0457 6756 sppsvc - ok
17:46:40.0487 6756 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
17:46:40.0537 6756 sppuinotify - ok
17:46:40.0577 6756 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
17:46:40.0597 6756 srv - ok
17:46:40.0617 6756 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
17:46:40.0627 6756 srv2 - ok
17:46:40.0687 6756 [ 0C4540311E11664B245A263E1154CEF8 ] SrvHsfHDA C:\Windows\system32\DRIVERS\VSTAZL6.SYS
17:46:40.0717 6756 SrvHsfHDA - ok
17:46:40.0787 6756 [ 02071D207A9858FBE3A48CBFD59C4A04 ] SrvHsfV92 C:\Windows\system32\DRIVERS\VSTDPV6.SYS
17:46:40.0827 6756 SrvHsfV92 - ok
17:46:40.0867 6756 [ 18E40C245DBFAF36FD0134A7EF2DF396 ] SrvHsfWinac C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
17:46:40.0887 6756 SrvHsfWinac - ok
17:46:40.0907 6756 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
17:46:40.0927 6756 srvnet - ok
17:46:40.0967 6756 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
17:46:41.0007 6756 SSDPSRV - ok
17:46:41.0047 6756 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
17:46:41.0087 6756 SstpSvc - ok
17:46:41.0177 6756 [ 293A556E04F815477AE93E07B35065E6 ] STacSV C:\Program Files\IDT\WDM\STacSV64.exe
17:46:41.0197 6756 STacSV - ok
17:46:41.0217 6756 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
17:46:41.0227 6756 stexstor - ok
17:46:41.0267 6756 [ AA3C0336514C239A171F00A6902B59B8 ] STHDA C:\Windows\system32\DRIVERS\stwrt64.sys
17:46:41.0287 6756 STHDA - ok
17:46:41.0337 6756 [ DECACB6921DED1A38642642685D77DAC ] StillCam C:\Windows\system32\DRIVERS\serscan.sys
17:46:41.0357 6756 StillCam - ok
17:46:41.0427 6756 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
17:46:41.0467 6756 stisvc - ok
17:46:41.0527 6756 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
17:46:41.0547 6756 swenum - ok
17:46:41.0617 6756 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
17:46:41.0677 6756 swprv - ok
17:46:41.0747 6756 [ AC3CC98B1BDB6540021D3FFB105AC2B9 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
17:46:41.0777 6756 SynTP - ok
17:46:41.0897 6756 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
17:46:41.0937 6756 SysMain - ok
17:46:42.0007 6756 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
17:46:42.0037 6756 TabletInputService - ok
17:46:42.0107 6756 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
17:46:42.0167 6756 TapiSrv - ok
17:46:42.0227 6756 [ 4430E9B4C60AAB672D16E801BAD0555E ] tbhsd C:\Windows\system32\drivers\tbhsd.sys
17:46:42.0247 6756 tbhsd - ok
17:46:42.0307 6756 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
17:46:42.0347 6756 TBS - ok
17:46:42.0437 6756 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip C:\Windows\system32\drivers\tcpip.sys
17:46:42.0487 6756 Tcpip - ok
17:46:42.0567 6756 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
17:46:42.0617 6756 TCPIP6 - ok
17:46:42.0657 6756 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
17:46:42.0687 6756 tcpipreg - ok
17:46:42.0707 6756 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
17:46:42.0727 6756 TDPIPE - ok
17:46:42.0767 6756 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
17:46:42.0797 6756 TDTCP - ok
17:46:42.0857 6756 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
17:46:42.0917 6756 tdx - ok
17:46:42.0947 6756 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
17:46:42.0957 6756 TermDD - ok
17:46:43.0037 6756 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
17:46:43.0097 6756 TermService - ok
17:46:43.0137 6756 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
17:46:43.0167 6756 Themes - ok
17:46:43.0217 6756 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
17:46:43.0257 6756 THREADORDER - ok
17:46:43.0307 6756 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
17:46:43.0347 6756 TrkWks - ok
17:46:43.0427 6756 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
17:46:43.0477 6756 TrustedInstaller - ok
17:46:43.0527 6756 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
17:46:43.0577 6756 tssecsrv - ok
17:46:43.0597 6756 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
17:46:43.0607 6756 TsUsbFlt - ok
17:46:43.0657 6756 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
17:46:43.0687 6756 TsUsbGD - ok
17:46:43.0697 6756 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
17:46:43.0737 6756 tunnel - ok
17:46:43.0787 6756 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
17:46:43.0797 6756 uagp35 - ok
17:46:43.0837 6756 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
17:46:43.0877 6756 udfs - ok
17:46:43.0907 6756 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
17:46:43.0917 6756 UI0Detect - ok
17:46:43.0927 6756 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
17:46:43.0947 6756 uliagpkx - ok
17:46:43.0977 6756 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
17:46:43.0997 6756 umbus - ok
17:46:44.0007 6756 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
17:46:44.0017 6756 UmPass - ok
17:46:44.0057 6756 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
17:46:44.0107 6756 upnphost - ok
17:46:44.0147 6756 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
17:46:44.0157 6756 usbccgp - ok
17:46:44.0197 6756 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
17:46:44.0217 6756 usbcir - ok
17:46:44.0247 6756 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
17:46:44.0267 6756 usbehci - ok
17:46:44.0307 6756 [ 573D192E268F0C5B486B7E96F661E538 ] usbfilter C:\Windows\system32\DRIVERS\usbfilter.sys
17:46:44.0317 6756 usbfilter - ok
17:46:44.0347 6756 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
17:46:44.0367 6756 usbhub - ok
17:46:44.0417 6756 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
17:46:44.0427 6756 usbohci - ok
17:46:44.0457 6756 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\drivers\usbprint.sys
17:46:44.0477 6756 usbprint - ok
17:46:44.0547 6756 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
17:46:44.0557 6756 USBSTOR - ok
17:46:44.0597 6756 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
17:46:44.0617 6756 usbuhci - ok
17:46:44.0657 6756 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
17:46:44.0697 6756 usbvideo - ok
17:46:44.0737 6756 [ 70D05EE263568A742D14E1876DF80532 ] usb_rndisx C:\Windows\system32\drivers\usb8023x.sys
17:46:44.0757 6756 usb_rndisx - ok
17:46:44.0797 6756 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
17:46:44.0857 6756 UxSms - ok
17:46:44.0877 6756 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
17:46:44.0887 6756 VaultSvc - ok
17:46:44.0897 6756 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
17:46:44.0907 6756 vdrvroot - ok
17:46:44.0957 6756 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
17:46:45.0007 6756 vds - ok
17:46:45.0057 6756 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
17:46:45.0077 6756 vga - ok
17:46:45.0097 6756 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
17:46:45.0127 6756 VgaSave - ok
17:46:45.0167 6756 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
17:46:45.0187 6756 vhdmp - ok
17:46:45.0217 6756 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
17:46:45.0237 6756 viaide - ok
17:46:45.0257 6756 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
17:46:45.0277 6756 volmgr - ok
17:46:45.0327 6756 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
17:46:45.0347 6756 volmgrx - ok
17:46:45.0437 6756 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
17:46:45.0467 6756 volsnap - ok
17:46:45.0507 6756 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
17:46:45.0517 6756 vsmraid - ok
17:46:45.0597 6756 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
17:46:45.0657 6756 VSS - ok
17:46:45.0757 6756 [ 40DBA03782BCC10685A8C200C5EBDCD0 ] vToolbarUpdater12.2.6 C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\12.2.6\ToolbarUpdater.exe
17:46:45.0787 6756 vToolbarUpdater12.2.6 - ok
17:46:45.0857 6756 [ F117D00BBB401C61CE3E9F3B846D0821 ] vToolbarUpdater13.2.0 C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe
17:46:45.0897 6756 vToolbarUpdater13.2.0 - ok
17:46:45.0907 6756 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
17:46:45.0927 6756 vwifibus - ok
17:46:45.0967 6756 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
17:46:45.0987 6756 vwififlt - ok
17:46:46.0037 6756 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
17:46:46.0087 6756 W32Time - ok
17:46:46.0147 6756 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
17:46:46.0177 6756 WacomPen - ok
17:46:46.0207 6756 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
17:46:46.0247 6756 WANARP - ok
17:46:46.0257 6756 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
17:46:46.0297 6756 Wanarpv6 - ok
17:46:46.0387 6756 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
17:46:46.0417 6756 wbengine - ok
17:46:46.0447 6756 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
17:46:46.0467 6756 WbioSrvc - ok
17:46:46.0507 6756 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
17:46:46.0537 6756 wcncsvc - ok
17:46:46.0577 6756 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
17:46:46.0587 6756 WcsPlugInService - ok
17:46:46.0637 6756 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
17:46:46.0647 6756 Wd - ok
17:46:46.0697 6756 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
17:46:46.0717 6756 Wdf01000 - ok
17:46:46.0757 6756 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
17:46:46.0777 6756 WdiServiceHost - ok
17:46:46.0787 6756 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
17:46:46.0807 6756 WdiSystemHost - ok
17:46:46.0827 6756 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
17:46:46.0857 6756 WebClient - ok
17:46:46.0887 6756 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
17:46:46.0927 6756 Wecsvc - ok
17:46:46.0957 6756 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
17:46:47.0007 6756 wercplsupport - ok
17:46:47.0027 6756 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
17:46:47.0067 6756 WerSvc - ok
17:46:47.0077 6756 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
17:46:47.0117 6756 WfpLwf - ok
17:46:47.0137 6756 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
17:46:47.0147 6756 WIMMount - ok
17:46:47.0177 6756 WinDefend - ok
17:46:47.0177 6756 WinHttpAutoProxySvc - ok
17:46:47.0247 6756 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
17:46:47.0307 6756 Winmgmt - ok
17:46:47.0357 6756 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
17:46:47.0427 6756 WinRM - ok
17:46:47.0457 6756 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
17:46:47.0477 6756 WinUsb - ok
17:46:47.0507 6756 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
17:46:47.0537 6756 Wlansvc - ok
17:46:47.0567 6756 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
17:46:47.0597 6756 wlcrasvc - ok
17:46:47.0767 6756 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
17:46:47.0827 6756 wlidsvc - ok
17:46:47.0857 6756 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
17:46:47.0877 6756 WmiAcpi - ok
17:46:47.0947 6756 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
17:46:47.0967 6756 wmiApSrv - ok
17:46:48.0017 6756 WMPNetworkSvc - ok
17:46:48.0067 6756 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
17:46:48.0087 6756 WPCSvc - ok
17:46:48.0097 6756 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
17:46:48.0107 6756 WPDBusEnum - ok
17:46:48.0167 6756 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
17:46:48.0207 6756 ws2ifsl - ok
17:46:48.0237 6756 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
17:46:48.0257 6756 wscsvc - ok
17:46:48.0327 6756 [ 8D918B1DB190A4D9B1753A66FA8C96E8 ] WSDPrintDevice C:\Windows\system32\DRIVERS\WSDPrint.sys
17:46:48.0357 6756 WSDPrintDevice - ok
17:46:48.0367 6756 WSearch - ok
17:46:48.0527 6756 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
17:46:48.0587 6756 wuauserv - ok
17:46:48.0617 6756 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
17:46:48.0657 6756 WudfPf - ok
17:46:48.0677 6756 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
17:46:48.0717 6756 WUDFRd - ok
17:46:48.0757 6756 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
17:46:48.0797 6756 wudfsvc - ok
17:46:48.0847 6756 [ CE8CF9DE9CBFDAA318BD04D8BE3FCADA ] WwanSvc C:\Windows\System32\wwansvc.dll
17:46:48.0877 6756 WwanSvc - ok
17:46:48.0897 6756 ================ Scan global ===============================
17:46:48.0917 6756 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
17:46:48.0977 6756 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
17:46:48.0987 6756 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
17:46:49.0037 6756 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
17:46:49.0087 6756 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
17:46:49.0087 6756 [Global] - ok
17:46:49.0087 6756 ================ Scan MBR ==================================
17:46:49.0107 6756 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
17:46:51.0537 6756 \Device\Harddisk0\DR0 - ok
17:46:51.0537 6756 ================ Scan VBR ==================================
17:46:51.0557 6756 [ 36CA5B3828452A54C26591083E50DAEA ] \Device\Harddisk0\DR0\Partition1
17:46:51.0577 6756 \Device\Harddisk0\DR0\Partition1 - ok
17:46:51.0587 6756 [ A31ECB611B7EB1CE3426DBE05B5C864E ] \Device\Harddisk0\DR0\Partition2
17:46:51.0627 6756 \Device\Harddisk0\DR0\Partition2 - ok
17:46:51.0657 6756 [ E8C8D218B33D85140C04804829E23F62 ] \Device\Harddisk0\DR0\Partition3
17:46:51.0707 6756 \Device\Harddisk0\DR0\Partition3 - ok
17:46:51.0747 6756 [ 7D1A8692A9F14A8006184433C8AE8FDC ] \Device\Harddisk0\DR0\Partition4
17:46:51.0787 6756 \Device\Harddisk0\DR0\Partition4 - ok
17:46:51.0797 6756 ============================================================
17:46:51.0797 6756 Scan finished
17:46:51.0797 6756 ============================================================
17:46:51.0817 6800 Detected object count: 0
17:46:51.0817 6800 Actual detected object count: 0
|
|
18.10.2012, 19:20
| #37 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Fehlermeldung beim Neustart C:\ Users\User\AppData\Local\Temp\wgsdgsdgdsgsd.exe Dann bitte jetzt CF ausführen: ComboFix Ein Leitfaden und Tutorium zur Nutzung von ComboFix
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat! Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie Zitat:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
18.10.2012, 21:02
| #38 |
| | Fehlermeldung beim Neustart C:\ Users\User\AppData\Local\Temp\wgsdgsdgdsgsd.exe Log ComboFix Code:
ATTFilter ComboFix 12-10-18.03 - Natalie 18.10.2012 20:29:38.1.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.5611.3907 [GMT 2:00]
ausgeführt von:: c:\users\Natalie\Downloads\ComboFix.exe
AV: AVG Anti-Virus 2013 *Disabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
SP: AVG Anti-Virus 2013 *Disabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\Install.exe
c:\users\Natalie\AppData\Local\assembly\tmp
c:\windows\SysWow64\DEBUG.log
c:\windows\UA000096.DLL
.
.
((((((((((((((((((((((( Dateien erstellt von 2012-09-18 bis 2012-10-18 ))))))))))))))))))))))))))))))
.
.
2012-10-18 19:27 . 2012-10-18 19:27 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-10-17 21:16 . 2012-10-17 21:16 -------- d-----w- C:\TDSSKiller_Quarantine
2012-10-17 17:54 . 2012-10-17 17:55 -------- d-----w- c:\programdata\WinZip
2012-10-17 17:54 . 2012-10-17 17:54 -------- d-----w- c:\program files\WinZip
2012-10-17 17:52 . 2012-10-17 17:52 -------- d-----w- c:\users\Natalie\AppData\Local\AVG Secure Search
2012-10-17 17:52 . 2012-10-17 17:52 -------- d-----w- c:\programdata\AVG Secure Search
2012-10-17 17:52 . 2012-10-18 15:39 -------- d-----w- c:\program files (x86)\AVG Secure Search
2012-10-17 16:00 . 2012-10-17 16:00 -------- d-----w- C:\_OTL
2012-10-14 15:25 . 2012-10-14 15:25 -------- d-----w- c:\program files (x86)\ESET
2012-10-13 08:19 . 2012-10-13 08:19 -------- d-----w- c:\users\Default\AppData\Roaming\TuneUp Software
2012-10-13 08:17 . 2012-10-13 08:17 -------- d-----w- c:\users\Natalie\AppData\Roaming\Malwarebytes
2012-10-13 08:17 . 2012-10-13 08:17 -------- d-----w- c:\programdata\Malwarebytes
2012-10-13 08:17 . 2012-10-13 08:17 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-10-13 08:17 . 2012-09-07 15:04 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-10-12 18:39 . 2012-10-12 18:39 -------- d-----w- c:\users\Natalie\AppData\Local\Windows Live Writer
2012-10-12 18:39 . 2012-10-12 18:39 -------- d-----w- c:\users\Natalie\AppData\Roaming\Windows Live Writer
2012-10-10 17:32 . 2012-08-31 18:19 1659760 ----a-w- c:\windows\system32\drivers\ntfs.sys
2012-10-10 17:32 . 2012-08-30 18:03 5559664 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-10-10 17:32 . 2012-08-30 17:12 3914096 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2012-10-10 17:32 . 2012-08-30 17:12 3968880 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2012-10-10 17:32 . 2012-08-20 18:48 424448 ----a-w- c:\windows\system32\KernelBase.dll
2012-10-10 17:32 . 2012-08-20 18:48 215040 ----a-w- c:\windows\system32\winsrv.dll
2012-10-10 17:32 . 2012-08-20 18:48 1162240 ----a-w- c:\windows\system32\kernel32.dll
2012-10-10 17:32 . 2012-08-20 18:46 338432 ----a-w- c:\windows\system32\conhost.exe
2012-10-07 14:31 . 2012-10-07 14:31 -------- d-----w- c:\users\Natalie\AppData\Local\Macromedia
2012-10-07 13:37 . 2012-10-07 13:37 -------- d-----w- c:\users\Natalie\AppData\Local\Mozilla
2012-10-07 13:36 . 2012-10-13 09:18 -------- d-----w- c:\program files (x86)\Mozilla Maintenance Service
2012-10-05 01:26 . 2012-10-05 01:26 111456 ----a-w- c:\windows\system32\drivers\avgmfx64.sys
2012-10-04 10:32 . 2012-10-04 10:32 -------- d-----w- c:\program files (x86)\Common Files\DVDVideoSoft
2012-10-03 18:52 . 2012-10-03 18:52 -------- d-----w- c:\users\Natalie\AppData\Roaming\DVDVideoSoftIEHelpers
2012-10-03 18:16 . 2012-10-03 18:16 -------- d-----w- C:\adobeTemp
2012-10-03 10:15 . 2012-10-03 10:15 -------- d-----w- c:\users\Natalie\AppData\Roaming\AVG2013
2012-10-03 10:12 . 2012-10-17 17:52 30568 ----a-w- c:\windows\system32\drivers\avgtpx64.sys
2012-10-03 10:12 . 2012-10-17 17:52 -------- d-----w- c:\program files (x86)\Common Files\AVG Secure Search
2012-10-03 10:10 . 2012-10-03 11:30 -------- d-----w- c:\programdata\AVG2013
2012-10-03 10:10 . 2012-10-03 10:10 -------- d-----w- C:\$AVG
2012-10-03 10:10 . 2012-10-03 10:10 -------- d-----w- c:\program files (x86)\AVG
2012-10-03 10:05 . 2012-10-18 15:44 -------- d-----w- c:\programdata\MFAData
2012-10-03 10:05 . 2012-10-03 10:19 -------- d-----w- c:\users\Natalie\AppData\Local\Avg2013
2012-10-03 10:05 . 2012-10-03 10:05 -------- d-----w- c:\users\Natalie\AppData\Local\MFAData
2012-10-02 23:59 . 2012-08-30 07:27 9308616 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{CCC41C60-73C5-4F3F-BFDC-65ADB8D210A4}\mpengine.dll
2012-10-02 01:30 . 2012-10-02 01:30 185696 ----a-w- c:\windows\system32\drivers\avgldx64.sys
2012-09-26 07:00 . 2012-08-21 21:01 245760 ----a-w- c:\windows\system32\OxpsConverter.exe
2012-09-23 10:52 . 2012-09-23 10:52 -------- d-----w- c:\users\Natalie\AppData\Roaming\TuneUp Software
2012-09-23 10:52 . 2012-09-23 10:53 -------- d-----w- c:\programdata\TuneUp Software
2012-09-23 10:52 . 2012-09-23 10:52 -------- d-sh--w- c:\programdata\{32364CEA-7855-4A3C-B674-53D8E9B97936}
2012-09-23 10:52 . 2012-09-23 10:52 -------- d--h--w- c:\programdata\Common Files
2012-09-21 01:46 . 2012-09-21 01:46 200032 ----a-w- c:\windows\system32\drivers\avgtdia.sys
2012-09-21 01:46 . 2012-09-21 01:46 225120 ----a-w- c:\windows\system32\drivers\avgloga.sys
2012-09-21 01:45 . 2012-09-21 01:45 61792 ----a-w- c:\windows\system32\drivers\avgidsha.sys
2012-09-20 17:52 . 2012-09-20 17:52 -------- d-----w- c:\users\Natalie\AppData\Roaming\PlayFirst
2012-09-20 17:52 . 2012-09-20 17:52 -------- d-----w- c:\programdata\PlayFirst
2012-09-20 17:51 . 2012-09-20 17:52 -------- d-----w- c:\program files (x86)\Dream Chronicles - The Book of Air
2012-09-20 17:48 . 2012-09-20 17:48 -------- d-----w- c:\programdata\Big Fish Games
2012-09-20 17:48 . 2012-09-20 17:48 -------- d-----w- c:\program files (x86)\bfgclient
2012-09-20 17:46 . 2012-10-16 09:22 -------- d-----w- C:\BigFishGamesCache
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-10-10 23:48 . 2012-02-20 12:12 65309168 ----a-w- c:\windows\system32\MRT.exe
2012-10-09 17:14 . 2012-03-30 02:44 696760 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-10-09 17:14 . 2011-07-19 09:23 73656 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-09-21 09:22 . 2012-07-10 11:50 893552 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\markup.dll
2012-09-21 09:22 . 2012-07-10 11:50 42776 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM-2\StartResources.dll
2012-09-14 01:05 . 2012-09-14 01:05 40800 ----a-w- c:\windows\system32\drivers\avgrkx64.sys
2012-09-13 01:11 . 2012-09-13 01:11 151904 ----a-w- c:\windows\system32\drivers\avgidsdrivera.sys
2012-08-31 09:23 . 2012-06-13 03:08 2295408 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\markup.dll
2012-08-31 09:22 . 2012-06-13 03:08 42776 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM\StartResources.dll
2012-08-22 18:12 . 2012-09-12 04:46 1913200 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-08-22 18:12 . 2012-09-12 04:46 950128 ----a-w- c:\windows\system32\drivers\ndis.sys
2012-08-22 18:12 . 2012-09-12 04:46 376688 ----a-w- c:\windows\system32\drivers\netio.sys
2012-08-22 18:12 . 2012-09-12 04:46 288624 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2012-08-20 17:38 . 2012-10-10 17:31 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2012-08-02 17:58 . 2012-09-12 04:46 574464 ----a-w- c:\windows\system32\d3d10level9.dll
2012-08-02 16:57 . 2012-09-12 04:46 490496 ----a-w- c:\windows\SysWow64\d3d10level9.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
2012-10-17 17:52 1792968 ----a-w- c:\program files (x86)\AVG Secure Search\13.2.0.1\AVG Secure Search_toolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{95B7759C-8C7F-4BF1-B163-73684A933233}"= "c:\program files (x86)\AVG Secure Search\13.2.0.1\AVG Secure Search_toolbar.dll" [2012-10-17 1792968]
.
[HKEY_CLASSES_ROOT\clsid\{95b7759c-8c7f-4bf1-b163-73684a933233}]
[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj.1]
[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]
"Facebook Update"="c:\users\Natalie\AppData\Local\Facebook\Update\FacebookUpdate.exe" [2012-07-12 138096]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-07-05 336384]
"HPQuickWebProxy"="c:\program files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe" [2011-06-27 168504]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" [2012-07-27 35768]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]
"HPOSD"="c:\program files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe" [2011-06-13 336440]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2011-05-10 49208]
"WinampAgent"="c:\program files (x86)\Winamp\winampa.exe" [2011-12-09 74752]
"HP Quick Launch"="c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe" [2012-02-15 577408]
"AVG_UI"="c:\program files (x86)\AVG\AVG2013\avgui.exe" [2012-10-10 3116152]
"vProt"="c:\program files (x86)\AVG Secure Search\vprot.exe" [2012-10-17 993736]
"ROC_roc_ssl_v12"="c:\program files (x86)\AVG Secure Search\ROC_roc_ssl_v12.exe" [2012-10-17 1020512]
.
c:\users\Natalie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Facebook Messenger.lnk - c:\users\Natalie\AppData\Local\Facebook\Messenger\2.1.4651.0\FacebookMessenger.exe [2012-9-25 247728]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [2009-11-18 275072]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"HideFastUserSwitching"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"EnableShellExecuteHooks"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2013\avgidsagent.exe [2012-10-02 5783672]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 ezSharedSvc;Easybits Services for Windows; [x]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-09-07 676936]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-10-09 250808]
R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
R3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\DRIVERS\ggflt.sys [2012-02-15 13352]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-09-07 25928]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-10-13 115168]
R3 s1039bus;Sony Ericsson Device 1039 driver (WDM);c:\windows\system32\DRIVERS\s1039bus.sys [2010-03-15 127600]
R3 s1039mdfl;Sony Ericsson Device 1039 USB WMC Modem Filter;c:\windows\system32\DRIVERS\s1039mdfl.sys [2010-03-15 19568]
R3 s1039mdm;Sony Ericsson Device 1039 USB WMC Modem Driver;c:\windows\system32\DRIVERS\s1039mdm.sys [2010-03-15 161904]
R3 s1039mgmt;Sony Ericsson Device 1039 USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\s1039mgmt.sys [2010-03-15 141424]
R3 s1039nd5;Sony Ericsson Device 1039 USB Ethernet Emulation (NDIS);c:\windows\system32\DRIVERS\s1039nd5.sys [2010-03-15 34416]
R3 s1039obex;Sony Ericsson Device 1039 USB WMC OBEX Interface;c:\windows\system32\DRIVERS\s1039obex.sys [2010-03-15 137328]
R3 s1039unic;Sony Ericsson Device 1039 USB Ethernet Emulation (WDM);c:\windows\system32\DRIVERS\s1039unic.sys [2010-03-15 158320]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS [2009-06-10 292864]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 1485312]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 740864]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
R3 TsUsbGD;%TsUsbGD.DeviceDesc.Generic%;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
R3 WSDPrintDevice;WSD-Druckunterstützung durch UMB;c:\windows\system32\DRIVERS\WSDPrint.sys [2009-07-14 23040]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S0 amd_sata;amd_sata;c:\windows\system32\DRIVERS\amd_sata.sys [2011-04-16 79488]
S0 amd_xata;amd_xata;c:\windows\system32\DRIVERS\amd_xata.sys [2011-04-16 40064]
S0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys [2012-09-21 61792]
S0 Avgloga;AVG Logging Driver;c:\windows\system32\DRIVERS\avgloga.sys [2012-09-21 225120]
S0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys [2012-10-05 111456]
S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys [2012-09-14 40800]
S1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdrivera.sys [2012-09-13 151904]
S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys [2012-10-02 185696]
S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys [2012-09-21 200032]
S1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx64.sys [2012-10-17 30568]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-07-27 63960]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2011-07-06 204288]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-07-05 365568]
S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2013\avgwdsvc.exe [2012-10-02 193568]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-04 822624]
S2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2011-09-09 86072]
S2 HPClientSvc;HP Client Services;c:\program files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-10-11 346168]
S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2012-03-14 197504]
S2 HPWMISVC;HPWMISVC;c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2012-02-15 34872]
S2 IconMan_R;IconMan_R;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2011-01-14 1751656]
S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-09-07 399432]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-01 508776]
S2 vToolbarUpdater12.2.6;vToolbarUpdater12.2.6;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\12.2.6\ToolbarUpdater.exe [2012-10-03 722528]
S2 vToolbarUpdater13.2.0;vToolbarUpdater13.2.0;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe [2012-10-17 711112]
S3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys [2010-02-18 46136]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2011-07-06 9359872]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2011-07-06 309760]
S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [2010-11-17 115216]
S3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys [2010-07-28 31088]
S3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 RSPCIESTOR;Realtek PCIE CardReader Driver;c:\windows\system32\DRIVERS\RtsPStor.sys [2011-01-13 333928]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2010-11-30 412264]
S3 RTL8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver;c:\windows\system32\DRIVERS\rtl8192Ce.sys [2011-05-18 1145448]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [2011-10-01 764264]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [2011-10-01 268648]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [2011-10-01 25960]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [2011-10-01 22376]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-01 219496]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys [2010-12-16 47232]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - 63435553
*Deregistered* - 63435553
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Inhalt des "geplante Tasks" Ordners
.
2012-10-18 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-30 17:14]
.
2012-10-15 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3753796688-2580414821-3746615019-1001Core.job
- c:\users\Natalie\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-06-13 15:16]
.
2012-10-18 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3753796688-2580414821-3746615019-1001UA.job
- c:\users\Natalie\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-06-13 15:16]
.
2012-10-12 c:\windows\Tasks\HPCeeScheduleForNatalie.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-13 20:15]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2010-12-17 525312]
"SetDefault"="c:\program files\Hewlett-Packard\HP LaunchBox\SetDefault.exe" [2011-06-27 42808]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2012-04-04 446392]
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.google.com
uDefault_Search_URL = hxxp://www.google.com/ie
mLocal Page = c:\windows\SysWOW64\blank.htm
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Free YouTube Download - c:\users\Natalie\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm
IE: Free YouTube to MP3 Converter - c:\users\Natalie\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: {{77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - c:\program files (x86)\ICQ7.7\ICQ.exe
TCP: DhcpNameServer = 192.168.2.1
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\13.2.0\ViProtocol.dll
FF - ProfilePath - c:\users\Natalie\AppData\Roaming\Mozilla\Firefox\Profiles\ivcvr686.default\
FF - prefs.js: browser.startup.homepage - about:home
FF - prefs.js: network.proxy.http - 87.98.136.60
FF - prefs.js: network.proxy.http_port - 80
FF - prefs.js: network.proxy.type - 0
FF - ExtSQL: 2012-10-10 21:12; stealthyextension@gmail.com; c:\users\Natalie\AppData\Roaming\Mozilla\Firefox\Profiles\ivcvr686.default\extensions\stealthyextension@gmail.com.xpi
FF - ExtSQL: 2012-10-17 19:52; avg@toolbar; c:\programdata\AVG Secure Search\FireFoxExt\13.2.0.1
FF - ExtSQL: !HIDDEN! 2012-02-16 10:23; smartwebprinting@hp.com; c:\program files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Wow6432Node-HKCU-Run-AdobeBridge - (no file)
Wow6432Node-HKCU-Run-RESTART_STICKY_NOTES - c:\windows\System32\StikyNot.exe
Wow6432Node-HKLM-Run-Easybits Recovery - c:\program files (x86)\EasyBits For Kids\ezRecover.exe
Wow6432Node-HKLM-Run-ROC_ROC_NT - c:\program files (x86)\AVG Secure Search\ROC_ROC_NT.exe
SafeBoot-65921644.sys
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe
AddRemove-loadtbs-2.1 - c:\users\Natalie\AppData\Roaming\loadtbs\uninstall.exe
AddRemove-{09FF4DB8-7DE9-4D47-B7DB-915DB7D9A8CA} - c:\programdata\{6AD8E59C-250C-4201-B5BA-56ADEF76FF46}\bm_installer.exe
AddRemove-{6F44AF95-3CDE-4513-AD3F-6D45F17BF324} - c:\program files (x86)\InstallShield Installation Information\{6F44AF95-3CDE-4513-AD3F-6D45F17BF324}\setup.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.032\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.032"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.abr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.abr"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ani\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.ani"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.apd\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.apd"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.arw\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-3753796688-2580414821-3746615019-1001)
"Progid"="ACDSee Pro 5.arw"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bay\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.bay"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bmp\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-3753796688-2580414821-3746615019-1001)
"Progid"="ACDSee Pro 5.bmp"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.bw"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cr2\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-3753796688-2580414821-3746615019-1001)
"Progid"="ACDSee Pro 5.cr2"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.crw\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-3753796688-2580414821-3746615019-1001)
"Progid"="ACDSee Pro 5.crw"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cs1\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.cs1"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cur\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.cur"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dcr\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-3753796688-2580414821-3746615019-1001)
"Progid"="ACDSee Pro 5.dcr"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dcx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.dcx"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dib\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.dib"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.djv\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.djv"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.djvu\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.djvu"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dng\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-3753796688-2580414821-3746615019-1001)
"Progid"="ACDSee Pro 5.dng"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.emf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.emf"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eps\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.eps"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.erf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.erf"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fff\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.fff"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fpx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.fpx"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.gif\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-3753796688-2580414821-3746615019-1001)
"Progid"="ACDSee Pro 5.gif"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.hdr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.hdr"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.icl\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.icl"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.icn\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.icn"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.iff\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.iff"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ilbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.ilbm"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.int\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.int"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.inta\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.inta"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.iw4\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.iw4"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.j2c\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.j2c"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.j2k\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.j2k"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jbr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.jbr"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jfif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.jfif"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.jif"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jp2\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.jp2"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpc\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.jpc"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpe\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-3753796688-2580414821-3746615019-1001)
"Progid"="ACDSee Pro 5.jpe"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpeg\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-3753796688-2580414821-3746615019-1001)
"Progid"="ACDSee Pro 5.jpeg"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpg\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-3753796688-2580414821-3746615019-1001)
"Progid"="ACDSee Pro 5.jpg"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpk\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.jpk"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.jpx"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.kdc\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-3753796688-2580414821-3746615019-1001)
"Progid"="ACDSee Pro 5.kdc"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.lbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.lbm"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mef\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.mef"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mos\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.mos"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mrw\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-3753796688-2580414821-3746615019-1001)
"Progid"="ACDSee Pro 5.mrw"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.nef\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-3753796688-2580414821-3746615019-1001)
"Progid"="ACDSee Pro 5.nef"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.nrw\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-3753796688-2580414821-3746615019-1001)
"Progid"="ACDSee Pro 5.nrw"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.orf\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-3753796688-2580414821-3746615019-1001)
"Progid"="ACDSee Pro 5.orf"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.pbm"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pbr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.pbr"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcd\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.pcd"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pct\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.pct"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.pcx"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pef\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-3753796688-2580414821-3746615019-1001)
"Progid"="ACDSee Pro 5.pef"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pgm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.pgm"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pic\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.pic"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pict\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.pict"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pix\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.pix"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.png\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-3753796688-2580414821-3746615019-1001)
"Progid"="ACDSee Pro 5.png"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ppm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.ppm"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.psd\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.psd"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.psp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.psp"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pspbrush\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.pspbrush"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pspimage\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.pspimage"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.raf\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-3753796688-2580414821-3746615019-1001)
"Progid"="ACDSee Pro 5.raf"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ras\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.ras"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.raw\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-3753796688-2580414821-3746615019-1001)
"Progid"="ACDSee Pro 5.raw"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rgb\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.rgb"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rgba\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.rgba"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rle\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.rle"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rsb\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.rsb"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rw2\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-3753796688-2580414821-3746615019-1001)
"Progid"="ACDSee Pro 5.rw2"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rwl\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.rwl"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sgi\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.sgi"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sr2\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-3753796688-2580414821-3746615019-1001)
"Progid"="ACDSee Pro 5.sr2"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.srf\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-3753796688-2580414821-3746615019-1001)
"Progid"="ACDSee Pro 5.srf"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.srw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.srw"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tga\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.tga"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.thm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.thm"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tif\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-3753796688-2580414821-3746615019-1001)
"Progid"="ACDSee Pro 5.tif"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tiff\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-3753796688-2580414821-3746615019-1001)
"Progid"="ACDSee Pro 5.tiff"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ttc\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.ttc"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ttf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.ttf"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v50po\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.v50po"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v50pp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.v50pp"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v50ppf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.v50ppf"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.wbm"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wbmp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.wbmp"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.wmf"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.xbm"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.xif"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xmp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.xmp"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xpm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.xpm"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_287_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_287_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Nico Mak Computing\WinZip]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2012-10-18 21:59:53
ComboFix-quarantined-files.txt 2012-10-18 19:59
.
Vor Suchlauf: 12 Verzeichnis(se), 364.693.229.568 Bytes frei
Nach Suchlauf: 21 Verzeichnis(se), 364.565.950.464 Bytes frei
.
- - End Of File - - 9488C3C6C8BDDE6681DBD75AC042A686
|
|
18.10.2012, 21:16
| #39 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Fehlermeldung beim Neustart C:\ Users\User\AppData\Local\Temp\wgsdgsdgdsgsd.exe Bitte nun Logs mit GMER und OSAM erstellen und posten. GMER stürzt häufiger ab, wenn das Tool auch beim 2. Mal nicht will, lass es einfach weg und führ nur OSAM aus - die Online-Abfrage durch OSAM bitte überspringen. Bei OSAM bitte darauf auch achten, dass Du das Log auch als *.log und nicht *.html oder so abspeicherst. Hinweis: Zum Entpacken von OSAM bitte WinRAR oder 7zip verwenden! Stell auch unbedingt den Virenscanner ab, besonders der Scanner von McAfee meldet oft einen Fehalarm in OSAM! Downloade dir bitte  aswMBR.exe und speichere die Datei auf deinem Desktop.
Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none). Noch ein Hinweis: Sollte aswMBR abstürzen und es kommt eine Meldung wie "aswMBR.exe funktioniert nicht mehr, dann mach Folgendes: Starte aswMBR neu, wähle unten links im Drop-Down-Menü (unten links im Fenster von aswMBR) bei "AV scan" (none) aus und klick nochmal auf den Scan-Button.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
18.10.2012, 22:27
| #40 |
| | Fehlermeldung beim Neustart C:\ Users\User\AppData\Local\Temp\wgsdgsdgdsgsd.exe Log GMER Code:
ATTFilter ComboFix 12-10-18.03 - Natalie 18.10.2012 20:29:38.1.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.5611.3907 [GMT 2:00]
ausgeführt von:: c:\users\Natalie\Downloads\ComboFix.exe
AV: AVG Anti-Virus 2013 *Disabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
SP: AVG Anti-Virus 2013 *Disabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\Install.exe
c:\users\Natalie\AppData\Local\assembly\tmp
c:\windows\SysWow64\DEBUG.log
c:\windows\UA000096.DLL
.
.
((((((((((((((((((((((( Dateien erstellt von 2012-09-18 bis 2012-10-18 ))))))))))))))))))))))))))))))
.
.
2012-10-18 19:27 . 2012-10-18 19:27 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-10-17 21:16 . 2012-10-17 21:16 -------- d-----w- C:\TDSSKiller_Quarantine
2012-10-17 17:54 . 2012-10-17 17:55 -------- d-----w- c:\programdata\WinZip
2012-10-17 17:54 . 2012-10-17 17:54 -------- d-----w- c:\program files\WinZip
2012-10-17 17:52 . 2012-10-17 17:52 -------- d-----w- c:\users\Natalie\AppData\Local\AVG Secure Search
2012-10-17 17:52 . 2012-10-17 17:52 -------- d-----w- c:\programdata\AVG Secure Search
2012-10-17 17:52 . 2012-10-18 15:39 -------- d-----w- c:\program files (x86)\AVG Secure Search
2012-10-17 16:00 . 2012-10-17 16:00 -------- d-----w- C:\_OTL
2012-10-14 15:25 . 2012-10-14 15:25 -------- d-----w- c:\program files (x86)\ESET
2012-10-13 08:19 . 2012-10-13 08:19 -------- d-----w- c:\users\Default\AppData\Roaming\TuneUp Software
2012-10-13 08:17 . 2012-10-13 08:17 -------- d-----w- c:\users\Natalie\AppData\Roaming\Malwarebytes
2012-10-13 08:17 . 2012-10-13 08:17 -------- d-----w- c:\programdata\Malwarebytes
2012-10-13 08:17 . 2012-10-13 08:17 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-10-13 08:17 . 2012-09-07 15:04 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-10-12 18:39 . 2012-10-12 18:39 -------- d-----w- c:\users\Natalie\AppData\Local\Windows Live Writer
2012-10-12 18:39 . 2012-10-12 18:39 -------- d-----w- c:\users\Natalie\AppData\Roaming\Windows Live Writer
2012-10-10 17:32 . 2012-08-31 18:19 1659760 ----a-w- c:\windows\system32\drivers\ntfs.sys
2012-10-10 17:32 . 2012-08-30 18:03 5559664 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-10-10 17:32 . 2012-08-30 17:12 3914096 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2012-10-10 17:32 . 2012-08-30 17:12 3968880 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2012-10-10 17:32 . 2012-08-20 18:48 424448 ----a-w- c:\windows\system32\KernelBase.dll
2012-10-10 17:32 . 2012-08-20 18:48 215040 ----a-w- c:\windows\system32\winsrv.dll
2012-10-10 17:32 . 2012-08-20 18:48 1162240 ----a-w- c:\windows\system32\kernel32.dll
2012-10-10 17:32 . 2012-08-20 18:46 338432 ----a-w- c:\windows\system32\conhost.exe
2012-10-07 14:31 . 2012-10-07 14:31 -------- d-----w- c:\users\Natalie\AppData\Local\Macromedia
2012-10-07 13:37 . 2012-10-07 13:37 -------- d-----w- c:\users\Natalie\AppData\Local\Mozilla
2012-10-07 13:36 . 2012-10-13 09:18 -------- d-----w- c:\program files (x86)\Mozilla Maintenance Service
2012-10-05 01:26 . 2012-10-05 01:26 111456 ----a-w- c:\windows\system32\drivers\avgmfx64.sys
2012-10-04 10:32 . 2012-10-04 10:32 -------- d-----w- c:\program files (x86)\Common Files\DVDVideoSoft
2012-10-03 18:52 . 2012-10-03 18:52 -------- d-----w- c:\users\Natalie\AppData\Roaming\DVDVideoSoftIEHelpers
2012-10-03 18:16 . 2012-10-03 18:16 -------- d-----w- C:\adobeTemp
2012-10-03 10:15 . 2012-10-03 10:15 -------- d-----w- c:\users\Natalie\AppData\Roaming\AVG2013
2012-10-03 10:12 . 2012-10-17 17:52 30568 ----a-w- c:\windows\system32\drivers\avgtpx64.sys
2012-10-03 10:12 . 2012-10-17 17:52 -------- d-----w- c:\program files (x86)\Common Files\AVG Secure Search
2012-10-03 10:10 . 2012-10-03 11:30 -------- d-----w- c:\programdata\AVG2013
2012-10-03 10:10 . 2012-10-03 10:10 -------- d-----w- C:\$AVG
2012-10-03 10:10 . 2012-10-03 10:10 -------- d-----w- c:\program files (x86)\AVG
2012-10-03 10:05 . 2012-10-18 15:44 -------- d-----w- c:\programdata\MFAData
2012-10-03 10:05 . 2012-10-03 10:19 -------- d-----w- c:\users\Natalie\AppData\Local\Avg2013
2012-10-03 10:05 . 2012-10-03 10:05 -------- d-----w- c:\users\Natalie\AppData\Local\MFAData
2012-10-02 23:59 . 2012-08-30 07:27 9308616 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{CCC41C60-73C5-4F3F-BFDC-65ADB8D210A4}\mpengine.dll
2012-10-02 01:30 . 2012-10-02 01:30 185696 ----a-w- c:\windows\system32\drivers\avgldx64.sys
2012-09-26 07:00 . 2012-08-21 21:01 245760 ----a-w- c:\windows\system32\OxpsConverter.exe
2012-09-23 10:52 . 2012-09-23 10:52 -------- d-----w- c:\users\Natalie\AppData\Roaming\TuneUp Software
2012-09-23 10:52 . 2012-09-23 10:53 -------- d-----w- c:\programdata\TuneUp Software
2012-09-23 10:52 . 2012-09-23 10:52 -------- d-sh--w- c:\programdata\{32364CEA-7855-4A3C-B674-53D8E9B97936}
2012-09-23 10:52 . 2012-09-23 10:52 -------- d--h--w- c:\programdata\Common Files
2012-09-21 01:46 . 2012-09-21 01:46 200032 ----a-w- c:\windows\system32\drivers\avgtdia.sys
2012-09-21 01:46 . 2012-09-21 01:46 225120 ----a-w- c:\windows\system32\drivers\avgloga.sys
2012-09-21 01:45 . 2012-09-21 01:45 61792 ----a-w- c:\windows\system32\drivers\avgidsha.sys
2012-09-20 17:52 . 2012-09-20 17:52 -------- d-----w- c:\users\Natalie\AppData\Roaming\PlayFirst
2012-09-20 17:52 . 2012-09-20 17:52 -------- d-----w- c:\programdata\PlayFirst
2012-09-20 17:51 . 2012-09-20 17:52 -------- d-----w- c:\program files (x86)\Dream Chronicles - The Book of Air
2012-09-20 17:48 . 2012-09-20 17:48 -------- d-----w- c:\programdata\Big Fish Games
2012-09-20 17:48 . 2012-09-20 17:48 -------- d-----w- c:\program files (x86)\bfgclient
2012-09-20 17:46 . 2012-10-16 09:22 -------- d-----w- C:\BigFishGamesCache
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-10-10 23:48 . 2012-02-20 12:12 65309168 ----a-w- c:\windows\system32\MRT.exe
2012-10-09 17:14 . 2012-03-30 02:44 696760 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-10-09 17:14 . 2011-07-19 09:23 73656 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-09-21 09:22 . 2012-07-10 11:50 893552 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\markup.dll
2012-09-21 09:22 . 2012-07-10 11:50 42776 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM-2\StartResources.dll
2012-09-14 01:05 . 2012-09-14 01:05 40800 ----a-w- c:\windows\system32\drivers\avgrkx64.sys
2012-09-13 01:11 . 2012-09-13 01:11 151904 ----a-w- c:\windows\system32\drivers\avgidsdrivera.sys
2012-08-31 09:23 . 2012-06-13 03:08 2295408 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\markup.dll
2012-08-31 09:22 . 2012-06-13 03:08 42776 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM\StartResources.dll
2012-08-22 18:12 . 2012-09-12 04:46 1913200 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-08-22 18:12 . 2012-09-12 04:46 950128 ----a-w- c:\windows\system32\drivers\ndis.sys
2012-08-22 18:12 . 2012-09-12 04:46 376688 ----a-w- c:\windows\system32\drivers\netio.sys
2012-08-22 18:12 . 2012-09-12 04:46 288624 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2012-08-20 17:38 . 2012-10-10 17:31 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2012-08-02 17:58 . 2012-09-12 04:46 574464 ----a-w- c:\windows\system32\d3d10level9.dll
2012-08-02 16:57 . 2012-09-12 04:46 490496 ----a-w- c:\windows\SysWow64\d3d10level9.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
2012-10-17 17:52 1792968 ----a-w- c:\program files (x86)\AVG Secure Search\13.2.0.1\AVG Secure Search_toolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{95B7759C-8C7F-4BF1-B163-73684A933233}"= "c:\program files (x86)\AVG Secure Search\13.2.0.1\AVG Secure Search_toolbar.dll" [2012-10-17 1792968]
.
[HKEY_CLASSES_ROOT\clsid\{95b7759c-8c7f-4bf1-b163-73684a933233}]
[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj.1]
[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]
"Facebook Update"="c:\users\Natalie\AppData\Local\Facebook\Update\FacebookUpdate.exe" [2012-07-12 138096]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-07-05 336384]
"HPQuickWebProxy"="c:\program files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe" [2011-06-27 168504]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" [2012-07-27 35768]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]
"HPOSD"="c:\program files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe" [2011-06-13 336440]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2011-05-10 49208]
"WinampAgent"="c:\program files (x86)\Winamp\winampa.exe" [2011-12-09 74752]
"HP Quick Launch"="c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe" [2012-02-15 577408]
"AVG_UI"="c:\program files (x86)\AVG\AVG2013\avgui.exe" [2012-10-10 3116152]
"vProt"="c:\program files (x86)\AVG Secure Search\vprot.exe" [2012-10-17 993736]
"ROC_roc_ssl_v12"="c:\program files (x86)\AVG Secure Search\ROC_roc_ssl_v12.exe" [2012-10-17 1020512]
.
c:\users\Natalie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Facebook Messenger.lnk - c:\users\Natalie\AppData\Local\Facebook\Messenger\2.1.4651.0\FacebookMessenger.exe [2012-9-25 247728]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [2009-11-18 275072]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"HideFastUserSwitching"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"EnableShellExecuteHooks"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2013\avgidsagent.exe [2012-10-02 5783672]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 ezSharedSvc;Easybits Services for Windows; [x]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-09-07 676936]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-10-09 250808]
R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
R3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\DRIVERS\ggflt.sys [2012-02-15 13352]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-09-07 25928]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-10-13 115168]
R3 s1039bus;Sony Ericsson Device 1039 driver (WDM);c:\windows\system32\DRIVERS\s1039bus.sys [2010-03-15 127600]
R3 s1039mdfl;Sony Ericsson Device 1039 USB WMC Modem Filter;c:\windows\system32\DRIVERS\s1039mdfl.sys [2010-03-15 19568]
R3 s1039mdm;Sony Ericsson Device 1039 USB WMC Modem Driver;c:\windows\system32\DRIVERS\s1039mdm.sys [2010-03-15 161904]
R3 s1039mgmt;Sony Ericsson Device 1039 USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\s1039mgmt.sys [2010-03-15 141424]
R3 s1039nd5;Sony Ericsson Device 1039 USB Ethernet Emulation (NDIS);c:\windows\system32\DRIVERS\s1039nd5.sys [2010-03-15 34416]
R3 s1039obex;Sony Ericsson Device 1039 USB WMC OBEX Interface;c:\windows\system32\DRIVERS\s1039obex.sys [2010-03-15 137328]
R3 s1039unic;Sony Ericsson Device 1039 USB Ethernet Emulation (WDM);c:\windows\system32\DRIVERS\s1039unic.sys [2010-03-15 158320]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS [2009-06-10 292864]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 1485312]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 740864]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
R3 TsUsbGD;%TsUsbGD.DeviceDesc.Generic%;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
R3 WSDPrintDevice;WSD-Druckunterstützung durch UMB;c:\windows\system32\DRIVERS\WSDPrint.sys [2009-07-14 23040]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S0 amd_sata;amd_sata;c:\windows\system32\DRIVERS\amd_sata.sys [2011-04-16 79488]
S0 amd_xata;amd_xata;c:\windows\system32\DRIVERS\amd_xata.sys [2011-04-16 40064]
S0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys [2012-09-21 61792]
S0 Avgloga;AVG Logging Driver;c:\windows\system32\DRIVERS\avgloga.sys [2012-09-21 225120]
S0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys [2012-10-05 111456]
S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys [2012-09-14 40800]
S1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdrivera.sys [2012-09-13 151904]
S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys [2012-10-02 185696]
S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys [2012-09-21 200032]
S1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx64.sys [2012-10-17 30568]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-07-27 63960]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2011-07-06 204288]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-07-05 365568]
S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2013\avgwdsvc.exe [2012-10-02 193568]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-04 822624]
S2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2011-09-09 86072]
S2 HPClientSvc;HP Client Services;c:\program files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-10-11 346168]
S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2012-03-14 197504]
S2 HPWMISVC;HPWMISVC;c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2012-02-15 34872]
S2 IconMan_R;IconMan_R;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2011-01-14 1751656]
S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-09-07 399432]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-01 508776]
S2 vToolbarUpdater12.2.6;vToolbarUpdater12.2.6;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\12.2.6\ToolbarUpdater.exe [2012-10-03 722528]
S2 vToolbarUpdater13.2.0;vToolbarUpdater13.2.0;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe [2012-10-17 711112]
S3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys [2010-02-18 46136]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2011-07-06 9359872]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2011-07-06 309760]
S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [2010-11-17 115216]
S3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys [2010-07-28 31088]
S3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 RSPCIESTOR;Realtek PCIE CardReader Driver;c:\windows\system32\DRIVERS\RtsPStor.sys [2011-01-13 333928]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2010-11-30 412264]
S3 RTL8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver;c:\windows\system32\DRIVERS\rtl8192Ce.sys [2011-05-18 1145448]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [2011-10-01 764264]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [2011-10-01 268648]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [2011-10-01 25960]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [2011-10-01 22376]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-01 219496]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys [2010-12-16 47232]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - 63435553
*Deregistered* - 63435553
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Inhalt des "geplante Tasks" Ordners
.
2012-10-18 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-30 17:14]
.
2012-10-15 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3753796688-2580414821-3746615019-1001Core.job
- c:\users\Natalie\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-06-13 15:16]
.
2012-10-18 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3753796688-2580414821-3746615019-1001UA.job
- c:\users\Natalie\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-06-13 15:16]
.
2012-10-12 c:\windows\Tasks\HPCeeScheduleForNatalie.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-13 20:15]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2010-12-17 525312]
"SetDefault"="c:\program files\Hewlett-Packard\HP LaunchBox\SetDefault.exe" [2011-06-27 42808]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2012-04-04 446392]
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.google.com
uDefault_Search_URL = hxxp://www.google.com/ie
mLocal Page = c:\windows\SysWOW64\blank.htm
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Free YouTube Download - c:\users\Natalie\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm
IE: Free YouTube to MP3 Converter - c:\users\Natalie\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: {{77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - c:\program files (x86)\ICQ7.7\ICQ.exe
TCP: DhcpNameServer = 192.168.2.1
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\13.2.0\ViProtocol.dll
FF - ProfilePath - c:\users\Natalie\AppData\Roaming\Mozilla\Firefox\Profiles\ivcvr686.default\
FF - prefs.js: browser.startup.homepage - about:home
FF - prefs.js: network.proxy.http - 87.98.136.60
FF - prefs.js: network.proxy.http_port - 80
FF - prefs.js: network.proxy.type - 0
FF - ExtSQL: 2012-10-10 21:12; stealthyextension@gmail.com; c:\users\Natalie\AppData\Roaming\Mozilla\Firefox\Profiles\ivcvr686.default\extensions\stealthyextension@gmail.com.xpi
FF - ExtSQL: 2012-10-17 19:52; avg@toolbar; c:\programdata\AVG Secure Search\FireFoxExt\13.2.0.1
FF - ExtSQL: !HIDDEN! 2012-02-16 10:23; smartwebprinting@hp.com; c:\program files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Wow6432Node-HKCU-Run-AdobeBridge - (no file)
Wow6432Node-HKCU-Run-RESTART_STICKY_NOTES - c:\windows\System32\StikyNot.exe
Wow6432Node-HKLM-Run-Easybits Recovery - c:\program files (x86)\EasyBits For Kids\ezRecover.exe
Wow6432Node-HKLM-Run-ROC_ROC_NT - c:\program files (x86)\AVG Secure Search\ROC_ROC_NT.exe
SafeBoot-65921644.sys
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe
AddRemove-loadtbs-2.1 - c:\users\Natalie\AppData\Roaming\loadtbs\uninstall.exe
AddRemove-{09FF4DB8-7DE9-4D47-B7DB-915DB7D9A8CA} - c:\programdata\{6AD8E59C-250C-4201-B5BA-56ADEF76FF46}\bm_installer.exe
AddRemove-{6F44AF95-3CDE-4513-AD3F-6D45F17BF324} - c:\program files (x86)\InstallShield Installation Information\{6F44AF95-3CDE-4513-AD3F-6D45F17BF324}\setup.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.032\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.032"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.abr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.abr"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ani\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.ani"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.apd\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.apd"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.arw\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-3753796688-2580414821-3746615019-1001)
"Progid"="ACDSee Pro 5.arw"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bay\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.bay"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bmp\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-3753796688-2580414821-3746615019-1001)
"Progid"="ACDSee Pro 5.bmp"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.bw"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cr2\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-3753796688-2580414821-3746615019-1001)
"Progid"="ACDSee Pro 5.cr2"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.crw\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-3753796688-2580414821-3746615019-1001)
"Progid"="ACDSee Pro 5.crw"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cs1\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.cs1"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cur\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.cur"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dcr\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-3753796688-2580414821-3746615019-1001)
"Progid"="ACDSee Pro 5.dcr"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dcx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.dcx"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dib\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.dib"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.djv\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.djv"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.djvu\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.djvu"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dng\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-3753796688-2580414821-3746615019-1001)
"Progid"="ACDSee Pro 5.dng"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.emf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.emf"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eps\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.eps"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.erf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.erf"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fff\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.fff"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fpx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.fpx"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.gif\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-3753796688-2580414821-3746615019-1001)
"Progid"="ACDSee Pro 5.gif"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.hdr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.hdr"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.icl\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.icl"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.icn\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.icn"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.iff\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.iff"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ilbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.ilbm"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.int\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.int"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.inta\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.inta"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.iw4\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.iw4"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.j2c\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.j2c"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.j2k\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.j2k"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jbr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.jbr"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jfif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.jfif"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.jif"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jp2\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.jp2"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpc\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.jpc"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpe\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-3753796688-2580414821-3746615019-1001)
"Progid"="ACDSee Pro 5.jpe"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpeg\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-3753796688-2580414821-3746615019-1001)
"Progid"="ACDSee Pro 5.jpeg"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpg\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-3753796688-2580414821-3746615019-1001)
"Progid"="ACDSee Pro 5.jpg"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpk\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.jpk"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.jpx"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.kdc\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-3753796688-2580414821-3746615019-1001)
"Progid"="ACDSee Pro 5.kdc"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.lbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.lbm"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mef\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.mef"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mos\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.mos"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mrw\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-3753796688-2580414821-3746615019-1001)
"Progid"="ACDSee Pro 5.mrw"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.nef\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-3753796688-2580414821-3746615019-1001)
"Progid"="ACDSee Pro 5.nef"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.nrw\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-3753796688-2580414821-3746615019-1001)
"Progid"="ACDSee Pro 5.nrw"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.orf\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-3753796688-2580414821-3746615019-1001)
"Progid"="ACDSee Pro 5.orf"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.pbm"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pbr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.pbr"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcd\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.pcd"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pct\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.pct"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.pcx"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pef\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-3753796688-2580414821-3746615019-1001)
"Progid"="ACDSee Pro 5.pef"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pgm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.pgm"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pic\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.pic"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pict\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.pict"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pix\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.pix"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.png\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-3753796688-2580414821-3746615019-1001)
"Progid"="ACDSee Pro 5.png"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ppm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.ppm"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.psd\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.psd"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.psp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.psp"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pspbrush\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.pspbrush"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pspimage\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.pspimage"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.raf\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-3753796688-2580414821-3746615019-1001)
"Progid"="ACDSee Pro 5.raf"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ras\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.ras"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.raw\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-3753796688-2580414821-3746615019-1001)
"Progid"="ACDSee Pro 5.raw"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rgb\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.rgb"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rgba\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.rgba"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rle\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.rle"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rsb\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.rsb"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rw2\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-3753796688-2580414821-3746615019-1001)
"Progid"="ACDSee Pro 5.rw2"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rwl\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.rwl"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sgi\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.sgi"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sr2\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-3753796688-2580414821-3746615019-1001)
"Progid"="ACDSee Pro 5.sr2"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.srf\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-3753796688-2580414821-3746615019-1001)
"Progid"="ACDSee Pro 5.srf"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.srw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.srw"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tga\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.tga"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.thm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.thm"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tif\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-3753796688-2580414821-3746615019-1001)
"Progid"="ACDSee Pro 5.tif"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tiff\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-3753796688-2580414821-3746615019-1001)
"Progid"="ACDSee Pro 5.tiff"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ttc\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.ttc"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ttf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.ttf"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v50po\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.v50po"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v50pp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.v50pp"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v50ppf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.v50ppf"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.wbm"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wbmp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.wbmp"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.wmf"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.xbm"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.xif"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xmp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.xmp"
.
[HKEY_USERS\S-1-5-21-3753796688-2580414821-3746615019-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xpm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.xpm"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_287_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_287_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Nico Mak Computing\WinZip]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2012-10-18 21:59:53
ComboFix-quarantined-files.txt 2012-10-18 19:59
.
Vor Suchlauf: 12 Verzeichnis(se), 364.693.229.568 Bytes frei
Nach Suchlauf: 21 Verzeichnis(se), 364.565.950.464 Bytes frei
.
- - End Of File - - 9488C3C6C8BDDE6681DBD75AC042A686
Code:
ATTFilter Report of OSAM: Autorun Manager v5.0.11926.0 hxxp://www.online-solutions.ru/en/ Saved at 23:25:10 on 18.10.2012 OS: Windows 7 Home Premium Edition Service Pack 1 (Build 7601), 64-bit Default Browser: Mozilla Corporation Firefox 16.0.1 Scanner Settings [x] Rootkits detection (hidden registry) [x] Rootkits detection (hidden files) [x] Retrieve files information [x] Check Microsoft signatures Filters [ ] Trusted entries [ ] Empty entries [x] Hidden registry entries (rootkit activity) [x] Exclusively opened files [x] Not found files [x] Files without detailed information [x] Existing files [ ] Non-startable services [ ] Non-startable drivers [x] Active entries [x] Disabled entries [Common] -----( %SystemRoot%\Tasks )----- "HPCeeScheduleForNatalie.job" - "Hewlett-Packard" - C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe "FacebookUpdateTaskUserS-1-5-21-3753796688-2580414821-3746615019-1001Core.job" - "Facebook Inc." - C:\Users\Natalie\AppData\Local\Facebook\Update\FacebookUpdate.exe "FacebookUpdateTaskUserS-1-5-21-3753796688-2580414821-3746615019-1001UA.job" - "Facebook Inc." - C:\Users\Natalie\AppData\Local\Facebook\Update\FacebookUpdate.exe "Adobe Flash Player Updater.job" - "Adobe Systems Incorporated" - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [Drivers] -----( HKLM\SYSTEM\CurrentControlSet\Services )----- "AVG Anti-Rootkit Driver" (Avgrkx64) - "AVG Technologies CZ, s.r.o." - C:\Windows\System32\DRIVERS\avgrkx64.sys "AVG AVI Loader Driver" (Avgldx64) - "AVG Technologies CZ, s.r.o." - C:\Windows\System32\DRIVERS\avgldx64.sys "AVG Logging Driver" (Avgloga) - "AVG Technologies CZ, s.r.o." - C:\Windows\System32\DRIVERS\avgloga.sys "AVG Mini-Filter Resident Anti-Virus Shield" (Avgmfx64) - "AVG Technologies CZ, s.r.o." - C:\Windows\System32\DRIVERS\avgmfx64.sys "AVG TDI Driver" (Avgtdia) - "AVG Technologies CZ, s.r.o." - C:\Windows\System32\DRIVERS\avgtdia.sys "AVGIDSDriver" (AVGIDSDriver) - "AVG Technologies CZ, s.r.o. " - C:\Windows\System32\DRIVERS\avgidsdrivera.sys "AVGIDSHA" (AVGIDSHA) - "AVG Technologies CZ, s.r.o. " - C:\Windows\System32\DRIVERS\avgidsha.sys "avgtp" (avgtp) - "AVG Technologies" - C:\Windows\system32\drivers\avgtpx64.sys "catchme" (catchme) - ? - C:\ComboFix\catchme.sys (File not found) "MBAMProtector" (MBAMProtector) - "Malwarebytes Corporation" - C:\Windows\system32\drivers\mbam.sys "Sftfs" (Sftfs) - "Microsoft Corporation" - C:\Windows\System32\DRIVERS\Sftfslh.sys "Sftplay" (Sftplay) - "Microsoft Corporation" - C:\Windows\System32\DRIVERS\Sftplaylh.sys "Sftredir" (Sftredir) - "Microsoft Corporation" - C:\Windows\System32\DRIVERS\Sftredirlh.sys "Sftvol" (Sftvol) - "Microsoft Corporation" - C:\Windows\System32\DRIVERS\Sftvollh.sys [Explorer] -----( HKLM\Software\Classes\Folder\shellex\ColumnHandlers )----- {F9DB5320-233E-11D1-9F84-707F02C10627} "PDF Shell Extension" - "Adobe Systems, Inc." - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll {C52AF81D-F7A0-4AAB-8E87-F80A60CCD396} "{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}" - ? - C:\Program Files (x86)\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll -----( HKLM\Software\Classes\Protocols\Filter )----- {20C75730-7C25-476B-95DC-C65810F9E489} "XMLMimeFilterPP Class" - "Advanced Micro Devices" - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll {20C75730-7C25-476B-95DC-C65810F9E489} "XMLMimeFilterPP Class" - "Advanced Micro Devices" - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll -----( HKLM\Software\Classes\Protocols\Handler )----- {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} "Album Download IE Asynchronous Pluggable Protocol Interface" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll {828030A1-22C1-4009-854F-8E305202313F} "livecall" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll {828030A1-22C1-4009-854F-8E305202313F} "msnim" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll {B658800C-F66E-4EF3-AB85-6C0C227862A9} "ViProtocolOLE Class" - ? - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\13.2.0\ViProtocol.dll {03C514A3-1EFB-4856-9F99-10D7BE1653C0} "Windows Live Mail HTML Asynchronous Pluggable Protocol Handler" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )----- {9F97547E-460A-42C5-AE0C-81C61FFAEBC3} "AVG Find Extension" - ? - (File not found | COM-object registry key not found) {9F97547E-4609-42C5-AE0C-81C61FFAEBC3} "AVG Shell Extension Class" - "AVG Technologies CZ, s.r.o." - C:\Program Files (x86)\AVG\AVG2013\avgse.dll {5E2121EE-0300-11D4-8D3B-444553540000} "Catalyst Context Menu extension" - ? - (File not found | COM-object registry key not found) {993BE281-6695-4BA5-8A2A-7AACBFAAB69E} "Microsoft Office Metadata Handler" - "Microsoft Corporation" - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\msoshext.dll {C41662BB-1FA0-4CE0-8DC5-9B7F8279FF97} "Microsoft Office Thumbnail Handler" - "Microsoft Corporation" - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\msoshext.dll {C52AF81D-F7A0-4AAB-8E87-F80A60CCD396} "OpenOffice.org Column Handler" - ? - C:\Program Files (x86)\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll {087B3AE3-E237-4467-B8DB-5A38AB959AC9} "OpenOffice.org Infotip Handler" - ? - C:\Program Files (x86)\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll {AE424E85-F6DF-4910-A6A9-438797986431} "OpenOffice.org Property Handler" - ? - C:\Program Files (x86)\OpenOffice.org 3\Basis\program\shlxthdl\propertyhdl.dll {63542C48-9552-494A-84F7-73AA6A7C99C1} "OpenOffice.org Property Sheet Handler" - ? - C:\Program Files (x86)\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll {3B092F0C-7696-40E3-A80F-68D74DA84210} "OpenOffice.org Thumbnail Viewer" - ? - C:\Program Files (x86)\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll {E6FB5E20-DE35-11CF-9C87-00AA005127ED} "WebCheck" - ? - (File not found | COM-object registry key not found) {2BE99FD4-A181-4996-BFA9-58C5FFD11F6C} "Windows Live Photo Gallery Autoplay Drop Target" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe {00F30F64-AC33-42F5-8FD1-5DC2D3FDE06C} "Windows Live Photo Gallery Editor Drop Target" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe {00F3712A-CA79-45B4-9E4D-D7891E7F8B9D} "Windows Live Photo Gallery Editor Shim" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\PhotoViewerShim.dll {00F30F90-3E96-453B-AFCD-D71989ECC2C7} "Windows Live Photo Gallery Viewer Autoplay Shim" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\PhotoViewerShim.dll {00F33137-EE26-412F-8D71-F84E4C2C6625} "Windows Live Photo Gallery Viewer Autoplay Shim" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\PhotoViewerShim.dll {00F374B7-B390-4884-B372-2FC349F2172B} "Windows Live Photo Gallery Viewer Drop Target" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe {00F346CB-35A4-465B-8B8F-65A29DBAB1F6} "Windows Live Photo Gallery Viewer Shim" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\PhotoViewerShim.dll {0563DB41-F538-4B37-A92D-4659049B7766} "WLMD Message Handler" - ? - (File not found | COM-object registry key not found) {06A2568A-CED6-4187-BB20-400B8C02BE5A} "{06A2568A-CED6-4187-BB20-400B8C02BE5A}" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoAcquireWizard.exe -----( HKLM\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad )----- {E6FB5E20-DE35-11CF-9C87-00AA005127ED} "WebCheck" - ? - (File not found | COM-object registry key not found) [Internet Explorer] -----( HKCU\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars )----- {555D4D79-4BD2-4094-A395-CFC534424A05} "HP Smart Web Printing" - "Hewlett-Packard Co." - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll -----( HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser )----- ITBar7Height "ITBar7Height" - ? - (File not found | COM-object registry key not found) ITBar7Height64 "ITBar7Height64" - ? - (File not found | COM-object registry key not found) <binary data> "ITBar7Layout" - ? - (File not found | COM-object registry key not found) -----( HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units )----- {8AD9C840-044E-11D1-B3E9-00805F499D93} "Java Plug-in 1.6.0_31" - "Sun Microsystems, Inc." - C:\Program Files (x86)\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} "Java Plug-in 1.6.0_31" - "Sun Microsystems, Inc." - C:\Program Files (x86)\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} "Java Plug-in 1.6.0_31" - "Sun Microsystems, Inc." - C:\Program Files (x86)\Java\jre6\bin\npjpi160_31.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab -----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars )----- {555D4D79-4BD2-4094-A395-CFC534424A05} "HP Smart Web Printing" - "Hewlett-Packard Co." - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll -----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions )----- {5F7B1267-94A9-47F5-98DB-E99415F33AEC} "@C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll {DDE87865-83C5-48c4-8357-2F5B1AA84522} "HP Smart Web Printing ein- oder ausblenden" - "Hewlett-Packard Co." - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll "ICQ7.7" - "ICQ, LLC." - C:\Program Files (x86)\ICQ7.7\ICQ.exe -----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar )----- <binary data> "AVG Security Toolbar" - ? - C:\Program Files (x86)\AVG Secure Search\13.2.0.1\AVG Secure Search_toolbar.dll -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects )----- {18DF081C-E8AD-4283-A596-FA578C2EBDC3} "Adobe PDF Link Helper" - "Adobe Systems Incorporated" - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll {95B7759C-8C7F-4BF1-B163-73684A933233} "AVG Security Toolbar" - ? - C:\Program Files (x86)\AVG Secure Search\13.2.0.1\AVG Secure Search_toolbar.dll {0347C33E-8762-4905-BF09-768834316C61} "HP Print Enhancer" - "Hewlett-Packard Co." - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} "HP Smart BHO Class" - "Hewlett-Packard Co." - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll {DBC80044-A445-435b-BC74-9C25C1C588A9} "Java(tm) Plug-In 2 SSV Helper" - "Sun Microsystems, Inc." - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} "Java(tm) Plug-In SSV Helper" - "Sun Microsystems, Inc." - C:\Program Files (x86)\Java\jre6\bin\ssv.dll {9030D464-4C02-4ABF-8ECC-5164760863C6} "Windows Live ID-Anmelde-Hilfsprogramm" - "Microsoft Corp." - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [LSA Providers] -----( HKLM\SYSTEM\CurrentControlSet\Control\Lsa )----- "Security Packages" - "Microsoft Corp." - C:\Windows\system32\livessp.dll [Logon] -----( %APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup )----- "desktop.ini" - ? - C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini "Facebook Messenger.lnk" - "Facebook" - C:\Users\Natalie\AppData\Local\Facebook\Messenger\2.1.4651.0\FacebookMessenger.exe (Shortcut exists | File exists) -----( %AllUsersProfile%\Microsoft\Windows\Start Menu\Programs\Startup )----- "desktop.ini" - ? - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini "HP Digital Imaging Monitor.lnk" - "Hewlett-Packard Co." - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Shortcut exists | File exists) -----( HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run )----- "Facebook Update" - "Facebook Inc." - "C:\Users\Natalie\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver -----( HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server\Wds\rdpwd )----- "StartupPrograms" - ? - rdpclip (File not found) -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Run )----- "Adobe ARM" - "Adobe Systems Incorporated" - "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "Adobe Reader Speed Launcher" - "Adobe Systems Incorporated" - "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" "AVG_UI" - "AVG Technologies CZ, s.r.o." - "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY "HP Quick Launch" - "Hewlett-Packard Development Company, L.P." - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe "HP Software Update" - "Hewlett-Packard" - C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe "HPOSD" - "Hewlett-Packard Development Company, L.P." - C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe "HPQuickWebProxy" - "Hewlett-Packard Company" - "C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe" "ROC_roc_ssl_v12" - ? - "C:\Program Files (x86)\AVG Secure Search\ROC_roc_ssl_v12.exe" / /PROMPT /CMPID=roc_ssl_v12 "StartCCC" - "Advanced Micro Devices, Inc." - "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun "SunJavaUpdateSched" - "Sun Microsystems, Inc." - "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" "vProt" - ? - "C:\Program Files (x86)\AVG Secure Search\vprot.exe" "WinampAgent" - "Nullsoft, Inc." - "C:\Program Files (x86)\Winamp\winampa.exe" [Services] -----( HKLM\SYSTEM\CurrentControlSet\Services )----- "@%ProgramFiles%\Windows Defender\MsMpRes.dll,-103" (WinDefend) - ? - C:\Program Files (x86)\Windows Defender\mpsvc.dll (File not found) "@%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101" (WMPNetworkSvc) - ? - "C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe" (File not found) "Adobe Acrobat Update Service" (AdobeARMservice) - "Adobe Systems Incorporated" - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe "Adobe Flash Player Update Service" (AdobeFlashPlayerUpdateSvc) - "Adobe Systems Incorporated" - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe "AMD FUEL Service" (AMD FUEL Service) - "Advanced Micro Devices, Inc." - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe "Application Virtualization Client" (sftlist) - "Microsoft Corporation" - C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe "Application Virtualization Service Agent" (sftvsa) - "Microsoft Corporation" - C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe "ASP.NET State Service" (aspnet_state) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe "AVG WatchDog" (avgwd) - "AVG Technologies CZ, s.r.o." - C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe "AVGIDSAgent" (AVGIDSAgent) - "AVG Technologies CZ, s.r.o." - C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe "Client Virtualization Handler" (cvhsvc) - "Microsoft Corporation" - C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE "Easybits Services for Windows" (ezSharedSvc) - ? - C:\Windows\system32\drivers\ezSharedSvc.sys (File not found) "GamesAppService" (GamesAppService) - "WildTangent, Inc." - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe "Google Updater Service" (gusvc) - "Google" - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe "HP Client Services" (HPClientSvc) - "Hewlett-Packard Company" - C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe "HP CUE DeviceDiscovery Service" (hpqddsvc) - "Hewlett-Packard Co." - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll "HP Quick Synchronization Service" (HPDrvMntSvc.exe) - "Hewlett-Packard Company" - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe "HP Software Framework Service" (hpqwmiex) - "Hewlett-Packard Company" - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe "HP Support Assistant Service" (HP Support Assistant Service) - "Hewlett-Packard Company" - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe "hpqcxs08" (hpqcxs08) - "Hewlett-Packard Co." - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll "HPWMISVC" (HPWMISVC) - "Hewlett-Packard Development Company, L.P." - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe "IconMan_R" (IconMan_R) - "Realsil Microelectronics Inc." - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe "MBAMScheduler" (MBAMScheduler) - "Malwarebytes Corporation" - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe "MBAMService" (MBAMService) - "Malwarebytes Corporation" - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe "Microsoft .NET Framework NGEN v4.0.30319_X64" (clr_optimization_v4.0.30319_64) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe "Microsoft .NET Framework NGEN v4.0.30319_X86" (clr_optimization_v4.0.30319_32) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe "Mozilla Maintenance Service" (MozillaMaintenance) - "Mozilla Foundation" - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe "Office Source Engine" (ose) - "Microsoft Corporation" - C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE "Office Software Protection Platform" (osppsvc) - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE "vToolbarUpdater12.2.6" (vToolbarUpdater12.2.6) - ? - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\12.2.6\ToolbarUpdater.exe "vToolbarUpdater13.2.0" (vToolbarUpdater13.2.0) - ? - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe "Windows Live ID Sign-in Assistant" (wlidsvc) - "Microsoft Corp." - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [Winsock Providers] -----( HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries )----- "WindowsLive Local NSP" - "Microsoft Corp." - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL "WindowsLive NSP" - "Microsoft Corp." - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL ===[ Logfile end ]=========================================[ Logfile end ]=== If You have questions or want to get some help, You can visit hxxp://forum.online-solutions.ru Code:
ATTFilter aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-10-18 23:28:40
-----------------------------
23:28:40.635 OS Version: Windows x64 6.1.7601 Service Pack 1
23:28:40.635 Number of processors: 2 586 0x100
23:28:40.635 ComputerName: NATALIE-HP UserName: Natalie
23:28:42.275 Initialize success
23:31:24.886 AVAST engine defs: 12101801
23:32:16.416 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\0000006e
23:32:16.426 Disk 0 Vendor: TOSHIBA_ GS00 Size: 610480MB BusType: 11
23:32:16.446 Disk 0 MBR read successfully
23:32:16.446 Disk 0 MBR scan
23:32:16.466 Disk 0 Windows 7 default MBR code
23:32:16.486 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 199 MB offset 2048
23:32:16.506 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 590129 MB offset 409600
23:32:16.536 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 16087 MB offset 1208993792
23:32:16.556 Disk 0 Partition 4 00 0C FAT32 LBA MSDOS5.0 4063 MB offset 1241939968
23:32:16.606 Disk 0 scanning C:\Windows\system32\drivers
23:32:28.096 Service scanning
23:33:05.666 Modules scanning
23:33:05.676 Disk 0 trace - called modules:
23:33:05.736 ntoskrnl.exe CLASSPNP.SYS disk.sys amd_xata.sys ACPI.sys storport.sys hal.dll amd_sata.sys
23:33:05.746 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8005f82060]
23:33:05.756 3 CLASSPNP.SYS[fffff8800180143f] -> nt!IofCallDriver -> [0xfffffa8005c2aa30]
23:33:05.766 5 amd_xata.sys[fffff8800115da1d] -> nt!IofCallDriver -> [0xfffffa8005c25160]
23:33:05.776 7 ACPI.sys[fffff88000ef87a1] -> nt!IofCallDriver -> \Device\0000006e[0xfffffa8005c269c0]
23:33:07.276 AVAST engine scan C:\Windows
23:33:11.236 AVAST engine scan C:\Windows\system32
23:36:22.076 AVAST engine scan C:\Windows\system32\drivers
23:36:39.446 AVAST engine scan C:\Users\Natalie
23:51:16.428 AVAST engine scan C:\ProgramData
23:55:55.409 Scan finished successfully
23:57:20.609 Disk 0 MBR has been saved successfully to "C:\Users\Natalie\Desktop\MBR.dat"
23:57:20.609 The log file has been saved successfully to "C:\Users\Natalie\Desktop\aswMBR.txt"
|
|
19.10.2012, 09:56
| #41 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Fehlermeldung beim Neustart C:\ Users\User\AppData\Local\Temp\wgsdgsdgdsgsd.exe Du hast kein GMER-Log gepostet, das war nochmal das von combofix
__________________ Logfiles bitte immer in CODE-Tags posten |
|
19.10.2012, 11:43
| #43 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Fehlermeldung beim Neustart C:\ Users\User\AppData\Local\Temp\wgsdgsdgdsgsd.exe Sieht ok aus. Wir sollten fast durch sein. Mach bitte zur Kontrolle Vollscans mit Malwarebytes und SUPERAntiSpyware und poste die Logs. Denk dran beide Tools zu updaten vor dem Scan!!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
20.10.2012, 08:14
| #44 |
| | Fehlermeldung beim Neustart C:\ Users\User\AppData\Local\Temp\wgsdgsdgdsgsd.exe Malware Log Code:
ATTFilter Malwarebytes Anti-Malware (Test) 1.65.1.1000 www.malwarebytes.org Datenbank Version: v2012.10.19.07 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 Natalie :: NATALIE-HP [Administrator] Schutz: Deaktiviert 19.10.2012 15:27:40 mbam-log-2012-10-19 (15-27-40).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|E:\|Q:\|) Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 363604 Laufzeit: 47 Minute(n), 57 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) SuperAntiSpyware Log Code:
ATTFilter SUPERAntiSpyware Scan Log
hxxp://www.superantispyware.com
Generated 10/19/2012 at 07:35 PM
Application Version : 5.6.1012
Core Rules Database Version : 9437
Trace Rules Database Version: 7249
Scan type : Complete Scan
Total Scan Time : 02:06:34
Operating System Information
Windows 7 Home Premium 64-bit, Service Pack 1 (Build 6.01.7601)
UAC On - Limited User
Memory items scanned : 784
Memory threats detected : 0
Registry items scanned : 71680
Registry threats detected : 0
File items scanned : 161632
File threats detected : 480
Adware.Tracking Cookie
C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\O35NGEKK.txt [ /ero-advertising.com ]
C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\U0J9RGBM.txt [ /ad2.adfarm1.adition.com ]
C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\SSOFC13Z.txt [ /ad.yieldmanager.com ]
C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\PH44KT8J.txt [ /ads.creative-serving.com ]
C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\XH1I9RKB.txt [ /tracking.quisma.com ]
C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\FUYYR6KR.txt [ /a.revenuemax.de ]
C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\XRACA2PE.txt [ /clicksor.com ]
C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\POIB1WJR.txt [ /www.etracker.de ]
C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\LL83ABOQ.txt [ /2o7.net ]
C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\AKO57PXS.txt [ /banners.victor.com ]
C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\BV9FPIKK.txt [ /de.partypoker.com ]
C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\QGYE8DPA.txt [ /www.googleadservices.com ]
C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\QFJ5JGX4.txt [ /im.banner.t-online.de ]
C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\G7YHYR14.txt [ /tracking.mindshare.de ]
C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\CMEEIFDY.txt [ /ww251.smartadserver.com ]
C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\LFKI0ZL8.txt [ /track.effiliation.com ]
C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\PPJEDAJ1.txt [ /ad.ad-srv.net ]
C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\LJ8N3OPI.txt [ /gostats.de ]
C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\4L5QAK1Q.txt [ /ad.dyntracker.de ]
C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\DZ011Y30.txt [ /www.googleadservices.com ]
C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\M512RG1U.txt [ /adxpose.com ]
C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\ZNC089FI.txt [ /casalemedia.com ]
C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\8UUFEN6T.txt [ /webmasterplan.com ]
C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\9Z5D1X2L.txt [ /bwincom.122.2o7.net ]
C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\6MZ8BAHZ.txt [ /imrworldwide.com ]
C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\R2QWDW27.txt [ /ad1.adfarm1.adition.com ]
C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\3KY15D4P.txt [ /stat.ed.cupidplc.com ]
C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\E8NSNKVT.txt [ /rts.pgmediaserve.com ]
C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\MGN85WJY.txt [ /amazon-adsystem.com ]
C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\CX66I3LK.txt [ /tomtailor.dyntracker.com ]
C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\YA9UTJ9F.txt [ /tracker.vinsight.de ]
C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\5BY4RVUA.txt [ /eas.apm.emediate.eu ]
C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\3PK125CW.txt [ /track.adform.net ]
C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\XO95OUH3.txt [ /www.mmtracking.com ]
C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\TJLYQRQ9.txt [ /wmedia.rotator.hadj7.adjuggler.net ]
C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\INMUVG0O.txt [ /de.sitestat.com ]
C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\JUT51UAR.txt [ /aa.adfarm1.adition.com ]
C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\GIHIZEQL.txt [ /ads.onvertise.com ]
C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\Y4DV1OQR.txt [ /serving-sys.com ]
C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\EFTA8JD7.txt [ /ad.360yield.com ]
C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\TE8AN8P1.txt [ /xiti.com ]
C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\5JZ9TZXE.txt [ /ads.247activemedia.com ]
C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\YV3ME9U8.txt [ /mediaplex.com ]
C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\IWPKKYAF.txt [ /unitymedia.de ]
C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\1FS94ANO.txt [ /revsci.net ]
C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\LYX1XKUN.txt [ /adbrite.com ]
C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\XDXSMHC3.txt [ /adtech.de ]
C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\YL08J1IB.txt [ /partypoker.com ]
C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\9ZWLDZE8.txt [ /accounts.youtube.com ]
C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\FGFQ1ED0.txt [ /fastclick.net ]
C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\YPF5B76I.txt [ /histats.com ]
C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\KGK9R087.txt [ /statcounter.com ]
C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\Y5C8UO6L.txt [ /ads.lzjl.com ]
C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\QOWGG3CF.txt [ /track.effiliation.com ]
C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\FVC7QYEY.txt [ /mmotraffic.com ]
C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\R7XSDLRG.txt [ /adfarm1.adition.com ]
C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\JXIP60K2.txt [ /aim4media.com ]
C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\KC2VIZGT.txt [ /zbox.zanox.com ]
C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\UUYA5MRG.txt [ /smartadserver.com ]
C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\9GBLF82L.txt [ /tracking.kissmyads.com ]
C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\1GVF442K.txt [ /ad3.adfarm1.adition.com ]
C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\YOUFUTH0.txt [ /7.rotator.trafficbee.com ]
C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\J1R6FIYQ.txt [ /doubleclick.net ]
C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\QDO6CQ9Q.txt [ /ad.zanox.com ]
C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\UQH74IMN.txt [ /specificclick.net ]
C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\CV727O41.txt [ /apmebf.com ]
C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\13W7FTBS.txt [ /ad.adnet.de ]
C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\J5Y1BL35.txt [ /bdsm28.de ]
C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\PHLNJGU6.txt [ /ad4.adfarm1.adition.com ]
C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\E84PA8CS.txt [ /questionmarket.com ]
C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\KRVLQA0W.txt [ /adform.net ]
C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\GVAU6GNC.txt [ /liveperson.net ]
C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\M0FL4H6L.txt [ /bs.serving-sys.com ]
C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\B5T71GQ2.txt [ /www.googleadservices.com ]
C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\XSBO4MI3.txt [ /ads.crakmedia.com ]
C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\GSJTI6U2.txt [ /clickfuse.com ]
C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\K1Q6EJC6.txt [ /ads.adk2.com ]
C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\PCHFSWH3.txt [ /www.zanox-affiliate.de ]
C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\MQQ04O9W.txt [ /www.googleadservices.com ]
C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\0T87U07Q.txt [ /c.atdmt.com ]
C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\STIZ53J3.txt [ /zanox-affiliate.de ]
C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\D27ZF4Q2.txt [ /tradedoubler.com ]
C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\NMUPR527.txt [ /yieldmanager.net ]
C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\5UIKG83Y.txt [ /myroitracking.com ]
C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\W1UWQ8S4.txt [ /7.rotator.wigetmedia.com ]
C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\ASQ63AQK.txt [ /ad-emea.doubleclick.net ]
C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\F1WNKG3S.txt [ /media6degrees.com ]
C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\C9PCRY8H.txt [ /atdmt.com ]
C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\S0IJ8806.txt [ /zedo.com ]
C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\2P0II1LJ.txt [ /statse.webtrendslive.com ]
C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\5SJ47PSX.txt [ /unister-adservices.com ]
C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\6ER4HVM8.txt [ /tribalfusion.com ]
C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\U0RH69EH.txt [ /eas4.emediate.eu ]
C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\7KB0AAIX.txt [ /invitemedia.com ]
C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\4S36C5Z5.txt [ /accounts.google.com ]
C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\BH9UC9ES.txt [ /ad.ics-int.com ]
C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\BG674UQ5.txt [ /adserver3.oberberg.net ]
C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\RFN6XFHX.txt [ /zanox.com ]
C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\3ZV7ITRR.txt [ /movieclipscom.122.2o7.net ]
C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\HP6PKXVS.txt [ /ru4.com ]
C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\IZ0E84TR.txt [ /traffictrack.de ]
C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\135FT992.txt [ /studivz.adfarm1.adition.com ]
C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\RYEDEYZ5.txt [ /pro-market.net ]
C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\OT4ECVL2.txt [ /ads.immobilienscout24.de ]
C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\RR0T43PT.txt [ /stat.easydate.biz ]
C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\YX6SEKVD.txt [ /ads.advrtice.com ]
C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\QMPCE6X1.txt [ /countomat.com ]
C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\JLUCE5OE.txt [ /geoadserving.coffeetree.info ]
C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\27RCY0JN.txt [ /mm.chitika.net ]
C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\DJSRZRQ4.txt [ /adx.chip.de ]
C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\3RORMRCW.txt [ /ads.pubmatic.com ]
C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\R9NS695F.txt [ /tracking.mlsat02.de ]
C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\TRD51QJE.txt [ /ads.glispa.com ]
C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\TT0RQ0IX.txt [ /guj.122.2o7.net ]
C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\WSTNXQ54.txt [ /avgtechnologies.112.2o7.net ]
C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\9O9KF60O.txt [ /advertising.com ]
C:\Users\Natalie\AppData\Roaming\Microsoft\Windows\Cookies\18YRPKYS.txt [ /viewad.exchangecash.de ]
C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\AQ5BAQHP.txt [ Cookie:natalie@eu.battle.net/account ]
C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\6Y0M524H.txt [ Cookie:natalie@ubesttorrent2011.com/tracking/ ]
C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\013L1WOG.txt [ Cookie:natalie@google.com/accounts/recovery/ ]
C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\ZBGGGH4L.txt [ Cookie:natalie@at.atwola.com/ ]
C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\IAGYBD0G.txt [ Cookie:natalie@ad.yieldmanager.com/ ]
C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\9RKJIZR3.txt [ Cookie:natalie@a.revenuemax.de/ ]
C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\PZVC0KHR.txt [ Cookie:natalie@tracking.quisma.com/ ]
C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\5VRTHJ07.txt [ Cookie:natalie@gostats.com/ ]
C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\ZYB2H5KF.txt [ Cookie:natalie@www.etracker.de/ ]
C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\3VJDU7UY.txt [ Cookie:natalie@lucidmedia.com/ ]
C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\KO8WOLDX.txt [ Cookie:natalie@track.effiliation.com/servlet/ ]
C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\6XT2TPZZ.txt [ Cookie:natalie@gostats.de/ ]
C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\SYFJNJ1L.txt [ Cookie:natalie@hightraffic.hugoboss.com/ ]
C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\MFLJBX2G.txt [ Cookie:natalie@ad.dyntracker.de/ ]
C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\CN50OXS7.txt [ Cookie:natalie@webmasterplan.com/ ]
C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\J8TN8EP2.txt [ Cookie:natalie@bwincom.122.2o7.net/ ]
C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\LWLVO8DP.txt [ Cookie:natalie@imrworldwide.com/cgi-bin ]
C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\6061FEK4.txt [ Cookie:natalie@account.betfair.com/ ]
C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\V1N5HHKX.txt [ Cookie:natalie@ad1.adfarm1.adition.com/ ]
C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\V2G96X74.txt [ Cookie:natalie@rts.pgmediaserve.com/ ]
C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\OP5FDQHM.txt [ Cookie:natalie@content.yieldmanager.com/ ]
C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\G2UKG8U4.txt [ Cookie:natalie@eas.apm.emediate.eu/ ]
C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\QNDGPU2J.txt [ Cookie:natalie@serving-sys.com/ ]
C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\NV512FEK.txt [ Cookie:natalie@labelfinder.glamour.de/ ]
C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\PF25HAMZ.txt [ Cookie:natalie@uk.sitestat.com/ladbrokes/sports/ ]
C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\DE9H4BWH.txt [ Cookie:natalie@unitymedia.de/ ]
C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\YPF2HN09.txt [ Cookie:natalie@revsci.net/ ]
C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\2P60328D.txt [ Cookie:natalie@adbrite.com/ ]
C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\T33ZD5DD.txt [ Cookie:natalie@a.trackfox2.com/ ]
C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\YFZ2W5E4.txt [ Cookie:natalie@adtech.de/ ]
C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\natalie@accounts.youtube[1].txt [ Cookie:natalie@accounts.youtube.com/accounts ]
C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\7FJJOH0J.txt [ Cookie:natalie@statcounter.com/ ]
C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\2X32UK4K.txt [ Cookie:natalie@fastclick.net/ ]
C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\YO7J7WMQ.txt [ Cookie:natalie@mmotraffic.com/ ]
C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\8QKW9NMR.txt [ Cookie:natalie@adfarm1.adition.com/ ]
C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\OM9O1ZT6.txt [ Cookie:natalie@counter2.sexmoney.com/ ]
C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\XW728BKC.txt [ Cookie:natalie@doubleclick.net/ ]
C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\E5EL0QDF.txt [ Cookie:natalie@bdsm28.de/ ]
C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\B7SS5LF6.txt [ Cookie:natalie@apmebf.com/ ]
C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\5BA1WZCD.txt [ Cookie:natalie@ad4.adfarm1.adition.com/ ]
C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\RER899DX.txt [ Cookie:natalie@questionmarket.com/ ]
C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\99KB99P9.txt [ Cookie:natalie@bs.serving-sys.com/ ]
C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\YZKW80K4.txt [ Cookie:natalie@adform.net/ ]
C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\D9AUUUVH.txt [ Cookie:natalie@liveperson.net/ ]
C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\0W6SF145.txt [ Cookie:natalie@adserver.adtechus.com/ ]
C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\I03VCJH1.txt [ Cookie:natalie@zanox-affiliate.de/ ]
C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\K3NBR4O6.txt [ Cookie:natalie@tradedoubler.com/ ]
C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\VJANSN01.txt [ Cookie:natalie@advertstream.com/a ]
C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\U9AONJYV.txt [ Cookie:natalie@myroitracking.com/ ]
C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\YNWSGZUE.txt [ Cookie:natalie@7.rotator.wigetmedia.com/ ]
C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\73ZWMH4C.txt [ Cookie:natalie@media6degrees.com/ ]
C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\A5SPV3E8.txt [ Cookie:natalie@atdmt.com/ ]
C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\EKD9CSCJ.txt [ Cookie:natalie@zedo.com/ ]
C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\NQ4XCM97.txt [ Cookie:natalie@eas4.emediate.eu/ ]
C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\8NDUS0KI.txt [ Cookie:natalie@accounts.google.com/ ]
C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\TQIEXSG5.txt [ Cookie:natalie@adserver3.oberberg.net/ ]
C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\AGATCBB6.txt [ Cookie:natalie@mediatraffic.com/ ]
C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\K1H2VKM2.txt [ Cookie:natalie@8tracks.com/ ]
C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\93ZJ9HXU.txt [ Cookie:natalie@server.cpmstar.com/ ]
C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\G7VV3K6M.txt [ Cookie:natalie@adserver.twitpic.com/ ]
C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\T3LNCG73.txt [ Cookie:natalie@adxpose.com/ ]
C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\3ODME6QU.txt [ Cookie:natalie@edates.traffective-tracking.com/ ]
C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\7DNJR8SF.txt [ Cookie:natalie@clkads.com/adServe ]
C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\A7GGE7Y2.txt [ Cookie:natalie@sexkontakt.com/ ]
C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\Y1BNT32Q.txt [ Cookie:natalie@www.adserving.pixfuture.net/ ]
C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\GTVKXOYX.txt [ Cookie:natalie@tomtailor.dyntracker.com/ ]
C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\BIKIF7QF.txt [ Cookie:natalie@track.adform.net/ ]
C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\ZCKPZ1SV.txt [ Cookie:natalie@track.senzapudore.net/ ]
C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\7104WHAS.txt [ Cookie:natalie@studivz.adfarm1.adition.com/ ]
C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\274MOYUX.txt [ Cookie:natalie@mywebstats.it/ ]
C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\9ZOHOCTY.txt [ Cookie:natalie@farm1.netxmedia.net/ ]
C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\JYZRYYCM.txt [ Cookie:natalie@tracking.affiliaxe.com/ ]
C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\UZRI72NE.txt [ Cookie:natalie@bestoffersmedia.com/ ]
C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\75QQ8Z6M.txt [ Cookie:natalie@www.sexkontakt.com/ ]
C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\RPSIDI6H.txt [ Cookie:natalie@interclick.com/ ]
C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\R738HMXD.txt [ Cookie:natalie@partypoker.com/ ]
C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\HOP9JZFL.txt [ Cookie:natalie@histats.com/ ]
C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\860N4SS0.txt [ Cookie:natalie@ads2.medianord.de/ ]
C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\648EGB6A.txt [ Cookie:natalie@adlegend.com/ ]
C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\TR8Q1W52.txt [ Cookie:natalie@stat.easydate.biz/ ]
C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\V0OR21F0.txt [ Cookie:natalie@smartadserver.com/ ]
C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\7BT18V7Y.txt [ Cookie:natalie@server.adform.net/ ]
C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\7M8WZOYF.txt [ Cookie:natalie@e2.emediate.se/ ]
C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\UEKQZQU4.txt [ Cookie:natalie@counter.sexsuche.tv/ ]
C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\86OWDGT1.txt [ Cookie:natalie@adx.chip.de/ ]
C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\GQ8Z7J14.txt [ Cookie:natalie@specificclick.net/ ]
C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\G89F8Q6Y.txt [ Cookie:natalie@ad.adnet.de/ ]
C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\UGYXY8ZF.txt [ Cookie:natalie@clickbank.net/ ]
C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\I2Z4NJKO.txt [ Cookie:natalie@adserver.innovalue.net/ ]
C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\VLOO905L.txt [ Cookie:natalie@www.media970.com/ ]
C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\BO2HFMXS.txt [ Cookie:natalie@statsadv.dadapro.com/ ]
C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\LWRZ9C1W.txt [ Cookie:natalie@s2.netxmedia.net/ ]
C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\FVYQ2DR8.txt [ Cookie:natalie@c.atdmt.com/ ]
C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\UDODW44C.txt [ Cookie:natalie@adnetwork.net/ ]
C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\YYNKER3Q.txt [ Cookie:natalie@yieldmanager.net/ ]
C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\7DMKA008.txt [ Cookie:natalie@loads7.com/ ]
C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\20WS5WFM.txt [ Cookie:natalie@pornme.com/ ]
C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\9PQPPV3R.txt [ Cookie:natalie@mediadealr.com/ ]
C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\7ZLHJD9E.txt [ Cookie:natalie@de.sitestat.com/ndr/ndr/ ]
C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\KXOFNPFQ.txt [ Cookie:natalie@unister-adservices.com/campaign/conversion/22 ]
C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\YG458L3A.txt [ Cookie:natalie@advertising.com/ ]
C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\4T6LX5LL.txt [ Cookie:natalie@traffic.brokerbabe.com/ ]
C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\GGT2UXRT.txt [ Cookie:natalie@www.hdpornmobile.xxx/ ]
C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\5KUC7BFM.txt [ Cookie:natalie@www.123-counter.de/ ]
C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\PAU3FIRZ.txt [ Cookie:natalie@viewad.exchangecash.de/ ]
C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\1EKS3G31.txt [ Cookie:natalie@www.googleadservices.com/pagead/conversion/1053503741/ ]
C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\1TKO3IUB.txt [ Cookie:natalie@2o7.net/ ]
C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\1SVOD0D6.txt [ Cookie:natalie@de.partypoker.com/ ]
C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\8VPJ0ZTN.txt [ Cookie:natalie@ww251.smartadserver.com/ ]
C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\GX23X7B0.txt [ Cookie:natalie@in.mydirtyhobby.com/track/xCkSAGAU/ ]
C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\LHEQQ0PD.txt [ Cookie:natalie@tracking.dc-storm.com/ ]
C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\FFTPUM7O.txt [ Cookie:natalie@fidelity.rotator.hadj7.adjuggler.net/ ]
C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\VCS972CH.txt [ Cookie:natalie@tracker.vinsight.de/ ]
C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\6WC8BS6P.txt [ Cookie:natalie@www.googleadservices.com/pagead/conversion/1060365111/ ]
C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\AX8WHSBO.txt [ Cookie:natalie@www.moviepilot.de/ ]
C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\S08OU73M.txt [ Cookie:natalie@urbia.wwe-media.de/ ]
C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\INIBML8Y.txt [ Cookie:natalie@microsoftsto.112.2o7.net/ ]
C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\RYB4Y5FO.txt [ Cookie:natalie@media.neodau.com/ ]
C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\ZRF5P4AB.txt [ Cookie:natalie@rotator.hadj7.adjuggler.net/ ]
C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\HPLXFNQ3.txt [ Cookie:natalie@deutschepostag.112.2o7.net/ ]
C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\0T97I6MN.txt [ Cookie:natalie@unister-adservices.com/ ]
C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\436DJWZB.txt [ Cookie:natalie@adserving.randyrun.com/ ]
C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\FG7IS1DS.txt [ Cookie:natalie@ubesttorrent2011.com/tracking/ ]
C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\AE7FZF24.txt [ Cookie:natalie@clkads.com/adServe/banners ]
C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\R4C3YT25.txt [ Cookie:natalie@7.rotator.trafficbee.com/ ]
C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\XKEQYUE5.txt [ Cookie:natalie@xm.xtendmedia.com/ ]
C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\KB7Z99MS.txt [ Cookie:natalie@adt.traffictrack.de/ ]
C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\YUALPHY8.txt [ Cookie:natalie@cmpmedica.112.2o7.net/ ]
C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\TZR9WULR.txt [ Cookie:natalie@tracker.bmtsystem.com/ ]
C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\DA54W650.txt [ Cookie:natalie@in.watchme.com/track/AxoUAGId/ ]
C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\L2PCBYOB.txt [ Cookie:natalie@tradetracker.net/ ]
C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\4RF8KF04.txt [ Cookie:natalie@burstnet.com/ ]
C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\SIFZW1ST.txt [ Cookie:natalie@googleads.g.doubleclick.net/ ]
C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\QW9YH58N.txt [ Cookie:natalie@sexpartnerclub.net/ ]
C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\MWSX86Q4.txt [ Cookie:natalie@banners.victor.com/ ]
C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\3UK6QCT4.txt [ Cookie:natalie@www.googleadservices.com/pagead/conversion/1038913304/ ]
C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\F85V3RAB.txt [ Cookie:natalie@www.googleadservices.com/pagead/conversion/1028954965/ ]
C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\4J80HJQ1.txt [ Cookie:natalie@nextag.de/ ]
C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\PHTF99HH.txt [ Cookie:natalie@opodo.122.2o7.net/ ]
C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\L5KR13KG.txt [ Cookie:natalie@aa.adfarm1.adition.com/ ]
C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\PN0H87ZE.txt [ Cookie:natalie@pro-market.net/ ]
C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\3BAEQEC8.txt [ Cookie:natalie@ads.saymedia.com/ ]
C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\1RJB68YK.txt [ Cookie:natalie@moviepilot.de/ ]
C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\D6Z5U440.txt [ Cookie:natalie@adserver.advertisingbox.com/ ]
C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\B5DUZCX6.txt [ Cookie:natalie@ad.adserver01.de/ ]
C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\SWNFJ27G.txt [ Cookie:natalie@www.googleadservices.com/pagead/conversion/1065473929/ ]
C:\USERS\NATALIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\GVWT2H3T.txt [ Cookie:natalie@track.zalando.de/789345933667438/ ]
C:\USERS\NATALIE\Cookies\SSOFC13Z.txt [ Cookie:natalie@ad.yieldmanager.com/ ]
C:\USERS\NATALIE\Cookies\XH1I9RKB.txt [ Cookie:natalie@tracking.quisma.com/ ]
C:\USERS\NATALIE\Cookies\FUYYR6KR.txt [ Cookie:natalie@a.revenuemax.de/ ]
C:\USERS\NATALIE\Cookies\POIB1WJR.txt [ Cookie:natalie@www.etracker.de/ ]
C:\USERS\NATALIE\Cookies\LL83ABOQ.txt [ Cookie:natalie@2o7.net/ ]
C:\USERS\NATALIE\Cookies\AKO57PXS.txt [ Cookie:natalie@banners.victor.com/ ]
C:\USERS\NATALIE\Cookies\BV9FPIKK.txt [ Cookie:natalie@de.partypoker.com/ ]
C:\USERS\NATALIE\Cookies\QGYE8DPA.txt [ Cookie:natalie@www.googleadservices.com/pagead/conversion/1028954965/ ]
C:\USERS\NATALIE\Cookies\CMEEIFDY.txt [ Cookie:natalie@ww251.smartadserver.com/ ]
C:\USERS\NATALIE\Cookies\LFKI0ZL8.txt [ Cookie:natalie@track.effiliation.com/servlet/ ]
C:\USERS\NATALIE\Cookies\LJ8N3OPI.txt [ Cookie:natalie@gostats.de/ ]
C:\USERS\NATALIE\Cookies\4L5QAK1Q.txt [ Cookie:natalie@ad.dyntracker.de/ ]
C:\USERS\NATALIE\Cookies\DZ011Y30.txt [ Cookie:natalie@www.googleadservices.com/pagead/conversion/1006871605/ ]
C:\USERS\NATALIE\Cookies\M512RG1U.txt [ Cookie:natalie@adxpose.com/ ]
C:\USERS\NATALIE\Cookies\8UUFEN6T.txt [ Cookie:natalie@webmasterplan.com/ ]
C:\USERS\NATALIE\Cookies\9Z5D1X2L.txt [ Cookie:natalie@bwincom.122.2o7.net/ ]
C:\USERS\NATALIE\Cookies\6MZ8BAHZ.txt [ Cookie:natalie@imrworldwide.com/cgi-bin ]
C:\USERS\NATALIE\Cookies\R2QWDW27.txt [ Cookie:natalie@ad1.adfarm1.adition.com/ ]
C:\USERS\NATALIE\Cookies\E8NSNKVT.txt [ Cookie:natalie@rts.pgmediaserve.com/ ]
C:\USERS\NATALIE\Cookies\AQ5BAQHP.txt [ Cookie:natalie@eu.battle.net/account ]
C:\USERS\NATALIE\Cookies\CX66I3LK.txt [ Cookie:natalie@tomtailor.dyntracker.com/ ]
C:\USERS\NATALIE\Cookies\YA9UTJ9F.txt [ Cookie:natalie@tracker.vinsight.de/ ]
C:\USERS\NATALIE\Cookies\5BY4RVUA.txt [ Cookie:natalie@eas.apm.emediate.eu/ ]
C:\USERS\NATALIE\Cookies\3PK125CW.txt [ Cookie:natalie@track.adform.net/ ]
C:\USERS\NATALIE\Cookies\JUT51UAR.txt [ Cookie:natalie@aa.adfarm1.adition.com/ ]
C:\USERS\NATALIE\Cookies\Y4DV1OQR.txt [ Cookie:natalie@serving-sys.com/ ]
C:\USERS\NATALIE\Cookies\IWPKKYAF.txt [ Cookie:natalie@unitymedia.de/ ]
C:\USERS\NATALIE\Cookies\1FS94ANO.txt [ Cookie:natalie@revsci.net/ ]
C:\USERS\NATALIE\Cookies\LYX1XKUN.txt [ Cookie:natalie@adbrite.com/ ]
C:\USERS\NATALIE\Cookies\XDXSMHC3.txt [ Cookie:natalie@adtech.de/ ]
C:\USERS\NATALIE\Cookies\YL08J1IB.txt [ Cookie:natalie@partypoker.com/ ]
C:\USERS\NATALIE\Cookies\9ZWLDZE8.txt [ Cookie:natalie@accounts.youtube.com/accounts ]
C:\USERS\NATALIE\Cookies\FGFQ1ED0.txt [ Cookie:natalie@fastclick.net/ ]
C:\USERS\NATALIE\Cookies\YPF5B76I.txt [ Cookie:natalie@histats.com/ ]
C:\USERS\NATALIE\Cookies\KGK9R087.txt [ Cookie:natalie@statcounter.com/ ]
C:\USERS\NATALIE\Cookies\FVC7QYEY.txt [ Cookie:natalie@mmotraffic.com/ ]
C:\USERS\NATALIE\Cookies\R7XSDLRG.txt [ Cookie:natalie@adfarm1.adition.com/ ]
C:\USERS\NATALIE\Cookies\6Y0M524H.txt [ Cookie:natalie@ubesttorrent2011.com/tracking/ ]
C:\USERS\NATALIE\Cookies\JXIP60K2.txt [ Cookie:natalie@aim4media.com/ ]
C:\USERS\NATALIE\Cookies\UUYA5MRG.txt [ Cookie:natalie@smartadserver.com/ ]
C:\USERS\NATALIE\Cookies\9GBLF82L.txt [ Cookie:natalie@tracking.kissmyads.com/ ]
C:\USERS\NATALIE\Cookies\YOUFUTH0.txt [ Cookie:natalie@7.rotator.trafficbee.com/ ]
C:\USERS\NATALIE\Cookies\J1R6FIYQ.txt [ Cookie:natalie@doubleclick.net/ ]
C:\USERS\NATALIE\Cookies\UQH74IMN.txt [ Cookie:natalie@specificclick.net/ ]
C:\USERS\NATALIE\Cookies\CV727O41.txt [ Cookie:natalie@apmebf.com/ ]
C:\USERS\NATALIE\Cookies\13W7FTBS.txt [ Cookie:natalie@ad.adnet.de/ ]
C:\USERS\NATALIE\Cookies\J5Y1BL35.txt [ Cookie:natalie@bdsm28.de/ ]
C:\USERS\NATALIE\Cookies\PHLNJGU6.txt [ Cookie:natalie@ad4.adfarm1.adition.com/ ]
C:\USERS\NATALIE\Cookies\E84PA8CS.txt [ Cookie:natalie@questionmarket.com/ ]
C:\USERS\NATALIE\Cookies\KRVLQA0W.txt [ Cookie:natalie@adform.net/ ]
C:\USERS\NATALIE\Cookies\GVAU6GNC.txt [ Cookie:natalie@liveperson.net/ ]
C:\USERS\NATALIE\Cookies\M0FL4H6L.txt [ Cookie:natalie@bs.serving-sys.com/ ]
C:\USERS\NATALIE\Cookies\B5T71GQ2.txt [ Cookie:natalie@www.googleadservices.com/pagead/conversion/1069528796/ ]
C:\USERS\NATALIE\Cookies\XSBO4MI3.txt [ Cookie:natalie@ads.crakmedia.com/ ]
C:\USERS\NATALIE\Cookies\PCHFSWH3.txt [ Cookie:natalie@www.zanox-affiliate.de/ ]
C:\USERS\NATALIE\Cookies\MQQ04O9W.txt [ Cookie:natalie@www.googleadservices.com/pagead/conversion/1066732035/ ]
C:\USERS\NATALIE\Cookies\0T87U07Q.txt [ Cookie:natalie@c.atdmt.com/ ]
C:\USERS\NATALIE\Cookies\STIZ53J3.txt [ Cookie:natalie@zanox-affiliate.de/ ]
C:\USERS\NATALIE\Cookies\D27ZF4Q2.txt [ Cookie:natalie@tradedoubler.com/ ]
C:\USERS\NATALIE\Cookies\NMUPR527.txt [ Cookie:natalie@yieldmanager.net/ ]
C:\USERS\NATALIE\Cookies\5UIKG83Y.txt [ Cookie:natalie@myroitracking.com/ ]
C:\USERS\NATALIE\Cookies\W1UWQ8S4.txt [ Cookie:natalie@7.rotator.wigetmedia.com/ ]
C:\USERS\NATALIE\Cookies\F1WNKG3S.txt [ Cookie:natalie@media6degrees.com/ ]
C:\USERS\NATALIE\Cookies\C9PCRY8H.txt [ Cookie:natalie@atdmt.com/ ]
C:\USERS\NATALIE\Cookies\S0IJ8806.txt [ Cookie:natalie@zedo.com/ ]
C:\USERS\NATALIE\Cookies\2P0II1LJ.txt [ Cookie:natalie@statse.webtrendslive.com/ ]
C:\USERS\NATALIE\Cookies\5SJ47PSX.txt [ Cookie:natalie@unister-adservices.com/campaign/conversion/22 ]
C:\USERS\NATALIE\Cookies\U0RH69EH.txt [ Cookie:natalie@eas4.emediate.eu/ ]
C:\USERS\NATALIE\Cookies\4S36C5Z5.txt [ Cookie:natalie@accounts.google.com/ ]
C:\USERS\NATALIE\Cookies\BG674UQ5.txt [ Cookie:natalie@adserver3.oberberg.net/ ]
C:\USERS\NATALIE\Cookies\013L1WOG.txt [ Cookie:natalie@google.com/accounts/recovery/ ]
C:\USERS\NATALIE\Cookies\3ZV7ITRR.txt [ Cookie:natalie@movieclipscom.122.2o7.net/ ]
C:\USERS\NATALIE\Cookies\135FT992.txt [ Cookie:natalie@studivz.adfarm1.adition.com/ ]
C:\USERS\NATALIE\Cookies\RYEDEYZ5.txt [ Cookie:natalie@pro-market.net/ ]
C:\USERS\NATALIE\Cookies\RR0T43PT.txt [ Cookie:natalie@stat.easydate.biz/ ]
C:\USERS\NATALIE\Cookies\JLUCE5OE.txt [ Cookie:natalie@geoadserving.coffeetree.info/ ]
C:\USERS\NATALIE\Cookies\27RCY0JN.txt [ Cookie:natalie@mm.chitika.net/ ]
C:\USERS\NATALIE\Cookies\DJSRZRQ4.txt [ Cookie:natalie@adx.chip.de/ ]
C:\USERS\NATALIE\Cookies\R9NS695F.txt [ Cookie:natalie@tracking.mlsat02.de/tmobile/ ]
C:\USERS\NATALIE\Cookies\9O9KF60O.txt [ Cookie:natalie@advertising.com/ ]
C:\USERS\NATALIE\Cookies\18YRPKYS.txt [ Cookie:natalie@viewad.exchangecash.de/ ]
.doubleclick.net [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
.atdmt.com [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
.atdmt.com [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
.fastclick.net [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
.overture.com [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
track.adform.net [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
.advertising.com [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
ad.zanox.com [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
.zanox.com [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
ad4.adfarm1.adition.com [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
.imrworldwide.com [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
.imrworldwide.com [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
.im.banner.t-online.de [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
eas.apm.emediate.eu [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
eas.apm.emediate.eu [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
eas.apm.emediate.eu [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
.amazon-adsystem.com [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
.amazon-adsystem.com [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
.bs.serving-sys.com [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
track.effiliation.com [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
track.effiliation.com [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
track.effiliation.com [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
track.effiliation.com [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
track.effiliation.com [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
track.effiliation.com [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
tomtailor.dyntracker.com [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
.apmebf.com [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
.mediaplex.com [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
.zanox-affiliate.de [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
.zanox-affiliate.de [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
ad.dyntracker.de [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
track.adform.net [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
.adform.net [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
.adxpose.com [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
adfarm1.adition.com [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
.questionmarket.com [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
.questionmarket.com [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
.mediaplex.com [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
adx2.chip.de [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
ad1.adfarm1.adition.com [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
ad.zanox.com [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
.zanox.com [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
.traffictrack.de [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
adx.chip.de [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
.tracking.quisma.com [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
adx.chip.de [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
.tracker.vinsight.de [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
adx.chip.de [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
.doubleclick.net [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
7.rotator.trafficbee.com [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
7.rotator.trafficbee.com [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
7.rotator.trafficbee.com [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
7.rotator.wigetmedia.com [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
7.rotator.wigetmedia.com [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
7.rotator.wigetmedia.com [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
ads.crakmedia.com [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
ad3.adfarm1.adition.com [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
ad2.adfarm1.adition.com [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
ww251.smartadserver.com [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\NATALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IVCVR686.DEFAULT\COOKIES.SQLITE ]
|
|
21.10.2012, 12:01
| #45 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Fehlermeldung beim Neustart C:\ Users\User\AppData\Local\Temp\wgsdgsdgdsgsd.exeCode:
ATTFilter UAC On - Limited User
Bitte so wie es in der Anleitung steht auch ausführen! Zitat:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
| Themen zu Fehlermeldung beim Neustart C:\ Users\User\AppData\Local\Temp\wgsdgsdgdsgsd.exe |
| anhang, anti, appdata, arten, beim starten, eingefangen, ergebnis, fehlermeldung, gefangen, gefunde, gestartet, local, malwarebytes, modul, neustart, notebooks, problem, programm, sauber, starte, starten, tagen, taucht, temp, users, virsu, wgsdgsdgdsgsd.exe |
Linear-Darstellung
