"Webseite kann nicht angezeigt werden" bei Windows 7 Boot

cosinus · 22.10.2012, 11:09

Mach bitte einen (neuen) CustomScan mit OTL - das Log davon nach Möglichkeit hier in CODE-Tags posten.

Wird so gemacht:

[code] hier steht das Log [/code]

Und das ganze sieht dann so aus:

Code:

ATTFilter

 hier steht das Log

Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop. Falls schon vorhanden, bitte die ältere vorhandene Datei durch die neu heruntergeladene Datei ersetzen, damit du auch wirklich mit einer aktuellen Version von OTL arbeitest.

Starte bitte die OTL.exe.
Vista und Win7 User mit Rechtsklick "als Administrator starten"
Setze oben mittig den Haken bei Scanne alle Benutzer
Kopiere nun den kompletten Inhalt aus der untenstehenden Codebox in die Textbox von OTL - wenn OTL auf deutsch ist wird sie mit beschriftet

Code:

ATTFilter

netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.exe
/md5start
wininit.exe
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
CREATERESTOREPOINT

Schliesse bitte nun alle Programme. (Wichtig)
Klicke nun bitte auf den Quick Scan Button.
Klick auf .
Kopiere nun den Inhalt aus OTL.txt hier in Deinen Thread

turambar · 22.10.2012, 18:45

OTL Logfile:

Code:

ATTFilter

OTL logfile created on: 22.10.2012 19:16:26 - Run 2
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Friedel\Desktop
 Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,25 Gb Total Physical Memory | 2,79 Gb Available Physical Memory | 85,96% Memory free
6,50 Gb Paging File | 6,08 Gb Available in Paging File | 93,56% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 1376,16 Gb Total Space | 795,87 Gb Free Space | 57,83% Space Free | Partition Type: NTFS
Drive D: | 20,00 Gb Total Space | 11,66 Gb Free Space | 58,31% Space Free | Partition Type: NTFS
 
Computer Name: WHEATLEY | User Name: Friedel | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012.10.22 19:13:37 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Friedel\Desktop\OTL.exe
PRC - [2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009.07.14 03:14:42 | 000,181,760 | ---- | M] (Microsoft Corporation) -- C:\Programme\Common Files\microsoft shared\ink\TabTip.exe
 
 
========== Modules (No Company Name) ==========
 
 
========== Services (SafeList) ==========
 
SRV - [2012.10.19 13:22:09 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.10.09 14:10:59 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.10.06 11:35:15 | 000,529,744 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012.06.19 13:44:22 | 000,777,728 | ---- | M] (Eastman Kodak Company) [Auto | Stopped] -- C:\Programme\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe -- (Kodak AiO Status Monitor Service)
SRV - [2012.06.18 21:13:46 | 000,394,712 | ---- | M] (Eastman Kodak Company) [Auto | Stopped] -- C:\Programme\Kodak\AiO\Center\EKAiOHostService.exe -- (Kodak AiO Network Discovery Service)
SRV - [2012.01.14 13:00:03 | 000,651,720 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Programme\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2011.09.08 19:29:46 | 000,176,128 | ---- | M] (AMD) [Auto | Stopped] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2011.09.08 17:48:34 | 005,554,552 | ---- | M] (Wacom Technology, Corp.) [Auto | Stopped] -- C:\Programme\Tablet\Pen\Pen_Tablet.exe -- (TabletServicePen)
SRV - [2011.09.08 17:48:34 | 000,451,960 | ---- | M] (Wacom Technology, Corp.) [Auto | Stopped] -- C:\Programme\Tablet\Pen\Pen_TouchService.exe -- (TouchServicePen)
SRV - [2011.09.08 13:41:20 | 000,291,840 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Stopped] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV - [2011.05.26 14:34:34 | 000,191,752 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Programme\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011.04.01 11:16:44 | 000,353,288 | ---- | M] (G Data Software AG) [On_Demand | Stopped] -- C:\Programme\Common Files\G Data\GDScan\GDScan.exe -- (GDScan)
SRV - [2011.04.01 11:16:02 | 000,409,608 | ---- | M] (G Data Software AG) [Auto | Stopped] -- C:\Programme\G Data\AntiVirus\AVK\AVKService.exe -- (AVKService)
SRV - [2011.04.01 11:15:58 | 001,430,024 | ---- | M] (G Data Software AG) [Auto | Stopped] -- C:\Programme\Common Files\G Data\AVKProxy\AVKProxy.exe -- (AVKProxy)
SRV - [2011.04.01 03:28:44 | 001,368,648 | ---- | M] (G Data Software AG) [Auto | Stopped] -- C:\Programme\G Data\AntiVirus\AVK\AVKWCtl.exe -- (AVKWCtl)
SRV - [2011.03.10 20:57:04 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Programme\Microsoft\BingBar\SeaPort.EXE -- (BBUpdate)
SRV - [2010.12.10 18:30:50 | 000,086,880 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- c:\Programme\Microsoft SQL Server\90\Shared\sqlwriter.exe -- (SQLWriter)
SRV - [2010.12.10 18:29:30 | 029,293,408 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\Programme\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe -- (MSSQL$SONY_MEDIAMGR2)
SRV - [2010.12.10 18:29:30 | 000,238,944 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- c:\Programme\Microsoft SQL Server\90\Shared\sqlbrowser.exe -- (SQLBrowser)
SRV - [2010.12.10 18:29:30 | 000,044,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- c:\Programme\Microsoft SQL Server\90\Shared\sqladhlp90.exe -- (MSSQLServerADHelper)
SRV - [2010.11.20 14:17:56 | 001,121,792 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Programme\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc)
SRV - [2010.05.27 18:24:52 | 000,122,880 | ---- | M] (Sony DADC Austria AG.) [Auto | Stopped] -- C:\Windows\System32\UAService7.exe -- (UserAccess7)
SRV - [2010.01.09 22:37:50 | 004,640,000 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc)
SRV - [2010.01.09 22:18:00 | 000,149,352 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE -- (ose)
SRV - [2009.08.18 11:29:22 | 001,529,728 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2009.07.14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009.07.14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009.02.03 15:53:00 | 001,155,072 | ---- | M] (MAGIX AG) [Auto | Stopped] -- C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe -- (Fabs)
SRV - [2008.09.16 13:03:18 | 000,169,312 | ---- | M] (Adobe Systems Incorporated) [Auto | Stopped] -- C:\Programme\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor7.0)
SRV - [2008.08.07 11:10:02 | 003,276,800 | ---- | M] (MAGIX®) [On_Demand | Stopped] -- C:\Programme\Common Files\MAGIX Services\Database\bin\fbserver.exe -- (FirebirdServerMAGIXInstance)
SRV - [2007.07.24 12:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) [Auto | Stopped] -- c:\Programme\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\Friedel\AppData\Local\Temp\sony_ssm.sys -- (sony_ssm.sys)
DRV - [2012.05.14 14:48:51 | 000,030,256 | ---- | M] (G Data Software) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\GRD.sys -- (GRD)
DRV - [2011.09.08 20:26:10 | 008,606,208 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (amdkmdag)
DRV - [2011.09.08 18:52:20 | 000,248,832 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmpag.sys -- (amdkmdap)
DRV - [2011.09.08 17:49:36 | 000,010,752 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\wacmoumonitor.sys -- (wacmoumonitor)
DRV - [2011.09.08 17:49:26 | 000,011,312 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\wacommousefilter.sys -- (wacommousefilter)
DRV - [2011.09.08 17:49:24 | 000,014,120 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\wacomvhid.sys -- (wacomvhid)
DRV - [2011.06.25 15:33:21 | 000,048,344 | ---- | M] (G Data Software AG) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\PktIcpt.sys -- (GDPkIcpt)
DRV - [2011.06.25 15:32:39 | 000,039,640 | ---- | M] (G Data Software AG) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\HookCentre.sys -- (HookCentre)
DRV - [2011.06.25 15:32:37 | 000,074,456 | ---- | M] (G Data Software AG) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\MiniIcpt.sys -- (GDMnIcpt)
DRV - [2011.06.25 15:32:37 | 000,037,720 | ---- | M] (G Data Software AG) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\GDBehave.sys -- (GDBehave)
DRV - [2011.06.25 15:32:35 | 000,029,400 | ---- | M] (G Data Software AG) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\GdNetMon32.sys -- (GdNetMon)
DRV - [2011.06.25 15:32:33 | 000,052,440 | ---- | M] (G Data Software AG) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\gdwfpcd32.sys -- (gdwfpcd)
DRV - [2011.06.24 06:25:26 | 000,039,424 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Stopped] -- C:\Programme\ATI Technologies\ATI.ACE\Fuel\i386\aoddriver2.sys -- (AODDriver4.01)
DRV - [2010.11.25 06:59:16 | 000,603,240 | ---- | M] (Realtek Semiconductor Corporation                           ) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\RTL8192su.sys -- (RTL8192su)
DRV - [2010.11.20 12:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010.11.20 11:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010.02.18 09:18:22 | 000,037,944 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\amdiox86.sys -- (amdiox86)
DRV - [2009.11.19 01:25:04 | 000,100,352 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV - [2009.07.07 23:48:14 | 000,011,832 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\amdide.sys -- (amdide)
DRV - [2009.06.05 04:53:42 | 000,027,320 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\usbfilter.sys -- (usbfilter)
DRV - [2009.05.05 11:00:28 | 000,014,392 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\AtiPcie.sys -- (AtiPcie)
DRV - [2002.06.20 19:45:42 | 000,020,128 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WmFilter.sys -- (WmFilter)
DRV - [2002.06.20 19:45:40 | 000,010,144 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\WmBEnum.sys -- (WmBEnum)
DRV - [2002.06.20 19:45:36 | 000,005,728 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WmVirHid.sys -- (WmVirHid)
DRV - [2002.06.20 19:45:34 | 000,039,776 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\WmXlCore.sys -- (WmXlCore)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\..\SearchScopes,DefaultScope = 
 
 
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = 
 
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = 
 
IE - HKU\S-1-5-21-3744982105-1280326129-4264077337-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.aldi.com
IE - HKU\S-1-5-21-3744982105-1280326129-4264077337-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://medion.msn.com [binary data]
IE - HKU\S-1-5-21-3744982105-1280326129-4264077337-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-3744982105-1280326129-4264077337-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-3744982105-1280326129-4264077337-1000\..\SearchScopes,DefaultScope = 
IE - HKU\S-1-5-21-3744982105-1280326129-4264077337-1000\..\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E}: "URL" = hxxp://127.0.0.1:4664/search&s=mI-j8KbO_ixizyRHH-boFqQjMH4?q={searchTerms}
IE - HKU\S-1-5-21-3744982105-1280326129-4264077337-1000\..\SearchScopes\{C6FD38B5-0D2D-4DEC-A3DB-E7828C35256F}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=MEDTDF&pc=MAMD&src=IE-SearchBox
IE - HKU\S-1-5-21-3744982105-1280326129-4264077337-1000\..\SearchScopes\{E4E9256C-AFF3-42A9-AA1E-FD719320B1AE}: "URL" = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=302398&p={searchTerms}
IE - HKU\S-1-5-21-3744982105-1280326129-4264077337-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3744982105-1280326129-4264077337-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=302398&ilc=12"
FF - prefs.js..extensions.enabledItems: pdfforge@mybrowserbar.com:6.2
FF - prefs.js..extensions.enabledItems: wtxpcom@mybrowserbar.com:6.2
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: {9AA46F4F-4DC7-4c06-97AF-5035170633FE}:22.1.11089.229
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}:6.0.30
FF - prefs.js..keyword.URL: "hxxp://de.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=302398&p="
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_4_402_287.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MIF5BA~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.4: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MIF5BA~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@wacom.com/wacom-plugin,version=1.1.0.10: C:\Program Files\TabletPlugins\npwacom.dll (Wacom, Inc.)
FF - HKLM\Software\MozillaPlugins\@wacom.com/wtPlugin,version=2.0.0.1: C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\wacom.com/WacomTabletPlugin: C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.10.19 13:22:10 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.10.19 13:22:06 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 3.1.5\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2012.05.26 10:39:06 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 3.1.5\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins
 
[2010.10.23 19:51:12 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Friedel\AppData\Roaming\mozilla\Extensions
[2010.10.23 19:51:12 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Friedel\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2012.10.21 14:51:40 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Friedel\AppData\Roaming\mozilla\Firefox\Profiles\q1xpekqa.default\extensions
[2012.10.19 13:22:06 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2012.10.19 13:22:06 | 000,000,000 | ---D | M] (G Data WebFilter) -- C:\Programme\Mozilla Firefox\extensions\{9AA46F4F-4DC7-4c06-97AF-5035170633FE}
[2012.10.19 13:22:10 | 000,261,600 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011.11.10 06:54:13 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2012.09.06 03:26:22 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012.10.19 13:22:09 | 000,002,058 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml
 
========== Chrome  ==========
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - homepage: about:blank
CHR - Extension: YouTube = C:\Users\Friedel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2_0\
CHR - Extension: Google-Suche = C:\Users\Friedel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.14_0\
CHR - Extension: Google Mail = C:\Users\Friedel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\6.1.3_0\
 
O1 HOSTS File: ([2009.06.10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (G Data WebFilter) - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Programme\G Data\AntiVirus\WebFilter\AvkWebIE.dll (G Data Software AG)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (BHO) - {BA3295CF-17ED-4F49-9E95-D999A0ADBFDC} - C:\Programme\Common Files\G Data\AVKProxy\BanksafeBHO.dll (G Data Software AG)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (G Data WebFilter) - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Programme\G Data\AntiVirus\WebFilter\AvkWebIE.dll (G Data Software AG)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\S-1-5-21-3744982105-1280326129-4264077337-1000\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [BambooCore] C:\Programme\Bamboo Dock\BambooCore.exe ()
O4 - HKLM..\Run: [CLMLServer] C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)
O4 - HKLM..\Run: [Conime] %windir%\system32\conime.exe File not found
O4 - HKLM..\Run: [EKIJ5000StatusMonitor] C:\Windows\System32\spool\drivers\w32x86\3\EKIJ5000MUI.exe (Eastman Kodak Company)
O4 - HKLM..\Run: [G Data AntiVirus Tray Application] C:\Programme\G Data\AntiVirus\AVKTray\AVKTray.exe (G Data Software AG)
O4 - HKLM..\Run: [RoxWatchTray] C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe (Sonic Solutions)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [Ulead AutoDetector v2] C:\Programme\Common Files\Ulead Systems\AutoDetector\Monitor.exe (Ulead Systems, Inc.)
O4 - HKU\S-1-5-21-3744982105-1280326129-4264077337-1000..\Run: [HP Deskjet 3070 B611 series (NET)] C:\Program Files\HP\HP Deskjet 3070 B611 series\Bin\ScanToPCActivationApp.exe (Hewlett-Packard Co.)
O4 - HKU\S-1-5-21-3744982105-1280326129-4264077337-1000..\Run: [mywmdfzslonndag] C:\ProgramData\mywmdfzs.exe ()
O4 - HKU\S-1-5-21-3744982105-1280326129-4264077337-1000..\Run: [Start WingMan Profiler]  File not found
O4 - HKU\S-1-5-21-3744982105-1280326129-4264077337-1000..\Run: [Steam] C:\Program Files\Steam\Steam.exe (Valve Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - Startup: C:\Users\Friedel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk = C:\Programme\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8 - Extra context menu item: An OneNote s&enden - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - C:\Programme\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MIF5BA~1\Office12\EXCEL.EXE/3000 File not found
O9 - Extra Button: eBay - Der weltweite Online-Marktplatz - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-31/4 File not found
O9 - Extra 'Tools' menuitem : eBay - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-31/4 File not found
O9 - Extra Button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-3744982105-1280326129-4264077337-1000\..Trusted Domains: fritz.repeater ([]* in Lokales Intranet)
O15 - HKU\S-1-5-21-3744982105-1280326129-4264077337-1000\..Trusted Domains: localhost ([]http in Lokales Intranet)
O15 - HKU\S-1-5-21-3744982105-1280326129-4264077337-1000\..Trusted Ranges: GD ([http] in Lokales Intranet)
O15 - HKU\S-1-5-21-3744982105-1280326129-4264077337-1000\..Trusted Ranges: Range1 ([*] in Lokales Intranet)
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} hxxp://download.microsoft.com/download/C/B/F/CBF23A2C-3E55-4664-BC5C-762780D79BA0/OGAControl.cab (Office Genuine Advantage Validation Tool)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/C/0/C/C0CBBA88-A6F2-48D9-9B0E-1719D1177202/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {1E3F1348-4370-4BBE-A67A-CC7ED824CA85} hxxp://download.microsoft.com/download/7/4/9/749b0dc5-2175-4d5b-a6dd-9c4bc923683e/Selfhelpcontrol.cab (Microsoft Genuine Advantage Self Support Tool)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{479857B1-B47D-4A4A-A160-9DB2B23B5395}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5525416A-6096-4384-B2E8-4DCBE6671729}: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~1\GO36F4~1.DLL) - C:\Programme\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{d9a49e23-5a88-11df-9689-4061869323d4}\Shell - "" = AutoRun
O33 - MountPoints2\{d9a49e23-5a88-11df-9689-4061869323d4}\Shell\AutoRun\command - "" = J:\LaunchU3.exe -a
O33 - MountPoints2\J\Shell - "" = AutoRun
O33 - MountPoints2\J\Shell\AutoRun\command - "" = J:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
NetSvcs: FastUserSwitchingCompatibility -  File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla -  File not found
NetSvcs: Ntmssvc -  File not found
NetSvcs: NWCWorkstation -  File not found
NetSvcs: Nwsapagent -  File not found
NetSvcs: SRService -  File not found
NetSvcs: WmdmPmSp -  File not found
NetSvcs: LogonHours -  File not found
NetSvcs: PCAudit -  File not found
NetSvcs: helpsvc -  File not found
NetSvcs: uploadmgr -  File not found
 
 
SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: NTDS -  File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: WinDefend - C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: NTDS -  File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vmms - Service
SafeBootNet: WinDefend - C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Windows Media Player 5.2
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
 
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.IV41 - C:\Windows\System32\ir41_32.ax (Intel Corporation)
 
CREATERESTOREPOINT
Unable to start System Restore Service. Error code 1084
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.10.22 19:13:34 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Friedel\Desktop\OTL.exe
[2012.10.19 13:22:05 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2012.10.19 08:26:01 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2012.10.19 08:25:23 | 002,322,184 | ---- | C] (ESET) -- C:\Users\Friedel\Desktop\esetsmartinstaller_enu.exe
[2012.10.14 14:35:40 | 000,000,000 | ---D | C] -- C:\Users\Friedel\AppData\Roaming\Malwarebytes
[2012.10.14 14:35:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.10.14 14:35:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.10.14 14:35:31 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012.10.14 14:35:31 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012.10.14 14:11:35 | 000,000,000 | ---D | C] -- C:\ProgramData\tvmklivslpgoqej
[2012.10.13 16:28:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarCraft II
[2012.10.13 14:56:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Battle.net
[2012.10.13 14:52:27 | 000,000,000 | ---D | C] -- C:\Users\Friedel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\StarCraft II
[2012.10.13 14:31:22 | 000,000,000 | ---D | C] -- C:\Users\Friedel\Documents\StarCraft II
[2012.10.13 14:31:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Blizzard Entertainment
[2012.10.13 14:31:21 | 000,000,000 | ---D | C] -- C:\Program Files\StarCraft II
[2012.10.13 14:31:21 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Blizzard Entertainment
[2012.09.24 21:27:14 | 000,000,000 | ---D | C] -- C:\Users\Friedel\AppData\Local\Eastman_Kodak_Company
[2012.09.24 21:24:29 | 000,000,000 | ---D | C] -- C:\Users\Friedel\AppData\Local\Eastman Kodak Company
[2012.09.24 21:23:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kodak
[2012.09.24 21:15:23 | 000,000,000 | ---D | C] -- C:\Windows\System32\kodak
[2012.09.24 21:13:08 | 000,000,000 | ---D | C] -- C:\Program Files\Kodak
[2012.09.24 21:11:11 | 000,000,000 | ---D | C] -- C:\Users\Friedel\AppData\Roaming\Temp
[2012.09.24 21:11:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Kodak
[4 C:\Users\Friedel\Documents\*.tmp files -> C:\Users\Friedel\Documents\*.tmp -> ]
[3 C:\Users\Friedel\*.tmp files -> C:\Users\Friedel\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2012.10.22 19:13:37 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Friedel\Desktop\OTL.exe
[2012.10.22 19:11:19 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.10.22 19:11:05 | 2615,910,400 | -HS- | M] () -- C:\hiberfil.sys
[2012.10.19 08:25:27 | 002,322,184 | ---- | M] (ESET) -- C:\Users\Friedel\Desktop\esetsmartinstaller_enu.exe
[2012.10.17 15:35:00 | 000,001,962 | ---- | M] () -- C:\Users\Friedel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tintenwarnungen überwachen - HP Deskjet 3070 B611 series (Netzwerk).lnk
[2012.10.14 16:57:14 | 469,688,901 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2012.10.14 16:14:08 | 000,000,000 | ---- | M] () -- C:\Users\Friedel\defogger_reenable
[2012.10.14 15:50:06 | 000,302,592 | ---- | M] () -- C:\Users\Friedel\Desktop\0cog7507.exe
[2012.10.14 15:49:08 | 000,050,477 | ---- | M] () -- C:\Users\Friedel\Desktop\Defogger.exe
[2012.10.14 15:38:12 | 000,009,888 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.10.14 15:38:11 | 000,009,888 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.10.14 14:35:33 | 000,001,075 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.10.14 14:11:35 | 000,076,348 | ---- | M] () -- C:\ProgramData\uvyfebthvgndprn
[2012.10.14 14:11:29 | 000,110,592 | ---- | M] () -- C:\ProgramData\mywmdfzs.exe
[2012.10.14 14:10:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.10.14 14:01:00 | 000,000,260 | ---- | M] () -- C:\Windows\tasks\HP Photo Creations Messager.job
[2012.10.14 13:44:06 | 000,825,283 | ---- | M] () -- C:\Windows\System32\sig.bin
[2012.10.14 13:44:06 | 000,044,928 | ---- | M] () -- C:\Windows\System32\nmp.map
[2012.10.13 20:38:02 | 000,011,851 | ---- | M] () -- C:\Users\Friedel\Desktop\1-5.jpg
[2012.10.13 16:38:04 | 000,001,108 | ---- | M] () -- C:\Users\Public\Desktop\StarCraft II.lnk
[2012.10.12 20:40:23 | 000,001,882 | ---- | M] () -- C:\Users\Friedel\Desktop\Messages from Mike - Verknüpfung.lnk
[2012.10.09 20:53:10 | 000,705,696 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012.10.09 20:53:10 | 000,666,882 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.10.09 20:53:10 | 000,150,440 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012.10.09 20:53:10 | 000,126,238 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.10.08 10:31:10 | 000,603,710 | ---- | M] () -- C:\Users\Friedel\Desktop\Canon TS-E 24mm f_3.5 L II Objektiv 4960999635163 _ eBay.pdf
[2012.10.06 12:53:32 | 058,414,603 | ---- | M] () -- C:\Users\Friedel\Desktop\Intro_US_2.wmv
[2012.10.06 12:15:26 | 083,822,713 | ---- | M] () -- C:\Users\Friedel\Desktop\National Parks.wmv
[2012.10.06 12:06:18 | 000,107,056 | ---- | M] () -- C:\Users\Friedel\Documents\Intro_US_2.veg
[2012.10.05 00:11:04 | 000,107,152 | ---- | M] () -- C:\Users\Friedel\Documents\Intro_US_2.veg.bak
[2012.10.03 19:49:24 | 184,382,713 | ---- | M] () -- C:\Users\Friedel\Desktop\National Park_large.wmv
[2012.10.03 18:40:14 | 000,102,680 | ---- | M] () -- C:\Users\Friedel\Documents\Intro_US.veg
[2012.10.03 18:29:56 | 000,099,096 | ---- | M] () -- C:\Users\Friedel\Documents\Intro_US.veg.bak
[2012.10.01 09:35:16 | 006,187,974 | ---- | M] () -- C:\Users\Friedel\Desktop\IMG_2274.JPG
[2012.10.01 09:20:32 | 006,161,863 | ---- | M] () -- C:\Users\Friedel\Desktop\IMG_2258.JPG
[2012.09.23 22:00:19 | 141,647,184 | ---- | M] () -- C:\Users\Friedel\Desktop\Crater Lake_panoramic.bmp
[2012.09.23 18:29:24 | 019,925,705 | ---- | M] () -- C:\Users\Friedel\Desktop\Bildbeispiel_Brennweite.wmv
[2012.09.23 18:16:23 | 000,037,872 | ---- | M] () -- C:\Users\Friedel\Desktop\LOTR_THE_FELLOWSHIP_OF_THE_RING Title 1 (1).wmv.sfk0
[2012.09.23 18:11:03 | 021,773,816 | ---- | M] () -- C:\Users\Friedel\Desktop\LOTR_THE_FELLOWSHIP_OF_THE_RING Title 1 (1).wmv.sfap1
[2012.09.23 18:09:39 | 012,448,115 | ---- | M] () -- C:\Users\Friedel\Desktop\LOTR_THE_FELLOWSHIP_OF_THE_RING Title 1 (1).wmv
[2012.09.23 17:37:57 | 008,766,348 | ---- | M] () -- C:\Users\Friedel\Desktop\LOTR_THE_FELLOWSHIP_OF_THE_RING Title 1.mp4
[2012.09.23 16:28:40 | 000,307,696 | ---- | M] () -- C:\Users\Friedel\Desktop\Canon EF 100mm 2,8 L IS USM Macro Objektiv_ Amazon.de_ Elektronik.pdf
[4 C:\Users\Friedel\Documents\*.tmp files -> C:\Users\Friedel\Documents\*.tmp -> ]
[3 C:\Users\Friedel\*.tmp files -> C:\Users\Friedel\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2012.10.14 16:24:28 | 000,302,592 | ---- | C] () -- C:\Users\Friedel\Desktop\0cog7507.exe
[2012.10.14 16:14:08 | 000,000,000 | ---- | C] () -- C:\Users\Friedel\defogger_reenable
[2012.10.14 16:13:21 | 000,050,477 | ---- | C] () -- C:\Users\Friedel\Desktop\Defogger.exe
[2012.10.14 14:35:33 | 000,001,075 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.10.14 14:11:34 | 000,110,592 | ---- | C] () -- C:\ProgramData\mywmdfzs.exe
[2012.10.14 14:11:29 | 000,076,348 | ---- | C] () -- C:\ProgramData\uvyfebthvgndprn
[2012.10.13 20:38:02 | 000,011,851 | ---- | C] () -- C:\Users\Friedel\Desktop\1-5.jpg
[2012.10.13 14:31:22 | 000,001,108 | ---- | C] () -- C:\Users\Public\Desktop\StarCraft II.lnk
[2012.10.08 10:31:07 | 000,603,710 | ---- | C] () -- C:\Users\Friedel\Desktop\Canon TS-E 24mm f_3.5 L II Objektiv 4960999635163 _ eBay.pdf
[2012.10.03 21:33:35 | 058,414,603 | ---- | C] () -- C:\Users\Friedel\Desktop\Intro_US_2.wmv
[2012.10.03 20:02:19 | 083,822,713 | ---- | C] () -- C:\Users\Friedel\Desktop\National Parks.wmv
[2012.10.03 19:50:42 | 000,107,152 | ---- | C] () -- C:\Users\Friedel\Documents\Intro_US_2.veg.bak
[2012.10.03 19:50:42 | 000,107,056 | ---- | C] () -- C:\Users\Friedel\Documents\Intro_US_2.veg
[2012.10.03 19:17:54 | 184,382,713 | ---- | C] () -- C:\Users\Friedel\Desktop\National Park_large.wmv
[2012.10.03 17:45:39 | 000,102,680 | ---- | C] () -- C:\Users\Friedel\Documents\Intro_US.veg
[2012.10.03 17:45:39 | 000,099,096 | ---- | C] () -- C:\Users\Friedel\Documents\Intro_US.veg.bak
[2012.10.01 10:17:58 | 006,187,974 | ---- | C] () -- C:\Users\Friedel\Desktop\IMG_2274.JPG
[2012.10.01 10:17:35 | 006,161,863 | ---- | C] () -- C:\Users\Friedel\Desktop\IMG_2258.JPG
[2012.09.23 22:00:17 | 141,647,184 | ---- | C] () -- C:\Users\Friedel\Desktop\Crater Lake_panoramic.bmp
[2012.09.23 18:14:03 | 019,925,705 | ---- | C] () -- C:\Users\Friedel\Desktop\Bildbeispiel_Brennweite.wmv
[2012.09.23 18:11:02 | 021,773,816 | ---- | C] () -- C:\Users\Friedel\Desktop\LOTR_THE_FELLOWSHIP_OF_THE_RING Title 1 (1).wmv.sfap1
[2012.09.23 18:11:02 | 000,037,872 | ---- | C] () -- C:\Users\Friedel\Desktop\LOTR_THE_FELLOWSHIP_OF_THE_RING Title 1 (1).wmv.sfk0
[2012.09.23 18:09:16 | 012,448,115 | ---- | C] () -- C:\Users\Friedel\Desktop\LOTR_THE_FELLOWSHIP_OF_THE_RING Title 1 (1).wmv
[2012.09.23 17:37:49 | 008,766,348 | ---- | C] () -- C:\Users\Friedel\Desktop\LOTR_THE_FELLOWSHIP_OF_THE_RING Title 1.mp4
[2012.09.23 16:28:39 | 000,307,696 | ---- | C] () -- C:\Users\Friedel\Desktop\Canon EF 100mm 2,8 L IS USM Macro Objektiv_ Amazon.de_ Elektronik.pdf
[2012.05.28 18:01:41 | 000,029,374 | ---- | C] () -- C:\Users\Friedel\AppData\Local\recently-used.xbel
[2011.12.03 17:06:10 | 000,000,057 | ---- | C] () -- C:\ProgramData\Ament.ini
[2011.09.28 17:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat
[2011.09.14 11:47:40 | 000,053,760 | ---- | C] () -- C:\Windows\System32\OVDecode.dll
[2011.08.26 16:34:14 | 000,239,869 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2011.08.09 21:17:23 | 000,007,602 | ---- | C] () -- C:\Users\Friedel\AppData\Local\Resmon.ResmonCfg
[2011.06.25 21:28:45 | 000,825,283 | ---- | C] () -- C:\Windows\System32\sig.bin
[2011.06.15 20:17:50 | 000,001,940 | ---- | C] () -- C:\Users\Friedel\AppData\Local\{96C87F53-AC72-4604-A9CC-186A49F17F3C}.ini
[2011.03.30 23:13:26 | 001,841,000 | ---- | C] () -- C:\Windows\System32\HPScanTRDrv_DJ3070_B611.dll
[2011.03.17 19:51:44 | 000,003,929 | ---- | C] () -- C:\Windows\System32\atipblag.dat
[2010.10.24 15:36:40 | 000,116,224 | ---- | C] () -- C:\Windows\System32\pdfcmnnt.dll
[2010.10.08 15:47:43 | 727,973,887 | ---- | C] () -- C:\Users\Friedel\thedarkknight.wtv
[2010.06.20 09:02:18 | 000,000,952 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys
[2010.06.08 07:28:07 | 000,005,632 | ---- | C] () -- C:\Users\Friedel\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.05.25 18:15:33 | 000,001,958 | ---- | C] () -- C:\Users\Friedel\AppData\Roaming\wklnhst.dat
[2010.05.24 17:03:55 | 000,000,026 | ---- | C] () -- C:\Users\Friedel\1103e87c128cad76bae.notes
[2010.05.24 17:03:55 | 000,000,023 | ---- | C] () -- C:\Users\Friedel\1103e87c128cad76bae.details
[2010.05.24 15:49:55 | 000,000,378 | ---- | C] () -- C:\Users\Friedel\babed1aa128ca93ac76.details
[2010.05.24 15:49:55 | 000,000,000 | ---- | C] () -- C:\Users\Friedel\babed1aa128ca93ac76.notes
[2010.05.24 15:49:19 | 000,000,016 | ---- | C] () -- C:\Users\Friedel\persistent_state
 
========== ZeroAccess Check ==========
 
[2009.07.14 06:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 06:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 03:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
========== LOP Check ==========
 
[2012.10.19 15:45:54 | 000,000,000 | -HSD | M] -- C:\Users\Friedel\AppData\Roaming\.#
[2010.05.25 19:42:37 | 000,000,000 | ---D | M] -- C:\Users\Friedel\AppData\Roaming\Ace
[2012.10.19 14:54:59 | 000,000,000 | ---D | M] -- C:\Users\Friedel\AppData\Roaming\ALDI_SUED_Mah_Jong
[2012.05.06 17:46:05 | 000,000,000 | ---D | M] -- C:\Users\Friedel\AppData\Roaming\Audacity
[2011.12.18 11:48:32 | 000,000,000 | ---D | M] -- C:\Users\Friedel\AppData\Roaming\Blender Foundation
[2010.07.07 14:35:39 | 000,000,000 | ---D | M] -- C:\Users\Friedel\AppData\Roaming\FreeVideoConverter
[2011.10.15 17:29:33 | 000,000,000 | ---D | M] -- C:\Users\Friedel\AppData\Roaming\Might & Magic Heroes VI - Game Official Demo
[2010.05.30 13:59:05 | 000,000,000 | ---D | M] -- C:\Users\Friedel\AppData\Roaming\Opera
[2010.05.24 08:56:29 | 000,000,000 | ---D | M] -- C:\Users\Friedel\AppData\Roaming\Petroglyph
[2011.06.26 11:49:11 | 000,000,000 | ---D | M] -- C:\Users\Friedel\AppData\Roaming\Publish Providers
[2011.05.27 06:37:07 | 000,000,000 | ---D | M] -- C:\Users\Friedel\AppData\Roaming\Research In Motion
[2011.08.06 20:54:55 | 000,000,000 | ---D | M] -- C:\Users\Friedel\AppData\Roaming\Sony
[2011.08.06 20:29:55 | 000,000,000 | ---D | M] -- C:\Users\Friedel\AppData\Roaming\Sony Creative Software Inc
[2011.05.07 11:10:07 | 000,000,000 | ---D | M] -- C:\Users\Friedel\AppData\Roaming\SPORE
[2012.09.24 21:11:11 | 000,000,000 | ---D | M] -- C:\Users\Friedel\AppData\Roaming\Temp
[2010.05.25 18:15:35 | 000,000,000 | ---D | M] -- C:\Users\Friedel\AppData\Roaming\Template
[2010.10.23 19:51:12 | 000,000,000 | ---D | M] -- C:\Users\Friedel\AppData\Roaming\Thunderbird
[2010.08.11 17:19:12 | 000,000,000 | ---D | M] -- C:\Users\Friedel\AppData\Roaming\Ulead Systems
[2012.05.13 18:13:10 | 000,000,000 | ---D | M] -- C:\Users\Friedel\AppData\Roaming\Wacom
[2012.05.13 18:13:14 | 000,000,000 | ---D | M] -- C:\Users\Friedel\AppData\Roaming\wacomid-desktop-launcher.DCFD4B89A63EE70BC162777F06D4B93B6397AEC7.1
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
< %ALLUSERSPROFILE%\Application Data\*. >
 
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
 
< %APPDATA%\*. >
[2012.10.19 15:45:54 | 000,000,000 | -HSD | M] -- C:\Users\Friedel\AppData\Roaming\.#
[2010.05.25 19:42:37 | 000,000,000 | ---D | M] -- C:\Users\Friedel\AppData\Roaming\Ace
[2012.04.26 18:35:27 | 000,000,000 | ---D | M] -- C:\Users\Friedel\AppData\Roaming\Adobe
[2012.10.19 14:54:59 | 000,000,000 | ---D | M] -- C:\Users\Friedel\AppData\Roaming\ALDI_SUED_Mah_Jong
[2011.12.27 16:28:12 | 000,000,000 | ---D | M] -- C:\Users\Friedel\AppData\Roaming\Apple Computer
[2010.05.07 18:16:03 | 000,000,000 | ---D | M] -- C:\Users\Friedel\AppData\Roaming\ATI
[2012.05.06 17:46:05 | 000,000,000 | ---D | M] -- C:\Users\Friedel\AppData\Roaming\Audacity
[2011.12.18 11:48:32 | 000,000,000 | ---D | M] -- C:\Users\Friedel\AppData\Roaming\Blender Foundation
[2010.06.20 09:02:18 | 000,000,000 | ---D | M] -- C:\Users\Friedel\AppData\Roaming\Corel
[2012.06.04 17:21:57 | 000,000,000 | ---D | M] -- C:\Users\Friedel\AppData\Roaming\dvdcss
[2010.07.07 14:35:39 | 000,000,000 | ---D | M] -- C:\Users\Friedel\AppData\Roaming\FreeVideoConverter
[2011.12.10 18:06:47 | 000,000,000 | ---D | M] -- C:\Users\Friedel\AppData\Roaming\HpUpdate
[2010.05.07 18:14:51 | 000,000,000 | ---D | M] -- C:\Users\Friedel\AppData\Roaming\Identities
[2010.05.23 21:15:46 | 000,000,000 | ---D | M] -- C:\Users\Friedel\AppData\Roaming\InstallShield
[2010.05.07 18:22:10 | 000,000,000 | ---D | M] -- C:\Users\Friedel\AppData\Roaming\Macromedia
[2012.10.14 14:35:40 | 000,000,000 | ---D | M] -- C:\Users\Friedel\AppData\Roaming\Malwarebytes
[2009.07.14 10:56:41 | 000,000,000 | ---D | M] -- C:\Users\Friedel\AppData\Roaming\Media Center Programs
[2012.09.15 12:41:13 | 000,000,000 | --SD | M] -- C:\Users\Friedel\AppData\Roaming\Microsoft
[2011.10.15 17:29:33 | 000,000,000 | ---D | M] -- C:\Users\Friedel\AppData\Roaming\Might & Magic Heroes VI - Game Official Demo
[2010.09.04 08:05:54 | 000,000,000 | ---D | M] -- C:\Users\Friedel\AppData\Roaming\Mozilla
[2010.05.30 13:59:05 | 000,000,000 | ---D | M] -- C:\Users\Friedel\AppData\Roaming\Opera
[2010.05.24 08:56:29 | 000,000,000 | ---D | M] -- C:\Users\Friedel\AppData\Roaming\Petroglyph
[2011.06.26 11:49:11 | 000,000,000 | ---D | M] -- C:\Users\Friedel\AppData\Roaming\Publish Providers
[2011.05.27 06:37:07 | 000,000,000 | ---D | M] -- C:\Users\Friedel\AppData\Roaming\Research In Motion
[2011.05.27 06:39:12 | 000,000,000 | ---D | M] -- C:\Users\Friedel\AppData\Roaming\Roxio
[2010.05.31 13:03:16 | 000,000,000 | RH-D | M] -- C:\Users\Friedel\AppData\Roaming\SecuROM
[2011.08.06 20:54:55 | 000,000,000 | ---D | M] -- C:\Users\Friedel\AppData\Roaming\Sony
[2011.08.06 20:29:55 | 000,000,000 | ---D | M] -- C:\Users\Friedel\AppData\Roaming\Sony Creative Software Inc
[2011.05.07 11:10:07 | 000,000,000 | ---D | M] -- C:\Users\Friedel\AppData\Roaming\SPORE
[2012.09.24 21:11:11 | 000,000,000 | ---D | M] -- C:\Users\Friedel\AppData\Roaming\Temp
[2010.05.25 18:15:35 | 000,000,000 | ---D | M] -- C:\Users\Friedel\AppData\Roaming\Template
[2010.10.23 19:51:12 | 000,000,000 | ---D | M] -- C:\Users\Friedel\AppData\Roaming\Thunderbird
[2010.08.11 17:19:12 | 000,000,000 | ---D | M] -- C:\Users\Friedel\AppData\Roaming\Ulead Systems
[2012.05.13 18:13:10 | 000,000,000 | ---D | M] -- C:\Users\Friedel\AppData\Roaming\Wacom
[2012.05.13 18:13:14 | 000,000,000 | ---D | M] -- C:\Users\Friedel\AppData\Roaming\wacomid-desktop-launcher.DCFD4B89A63EE70BC162777F06D4B93B6397AEC7.1
[2012.05.13 18:10:41 | 000,000,000 | ---D | M] -- C:\Users\Friedel\AppData\Roaming\WTablet
 
< %APPDATA%\*.exe /s >
[2011.05.02 08:27:34 | 000,053,632 | ---- | M] (Adobe Systems Inc.) -- C:\Users\Friedel\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
[2011.05.27 06:27:25 | 000,069,632 | R--- | M] (Macrovision Corporation) -- C:\Users\Friedel\AppData\Roaming\Microsoft\Installer\{14AD69CE-B59F-4EC2-BC3A-DB56105F3D62}\DesktopMgr.exe
[2011.05.27 06:27:25 | 000,026,694 | R--- | M] () -- C:\Users\Friedel\AppData\Roaming\Microsoft\Installer\{14AD69CE-B59F-4EC2-BC3A-DB56105F3D62}\NewShortcut12_C6ABA3677F944B9FBB00F060701B0B5A.exe
[2011.05.27 06:27:25 | 000,026,694 | R--- | M] () -- C:\Users\Friedel\AppData\Roaming\Microsoft\Installer\{14AD69CE-B59F-4EC2-BC3A-DB56105F3D62}\NewShortcut3_C6ABA3677F944B9FBB00F060701B0B5A.exe
[2011.05.27 06:27:25 | 000,026,694 | R--- | M] () -- C:\Users\Friedel\AppData\Roaming\Microsoft\Installer\{14AD69CE-B59F-4EC2-BC3A-DB56105F3D62}\NewShortcut4_C6ABA3677F944B9FBB00F060701B0B5A.exe
[2011.05.27 06:27:25 | 000,026,694 | R--- | M] () -- C:\Users\Friedel\AppData\Roaming\Microsoft\Installer\{14AD69CE-B59F-4EC2-BC3A-DB56105F3D62}\NewShortcut5_C6ABA3677F944B9FBB00F060701B0B5A.exe
[2011.05.27 06:27:25 | 000,026,694 | R--- | M] () -- C:\Users\Friedel\AppData\Roaming\Microsoft\Installer\{14AD69CE-B59F-4EC2-BC3A-DB56105F3D62}\NewShortcut600_C6ABA3677F944B9FBB00F060701B0B5A.exe
[2011.05.27 06:27:25 | 000,026,694 | R--- | M] () -- C:\Users\Friedel\AppData\Roaming\Microsoft\Installer\{14AD69CE-B59F-4EC2-BC3A-DB56105F3D62}\NewShortcut60_C6ABA3677F944B9FBB00F060701B0B5A.exe
[2011.05.27 06:27:25 | 000,026,694 | R--- | M] () -- C:\Users\Friedel\AppData\Roaming\Microsoft\Installer\{14AD69CE-B59F-4EC2-BC3A-DB56105F3D62}\NewShortcut6_C6ABA3677F944B9FBB00F060701B0B5A.exe
[2011.05.27 06:27:25 | 000,006,502 | R--- | M] () -- C:\Users\Friedel\AppData\Roaming\Microsoft\Installer\{14AD69CE-B59F-4EC2-BC3A-DB56105F3D62}\RedirectorEXE1_770DFD1204C24F4DA163D64FACCB5CBD.exe
[2011.05.27 06:27:25 | 000,006,502 | R--- | M] () -- C:\Users\Friedel\AppData\Roaming\Microsoft\Installer\{14AD69CE-B59F-4EC2-BC3A-DB56105F3D62}\RedirectorEXE2_770DFD1204C24F4DA163D64FACCB5CBD.exe
[2011.05.27 06:27:25 | 000,006,502 | R--- | M] () -- C:\Users\Friedel\AppData\Roaming\Microsoft\Installer\{14AD69CE-B59F-4EC2-BC3A-DB56105F3D62}\RedirectorEXE_770DFD1204C24F4DA163D64FACCB5CBD.exe
[2010.10.17 13:49:03 | 000,010,134 | R--- | M] () -- C:\Users\Friedel\AppData\Roaming\Microsoft\Installer\{20B1B020-DEAE-48D1-9960-D4C3185D758B}\Foren.exe
[2010.10.17 13:49:03 | 000,000,766 | R--- | M] () -- C:\Users\Friedel\AppData\Roaming\Microsoft\Installer\{20B1B020-DEAE-48D1-9960-D4C3185D758B}\htmledit.exe
 
< %SYSTEMDRIVE%\*.exe >
 
< MD5 for: AGP440.SYS  >
[2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\drivers\AGP440.sys
[2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_a97a2a0d0fbc6696\AGP440.sys
[2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_b9e9435f20046eeb\AGP440.sys
[2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_bc1a57271cf2f285\AGP440.sys
 
< MD5 for: ATAPI.SYS  >
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_fab873f3e8a3315c\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_df3f92057fcbe7a7\atapi.sys
 
< MD5 for: CNGAUDIT.DLL  >
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\System32\cngaudit.dll
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
 
< MD5 for: EVENTLOG.DLL  >
[2010.07.14 14:23:42 | 000,043,520 | ---- | M] (Panasonic Corporation) MD5=EE613DB85749B7B4927DFE2F1BDBB67C -- C:\Program Files\Panasonic\HD Writer AE 2.6T\Core\EventLog\EventLog.dll
[2010.07.14 14:23:42 | 000,043,520 | ---- | M] (Panasonic Corporation) MD5=EE613DB85749B7B4927DFE2F1BDBB67C -- C:\Program Files\Panasonic\HD Writer AE 2.6T\Core\Spec\AVCHD\BDCore\EventLog.dll
 
< MD5 for: IASTORV.SYS  >
[2011.03.11 07:38:51 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- C:\Windows\System32\drivers\iaStorV.sys
[2011.03.11 07:38:51 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_0bcee2057afcc090\iaStorV.sys
[2011.03.11 07:38:51 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_b0daddb9e6380745\iaStorV.sys
[2011.03.11 07:43:55 | 000,332,160 | ---- | M] (Intel Corporation) MD5=71F1A494FEDF4B33C02C4A6A28D6D9E9 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.16778_none_aef580fde910b4b0\iaStorV.sys
[2011.03.11 07:28:00 | 000,332,160 | ---- | M] (Intel Corporation) MD5=778D0E6D7D9EBA0C403BADBAAD41DB20 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_b152a892ff64119f\iaStorV.sys
[2009.07.14 03:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_aee7a89be91b9000\iaStorV.sys
[2010.11.20 14:29:54 | 000,332,160 | ---- | M] (Intel Corporation) MD5=A3CAE5D281DB4CFF7CFF8233507EE5AD -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_668286aa35d55928\iaStorV.sys
[2010.11.20 14:29:54 | 000,332,160 | ---- | M] (Intel Corporation) MD5=A3CAE5D281DB4CFF7CFF8233507EE5AD -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_b118bc63e60a139a\iaStorV.sys
[2011.03.11 07:52:21 | 000,332,160 | ---- | M] (Intel Corporation) MD5=B9039A34C2F8769490DCC494E2402445 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.20921_none_afae2d45020c148b\iaStorV.sys
 
< MD5 for: NETLOGON.DLL  >
[2010.11.20 14:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\System32\netlogon.dll
[2010.11.20 14:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_ffbf212e963c0162\netlogon.dll
[2009.07.14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_fd8e0d66994d7dc8\netlogon.dll
 
< MD5 for: NVSTOR.SYS  >
[2011.03.11 07:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- C:\Windows\System32\drivers\nvstor.sys
[2011.03.11 07:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_0276fc3b3ea60d41\nvstor.sys
[2011.03.11 07:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_3ba44e691d6eb11d\nvstor.sys
[2011.03.11 07:44:01 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4520B63899E867F354EE012D34E11536 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_39bef1ad20475e88\nvstor.sys
[2011.03.11 07:28:10 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=66D468654A58594F5F3BA63D5AD5B1AF -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_3c1c1942369abb77\nvstor.sys
[2011.03.11 07:52:25 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=8A7583A3B58D3EEB28BB26626526BC91 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_3a779df43942be63\nvstor.sys
[2010.11.20 14:30:06 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=9283C58EBAA2618F93482EB5DABCEC82 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_dd659ed032d28a14\nvstor.sys
[2010.11.20 14:30:06 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=9283C58EBAA2618F93482EB5DABCEC82 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_3be22d131d40bd72\nvstor.sys
[2009.07.14 03:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_39b1194b205239d8\nvstor.sys
 
< MD5 for: SCECLI.DLL  >
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_37e4387f3a6f0483\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\System32\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_3a154c47375d881d\scecli.dll
 
< MD5 for: USER32.DLL  >
[2009.07.14 03:16:17 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=34B7E222E81FAFA885F0C5F2CFA56861 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_cd0ec264ceb014a3\user32.dll
[2010.11.20 14:21:33 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=F1DD3ACAEE5E6B4BBC69BC6DF75CEF66 -- C:\Windows\System32\user32.dll
[2010.11.20 14:21:33 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=F1DD3ACAEE5E6B4BBC69BC6DF75CEF66 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_cf3fd62ccb9e983d\user32.dll
 
< MD5 for: USERINIT.EXE  >
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\System32\userinit.exe
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
 
< MD5 for: WININIT.EXE  >
[2009.07.14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\System32\wininit.exe
[2009.07.14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe
 
< MD5 for: WINLOGON.EXE  >
[2009.10.28 08:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe
[2009.10.28 07:52:08 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe
[2012.09.07 17:04:42 | 000,218,696 | ---- | M] () MD5=4E0D8C9F83B7FD82393F7D8CCC27E7AE -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2010.11.20 14:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\System32\winlogon.exe
[2010.11.20 14:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe
[2009.07.14 03:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe
 
< MD5 for: WS2IFSL.SYS  >
[2009.07.14 01:55:02 | 000,016,384 | ---- | M] (Microsoft Corporation) MD5=6DB3276587B853BF886B69528FDB048C -- C:\Windows\System32\drivers\ws2ifsl.sys
[2009.07.14 01:55:02 | 000,016,384 | ---- | M] (Microsoft Corporation) MD5=6DB3276587B853BF886B69528FDB048C -- C:\Windows\winsxs\x86_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_4f5cf6f829213bb2\ws2ifsl.sys
 
< %systemroot%\system32\drivers\*.sys /lockedfiles >
 
< %systemroot%\System32\config\*.sav >
 
< %systemroot%\*. /mp /s >
 
< %systemroot%\system32\*.dll /lockedfiles >
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 76 bytes -> C:\Users\Friedel\Documents\nfv.bmp:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Friedel\Documents\Handout Physik.doc:Roxio EMC Stream

< End of report >

--- --- ---

cosinus · 23.10.2012, 11:33

Mach einen OTL-Fix, beende alle evtl. geöffneten Programme, auch Virenscanner deaktivieren (!), starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!)

Code:

ATTFilter

:OTL
IE - HKU\S-1-5-21-3744982105-1280326129-4264077337-1000\..\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E}: "URL" = http://127.0.0.1:4664/search&s=mI-j8KbO_ixizyRHH-boFqQjMH4?q={searchTerms}
FF - prefs.js..extensions.enabledItems: pdfforge@mybrowserbar.com:6.2
FF - prefs.js..extensions.enabledItems: wtxpcom@mybrowserbar.com:6.2
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\S-1-5-21-3744982105-1280326129-4264077337-1000\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O4 - HKU\S-1-5-21-3744982105-1280326129-4264077337-1000..\Run: [Start WingMan Profiler]  File not found
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [Conime] %windir%\system32\conime.exe File not found
O4 - HKU\S-1-5-21-3744982105-1280326129-4264077337-1000..\Run: [mywmdfzslonndag] C:\ProgramData\mywmdfzs.exe ()
:Files
C:\ProgramData\tvmklivslpgoqej
C:\ProgramData\mywmdfzs.exe
C:\ProgramData\uvyfebthvgndprn
C:\Users\Friedel\AppData\Roaming\.#
C:\Program Files\Common Files\Spigot
C:\Program Files\pdfforge Toolbar
ipconfig /flushdns /c
:Commands
[purity]
[emptytemp]
[resethosts]

Klick dann oben links auf den Button Fix!
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet.

Die mit diesem Script gefixten Einträge, Dateien und Ordner werden zur Sicherheit nicht vollständig gelöscht, es wird eine Sicherheitskopie auf der Systempartition im Ordner "_OTL" erstellt.

Hinweis: Das obige Script ist nur für diesen einen User in dieser Situtation erstellt worden. Es ist auf keinen anderen Rechner portierbar und darf nicht anderweitig verwandt werden, da es das System nachhaltig schädigen kann!

turambar · 26.10.2012, 18:22

Code:

ATTFilter

All processes killed
========== OTL ==========
Registry key HKEY_USERS\S-1-5-21-3744982105-1280326129-4264077337-1000\Software\Microsoft\Internet Explorer\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{70D46D94-BF1E-45ED-B567-48701376298E}\ not found.
Prefs.js: pdfforge@mybrowserbar.com:6.2 removed from extensions.enabledItems
Prefs.js: wtxpcom@mybrowserbar.com:6.2 removed from extensions.enabledItems
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_USERS\S-1-5-21-3744982105-1280326129-4264077337-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{21FA44EF-376D-4D53-9B0F-8A89D3229068} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{21FA44EF-376D-4D53-9B0F-8A89D3229068}\ not found.
Registry value HKEY_USERS\S-1-5-21-3744982105-1280326129-4264077337-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Start WingMan Profiler deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Conime deleted successfully.
Registry value HKEY_USERS\S-1-5-21-3744982105-1280326129-4264077337-1000\Software\Microsoft\Windows\CurrentVersion\Run\\mywmdfzslonndag deleted successfully.
C:\ProgramData\mywmdfzs.exe moved successfully.
========== FILES ==========
C:\ProgramData\tvmklivslpgoqej folder moved successfully.
File\Folder C:\ProgramData\mywmdfzs.exe not found.
C:\ProgramData\uvyfebthvgndprn moved successfully.
C:\Users\Friedel\AppData\Roaming\.# folder moved successfully.
File\Folder C:\Program Files\Common Files\Spigot not found.
File\Folder C:\Program Files\pdfforge Toolbar not found.
< ipconfig /flushdns /c >
Windows-IP-Konfiguration
Der DNS-Aufl”sungscache wurde geleert.
C:\Users\Friedel\Desktop\cmd.bat deleted successfully.
C:\Users\Friedel\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: All Users
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 56466 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
 
User: Friedel
->Temp folder emptied: 1232511813 bytes
->Temporary Internet Files folder emptied: 146637614 bytes
->Java cache emptied: 104568691 bytes
->FireFox cache emptied: 97138605 bytes
->Google Chrome cache emptied: 1905008 bytes
->Apple Safari cache emptied: 212054016 bytes
->Opera cache emptied: 15730900 bytes
->Flash cache emptied: 80371 bytes
 
User: Public
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 237258870 bytes
RecycleBin emptied: 9730034323 bytes
 
Total Files Cleaned = 11.232,00 mb
 
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
 
OTL by OldTimer - Version 3.2.69.0 log created on 10262012_191200

Files\Folders moved on Reboot...

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

Der Desktop wird jetzt wieder auch im nicht-abgesicherten Modus angezeigt!

Ein großes Dankeschön dafür!!

Ist die 'Behandlung' damit schon abgeschlossen?

cosinus · 27.10.2012, 14:16

1. aswMBR

Downloade dir bitte aswMBR.exe und speichere die Datei auf deinem Desktop.

Hinweis: Bitte den Virenscanner abstellen bevor du aswMBR ausführst, denn v.a. Avira meldet darin oft einen Fehalalrm!

Starte die aswMBR.exe Vista und Win7 User aswMBR per Rechtsklick "als Administrator ausführen"
Das Tool wird dich fragen, ob Du mit der aktuellen Virendefinition von AVAST! dein System scannen willst. Beantworte diese Frage bitte mit Ja. (Sollte deine Firewall fragen, bitte den Zugriff auf das Internet zulassen) Der Download der Definitionen kann je nach Verbindung eine Weile dauern.
Klicke auf Scan.
Warte bitte bis Scan finished successfully im DOS Fenster steht.
Drücke auf Save Log und speichere diese auf dem Desktop.

Poste mir die aswMBR.txt in deiner nächsten Antwort. Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte es erneut nicht klappen teile mir das bitte mit.

Noch ein Hinweis: Sollte aswMBR abstürzen und es kommt eine Meldung wie "aswMBR.exe funktioniert nicht mehr, dann mach Folgendes:
Starte aswMBR neu, wähle unten links im Drop-Down-Menü (unten links im Fenster von aswMBR) bei "AV scan" (none) aus und klick nochmal auf den Scan-Button.

2. TDSS-Killer

Download TDSS-Killer auf Desktop siehe => http://www.trojaner-board.de/82358-t...entfernen.html

Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm!

Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet,
Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten.

Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition ( meistens Laufwerk C: ) nach, da speichert der TDSS-Killer seine Logs.

Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten!

turambar · 28.10.2012, 09:05

Bitte sehr:

Code:

ATTFilter

aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-10-28 08:39:03
-----------------------------
08:39:03.704    OS Version: Windows 6.1.7601 Service Pack 1
08:39:03.704    Number of processors: 4 586 0x402
08:39:03.704    ComputerName: WHEATLEY  UserName: Friedel
08:39:07.870    Initialize success
08:39:16.231    AVAST engine defs: 12102701
08:39:30.146    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000061
08:39:30.146    Disk 0 Vendor: WDC_WD15 80.0 Size: 1430799MB BusType: 11
08:39:30.162    Disk 0 MBR read successfully
08:39:30.162    Disk 0 MBR scan
08:39:30.162    Disk 0 unknown MBR code
08:39:30.178    Disk 0 Partition 1 80 (A) 07    HPFS/NTFS NTFS          100 MB offset 2048
08:39:30.178    Disk 0 Partition 2 00     07    HPFS/NTFS NTFS      1409191 MB offset 206848
08:39:30.209    Disk 0 Partition 3 00     07    HPFS/NTFS NTFS        20480 MB offset 2886230016
08:39:30.240    Disk 0 Partition 4 00     12  Compaq diag NTFS         1026 MB offset 2928173056
08:39:30.256    Disk 0 scanning sectors +2930274304
08:39:30.318    Disk 0 scanning C:\Windows\system32\drivers
08:39:49.397    Service scanning
08:40:27.664    Modules scanning
08:40:49.285    Disk 0 trace - called modules:
08:40:49.363    ntkrnlpa.exe CLASSPNP.SYS disk.sys amdxata.sys storport.sys halmacpi.dll amdsata.sys 
08:40:49.379    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x868e0030]
08:40:49.379    3 CLASSPNP.SYS[8c38259e] -> nt!IofCallDriver -> [0x859906c0]
08:40:49.379    5 amdxata.sys[8bf847b6] -> nt!IofCallDriver -> \Device\00000061[0x86897030]
08:40:49.395    Scan finished successfully
08:57:45.346    Disk 0 MBR has been saved successfully to "C:\Users\Friedel\Desktop\MBR.dat"
08:57:45.362    The log file has been saved successfully to "C:\Users\Friedel\Desktop\aswMBR.txt"

Nur zur Information: aswMBR hatte mehrere Fehler beim Laufen. Zuerst Stand im DOS-Fenster "Failed to load driver" (o.Ä.), danach stürzte das Programm beim ersten Scan ab und schließlich war der Scan-Button ausgeblendet.

Code:

ATTFilter

08:59:11.0532 7256  TDSS rootkit removing tool 2.8.13.0 Oct 12 2012 17:26:47
08:59:13.0547 7256  ============================================================
08:59:13.0547 7256  Current date / time: 2012/10/28 08:59:13.0547
08:59:13.0547 7256  SystemInfo:
08:59:13.0547 7256  
08:59:13.0547 7256  OS Version: 6.1.7601 ServicePack: 1.0
08:59:13.0547 7256  Product type: Workstation
08:59:13.0547 7256  ComputerName: WHEATLEY
08:59:13.0547 7256  UserName: Friedel
08:59:13.0547 7256  Windows directory: C:\Windows
08:59:13.0547 7256  System windows directory: C:\Windows
08:59:13.0547 7256  Processor architecture: Intel x86
08:59:13.0547 7256  Number of processors: 4
08:59:13.0547 7256  Page size: 0x1000
08:59:13.0547 7256  Boot type: Normal boot
08:59:13.0547 7256  ============================================================
08:59:15.0122 7256  Drive \Device\Harddisk0\DR0 - Size: 0x15D50F66000 (1397.27 Gb), SectorSize: 0x200, Cylinders: 0x2C881, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
08:59:15.0169 7256  ============================================================
08:59:15.0169 7256  \Device\Harddisk0\DR0:
08:59:15.0169 7256  MBR partitions:
08:59:15.0169 7256  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
08:59:15.0169 7256  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xAC053800
08:59:15.0169 7256  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0xAC086000, BlocksNum 0x2800000
08:59:15.0169 7256  ============================================================
08:59:15.0200 7256  C: <-> \Device\Harddisk0\DR0\Partition2
08:59:15.0247 7256  D: <-> \Device\Harddisk0\DR0\Partition3
08:59:15.0247 7256  ============================================================
08:59:15.0247 7256  Initialize success
08:59:15.0247 7256  ============================================================
08:59:43.0748 6896  ============================================================
08:59:43.0748 6896  Scan started
08:59:43.0748 6896  Mode: Manual; SigCheck; TDLFS; 
08:59:43.0748 6896  ============================================================
08:59:45.0652 6896  ================ Scan system memory ========================
08:59:45.0652 6896  System memory - ok
08:59:45.0652 6896  ================ Scan services =============================
08:59:45.0823 6896  [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
08:59:45.0995 6896  1394ohci - ok
08:59:46.0042 6896  [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
08:59:46.0073 6896  ACPI - ok
08:59:46.0104 6896  [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
08:59:46.0166 6896  AcpiPmi - ok
08:59:46.0260 6896  [ 3FD8DC2C9735C2AA70155102CFB93EDA ] AdobeActiveFileMonitor7.0 C:\Program Files\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe
08:59:46.0307 6896  AdobeActiveFileMonitor7.0 - ok
08:59:46.0385 6896  [ 44C00A385CA9DBC1D5CF3781F8C26AEA ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
08:59:46.0432 6896  AdobeFlashPlayerUpdateSvc - ok
08:59:46.0463 6896  [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
08:59:46.0525 6896  adp94xx - ok
08:59:46.0556 6896  [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
08:59:46.0588 6896  adpahci - ok
08:59:46.0619 6896  [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
08:59:46.0666 6896  adpu320 - ok
08:59:46.0697 6896  [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
08:59:46.0775 6896  AeLookupSvc - ok
08:59:46.0837 6896  [ 9EBBBA55060F786F0FCAA3893BFA2806 ] AFD             C:\Windows\system32\drivers\afd.sys
08:59:46.0900 6896  AFD - ok
08:59:46.0915 6896  [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440          C:\Windows\system32\drivers\agp440.sys
08:59:46.0931 6896  agp440 - ok
08:59:46.0962 6896  [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx         C:\Windows\system32\DRIVERS\djsvs.sys
08:59:46.0993 6896  aic78xx - ok
08:59:47.0009 6896  [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG             C:\Windows\System32\alg.exe
08:59:47.0024 6896  ALG - ok
08:59:47.0040 6896  [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide          C:\Windows\system32\drivers\aliide.sys
08:59:47.0102 6896  aliide - ok
08:59:47.0149 6896  [ 4B808991F51D50BC6A3A3C8541D52748 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
08:59:47.0227 6896  AMD External Events Utility - ok
08:59:47.0290 6896  AMD FUEL Service - ok
08:59:47.0305 6896  [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp          C:\Windows\system32\drivers\amdagp.sys
08:59:47.0352 6896  amdagp - ok
08:59:47.0368 6896  [ 211FCE336502911EC03FC15A91344C98 ] amdide          C:\Windows\system32\DRIVERS\amdide.sys
08:59:47.0399 6896  amdide - ok
08:59:47.0414 6896  [ FF258424F0B2EF25EB98F04EE386E6E3 ] amdiox86        C:\Windows\system32\DRIVERS\amdiox86.sys
08:59:47.0446 6896  amdiox86 - ok
08:59:47.0446 6896  [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
08:59:47.0477 6896  AmdK8 - ok
08:59:47.0695 6896  [ BC7C2154C4B23F74222859C4D93A3039 ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
08:59:47.0961 6896  amdkmdag - ok
08:59:48.0023 6896  [ DC5D417390A70DB5583374A232BE622F ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
08:59:48.0132 6896  amdkmdap - ok
08:59:48.0163 6896  [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
08:59:48.0179 6896  AmdPPM - ok
08:59:48.0195 6896  [ 6F64C768A9A48FAB7C6D6CEE1B30F97F ] amdsata         C:\Windows\system32\DRIVERS\amdsata.sys
08:59:48.0210 6896  amdsata - ok
08:59:48.0226 6896  [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
08:59:48.0257 6896  amdsbs - ok
08:59:48.0257 6896  [ E27866684780606BCCE640A57937D88A ] amdxata         C:\Windows\system32\DRIVERS\amdxata.sys
08:59:48.0273 6896  amdxata - ok
08:59:48.0304 6896  [ 62B03AFE5CC83BACF064848DAA295D9C ] AODDriver4.01   C:\Program Files\ATI Technologies\ATI.ACE\Fuel\i386\AODDriver2.sys
08:59:48.0304 6896  AODDriver4.01 ( UnsignedFile.Multi.Generic ) - warning
08:59:48.0304 6896  AODDriver4.01 - detected UnsignedFile.Multi.Generic (1)
08:59:48.0351 6896  [ AEA177F783E20150ACE5383EE368DA19 ] AppID           C:\Windows\system32\drivers\appid.sys
08:59:48.0413 6896  AppID - ok
08:59:48.0413 6896  [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
08:59:48.0460 6896  AppIDSvc - ok
08:59:48.0507 6896  [ FB1959012294D6AD43E5304DF65E3C26 ] Appinfo         C:\Windows\System32\appinfo.dll
08:59:48.0585 6896  Appinfo - ok
08:59:48.0663 6896  [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
08:59:48.0709 6896  Apple Mobile Device - ok
08:59:48.0725 6896  [ 2932004F49677BD84DBC72EDB754FFB3 ] arc             C:\Windows\system32\DRIVERS\arc.sys
08:59:48.0741 6896  arc - ok
08:59:48.0756 6896  [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
08:59:48.0772 6896  arcsas - ok
08:59:48.0787 6896  [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
08:59:48.0834 6896  AsyncMac - ok
08:59:48.0865 6896  [ 338C86357871C167A96AB976519BF59E ] atapi           C:\Windows\system32\drivers\atapi.sys
08:59:48.0881 6896  atapi - ok
08:59:48.0912 6896  [ 430449D04B05348879244C9090D405B4 ] AtiHdmiService  C:\Windows\system32\drivers\AtiHdmi.sys
08:59:48.0928 6896  AtiHdmiService - ok
08:59:48.0943 6896  [ B73C832088DD54B55E04FF6F9646AD8C ] AtiPcie         C:\Windows\system32\DRIVERS\AtiPcie.sys
08:59:48.0959 6896  AtiPcie - ok
08:59:48.0990 6896  [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
08:59:49.0037 6896  AudioEndpointBuilder - ok
08:59:49.0037 6896  [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv        C:\Windows\System32\Audiosrv.dll
08:59:49.0084 6896  Audiosrv - ok
08:59:49.0162 6896  [ 2E4D73A8109F410C3B05AFEE56EACA3B ] AVKProxy        C:\Program Files\Common Files\G Data\AVKProxy\AVKProxy.exe
08:59:49.0255 6896  AVKProxy - ok
08:59:49.0287 6896  [ 66FC53A681531D1D095834C0A217EEDC ] AVKService      C:\Program Files\G Data\AntiVirus\AVK\AVKService.exe
08:59:49.0318 6896  AVKService - ok
08:59:49.0365 6896  [ B4658926371519091D6559544FA510C9 ] AVKWCtl         C:\Program Files\G Data\AntiVirus\AVK\AVKWCtl.exe
08:59:49.0458 6896  AVKWCtl - ok
08:59:49.0521 6896  [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV        C:\Windows\System32\AxInstSV.dll
08:59:49.0583 6896  AxInstSV - ok
08:59:49.0614 6896  [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbdx.sys
08:59:49.0645 6896  b06bdrv - ok
08:59:49.0661 6896  [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x        C:\Windows\system32\DRIVERS\b57nd60x.sys
08:59:49.0692 6896  b57nd60x - ok
08:59:49.0755 6896  [ 483F1162EEEBD10BF77FBB32DB963370 ] BBSvc           C:\Program Files\Microsoft\BingBar\BBSvc.EXE
08:59:49.0801 6896  BBSvc - ok
08:59:49.0817 6896  [ 78779EE07231C658B483B1F38B5088DF ] BBUpdate        C:\Program Files\Microsoft\BingBar\SeaPort.EXE
08:59:49.0848 6896  BBUpdate - ok
08:59:49.0879 6896  [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC          C:\Windows\System32\bdesvc.dll
08:59:49.0957 6896  BDESVC - ok
08:59:49.0957 6896  [ 505506526A9D467307B3C393DEDAF858 ] Beep            C:\Windows\system32\drivers\Beep.sys
08:59:50.0004 6896  Beep - ok
08:59:50.0067 6896  [ 1E2BAC209D184BB851E1A187D8A29136 ] BFE             C:\Windows\System32\bfe.dll
08:59:50.0113 6896  BFE - ok
08:59:50.0129 6896  [ E585445D5021971FAE10393F0F1C3961 ] BITS            C:\Windows\System32\qmgr.dll
08:59:50.0191 6896  BITS - ok
08:59:50.0207 6896  [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
08:59:50.0285 6896  blbdrive - ok
08:59:50.0347 6896  [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
08:59:50.0394 6896  Bonjour Service - ok
08:59:50.0457 6896  [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
08:59:50.0519 6896  bowser - ok
08:59:50.0535 6896  [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
08:59:50.0566 6896  BrFiltLo - ok
08:59:50.0581 6896  [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
08:59:50.0613 6896  BrFiltUp - ok
08:59:50.0644 6896  [ 3DAA727B5B0A45039B0E1C9A211B8400 ] Browser         C:\Windows\System32\browser.dll
08:59:50.0706 6896  Browser - ok
08:59:50.0722 6896  [ 845B8CE732E67F3B4133164868C666EA ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
08:59:50.0737 6896  Brserid - ok
08:59:50.0753 6896  [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
08:59:50.0800 6896  BrSerWdm - ok
08:59:50.0815 6896  [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
08:59:50.0847 6896  BrUsbMdm - ok
08:59:50.0862 6896  [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
08:59:50.0893 6896  BrUsbSer - ok
08:59:50.0940 6896  [ 2865A5C8E98C70C605F417908CEBB3A4 ] BthEnum         C:\Windows\system32\drivers\BthEnum.sys
08:59:51.0003 6896  BthEnum - ok
08:59:51.0018 6896  [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
08:59:51.0065 6896  BTHMODEM - ok
08:59:51.0096 6896  [ AD1872E5829E8A2C3B5B4B641C3EAB0E ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
08:59:51.0127 6896  BthPan - ok
08:59:51.0159 6896  [ 1153DE2E4F5941E10C399CB5592F78A1 ] BTHPORT         C:\Windows\System32\Drivers\BTHport.sys
08:59:51.0221 6896  BTHPORT - ok
08:59:51.0252 6896  [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv         C:\Windows\system32\bthserv.dll
08:59:51.0283 6896  bthserv - ok
08:59:51.0315 6896  [ C81E9413A25A439F436B1D4B6A0CF9E9 ] BTHUSB          C:\Windows\System32\Drivers\BTHUSB.sys
08:59:51.0330 6896  BTHUSB - ok
08:59:51.0361 6896  [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
08:59:51.0393 6896  cdfs - ok
08:59:51.0439 6896  [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom           C:\Windows\system32\drivers\cdrom.sys
08:59:51.0502 6896  cdrom - ok
08:59:51.0549 6896  [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc     C:\Windows\System32\certprop.dll
08:59:51.0642 6896  CertPropSvc - ok
08:59:51.0658 6896  [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
08:59:51.0689 6896  circlass - ok
08:59:51.0720 6896  [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS            C:\Windows\system32\CLFS.sys
08:59:51.0751 6896  CLFS - ok
08:59:51.0814 6896  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
08:59:51.0845 6896  clr_optimization_v2.0.50727_32 - ok
08:59:51.0970 6896  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
08:59:52.0001 6896  clr_optimization_v4.0.30319_32 - ok
08:59:52.0017 6896  [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
08:59:52.0032 6896  CmBatt - ok
08:59:52.0079 6896  [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide          C:\Windows\system32\drivers\cmdide.sys
08:59:52.0095 6896  cmdide - ok
08:59:52.0141 6896  [ 247B4CE2DAB1160CD422D532D5241E1F ] CNG             C:\Windows\system32\Drivers\cng.sys
08:59:52.0188 6896  CNG - ok
08:59:52.0219 6896  [ A6023D3823C37043986713F118A89BEE ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
08:59:52.0235 6896  Compbatt - ok
08:59:52.0235 6896  [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
08:59:52.0282 6896  CompositeBus - ok
08:59:52.0282 6896  COMSysApp - ok
08:59:52.0313 6896  [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
08:59:52.0329 6896  crcdisk - ok
08:59:52.0375 6896  [ 96C0E38905CFD788313BE8E11DAE3F2F ] CryptSvc        C:\Windows\system32\cryptsvc.dll
08:59:52.0422 6896  CryptSvc - ok
08:59:52.0469 6896  [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch      C:\Windows\system32\rpcss.dll
08:59:52.0531 6896  DcomLaunch - ok
08:59:52.0563 6896  [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc       C:\Windows\System32\defragsvc.dll
08:59:52.0609 6896  defragsvc - ok
08:59:52.0641 6896  [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
08:59:52.0672 6896  DfsC - ok
08:59:52.0703 6896  [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp            C:\Windows\system32\dhcpcore.dll
08:59:52.0781 6896  Dhcp - ok
08:59:52.0797 6896  [ 1A050B0274BFB3890703D490F330C0DA ] discache        C:\Windows\system32\drivers\discache.sys
08:59:52.0828 6896  discache - ok
08:59:52.0859 6896  [ 565003F326F99802E68CA78F2A68E9FF ] Disk            C:\Windows\system32\DRIVERS\disk.sys
08:59:52.0875 6896  Disk - ok
08:59:52.0921 6896  [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
08:59:52.0984 6896  Dnscache - ok
08:59:52.0999 6896  [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc         C:\Windows\System32\dot3svc.dll
08:59:53.0046 6896  dot3svc - ok
08:59:53.0077 6896  [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS             C:\Windows\system32\dps.dll
08:59:53.0124 6896  DPS - ok
08:59:53.0140 6896  [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
08:59:53.0171 6896  drmkaud - ok
08:59:53.0218 6896  [ 23F5D28378A160352BA8F817BD8C71CB ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
08:59:53.0296 6896  DXGKrnl - ok
08:59:53.0311 6896  [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost         C:\Windows\System32\eapsvc.dll
08:59:53.0389 6896  EapHost - ok
08:59:53.0483 6896  [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv           C:\Windows\system32\DRIVERS\evbdx.sys
08:59:53.0623 6896  ebdrv - ok
08:59:53.0655 6896  [ 81951F51E318AECC2D68559E47485CC4 ] EFS             C:\Windows\System32\lsass.exe
08:59:53.0717 6896  EFS - ok
08:59:53.0795 6896  [ A8C362018EFC87BEB013EE28F29C0863 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
08:59:53.0857 6896  ehRecvr - ok
08:59:53.0873 6896  [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched         C:\Windows\ehome\ehsched.exe
08:59:53.0889 6896  ehSched - ok
08:59:53.0904 6896  [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
08:59:53.0935 6896  elxstor - ok
08:59:53.0998 6896  [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
08:59:54.0154 6896  ErrDev - ok
08:59:54.0247 6896  [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem     C:\Windows\system32\es.dll
08:59:54.0372 6896  EventSystem - ok
08:59:54.0388 6896  [ 2DC9108D74081149CC8B651D3A26207F ] exfat           C:\Windows\system32\drivers\exfat.sys
08:59:54.0419 6896  exfat - ok
08:59:54.0481 6896  Fabs - ok
08:59:54.0497 6896  [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
08:59:54.0591 6896  fastfat - ok
08:59:54.0637 6896  [ 967EA5B213E9984CBE270205DF37755B ] Fax             C:\Windows\system32\fxssvc.exe
08:59:54.0684 6896  Fax - ok
08:59:54.0715 6896  [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
08:59:54.0731 6896  fdc - ok
08:59:54.0747 6896  [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost         C:\Windows\system32\fdPHost.dll
08:59:54.0778 6896  fdPHost - ok
08:59:54.0778 6896  [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub        C:\Windows\system32\fdrespub.dll
08:59:54.0825 6896  FDResPub - ok
08:59:54.0840 6896  [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
08:59:54.0856 6896  FileInfo - ok
08:59:54.0856 6896  [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
08:59:54.0887 6896  Filetrace - ok
08:59:54.0981 6896  [ FFF1130F7C9FA01D093A1EDFC5CCE8FC ] FirebirdServerMAGIXInstance C:\Program Files\Common Files\MAGIX Services\Database\bin\fbserver.exe
08:59:55.0105 6896  FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - warning
08:59:55.0105 6896  FirebirdServerMAGIXInstance - detected UnsignedFile.Multi.Generic (1)
08:59:55.0215 6896  [ F76D04F7413B07DAA029F6520B64B4E8 ] FLEXnet Licensing Service C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
08:59:55.0246 6896  FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - warning
08:59:55.0246 6896  FLEXnet Licensing Service - detected UnsignedFile.Multi.Generic (1)
08:59:55.0277 6896  [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
08:59:55.0293 6896  flpydisk - ok
08:59:55.0324 6896  [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
08:59:55.0339 6896  FltMgr - ok
08:59:55.0402 6896  [ B3A5EC6B6B6673DB7E87C2BCDBDDC074 ] FontCache       C:\Windows\system32\FntCache.dll
08:59:55.0464 6896  FontCache - ok
08:59:55.0495 6896  [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
08:59:55.0511 6896  FontCache3.0.0.0 - ok
08:59:55.0527 6896  [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
08:59:55.0558 6896  FsDepends - ok
08:59:55.0573 6896  [ 7DAE5EBCC80E45D3253F4923DC424D05 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
08:59:55.0620 6896  Fs_Rec - ok
08:59:55.0651 6896  [ 8A73E79089B282100B9393B644CB853B ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
08:59:55.0683 6896  fvevol - ok
08:59:55.0698 6896  [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
08:59:55.0729 6896  gagp30kx - ok
08:59:55.0776 6896  [ 4567DF06B17498B8A904DEA8C7317E12 ] GDBehave        C:\Windows\system32\drivers\GDBehave.sys
08:59:55.0823 6896  GDBehave - ok
08:59:55.0854 6896  [ C6B2EDED229BEAF579F5207D7BE39871 ] GDMnIcpt        C:\Windows\system32\drivers\MiniIcpt.sys
08:59:55.0901 6896  GDMnIcpt - ok
08:59:55.0917 6896  [ 30FB73EA7391466051765C7D471EC750 ] GdNetMon        C:\Windows\system32\drivers\GdNetMon32.sys
08:59:55.0932 6896  GdNetMon - ok
08:59:55.0979 6896  [ A5716FA3620627AC950630420D6018CF ] GDPkIcpt        C:\Windows\system32\drivers\PktIcpt.sys
08:59:56.0041 6896  GDPkIcpt - ok
08:59:56.0104 6896  [ 64332A2301496B226F0D07DDE8CA2BBC ] GDScan          C:\Program Files\Common Files\G Data\GDScan\GDScan.exe
08:59:56.0135 6896  GDScan - ok
08:59:56.0135 6896  [ B059DA278101E80ABE60427B6B793F31 ] gdwfpcd         C:\Windows\system32\drivers\gdwfpcd32.sys
08:59:56.0151 6896  gdwfpcd - ok
08:59:56.0197 6896  [ 185ADA973B5020655CEE342059A86CBB ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
08:59:56.0244 6896  GEARAspiWDM - ok
08:59:56.0322 6896  [ 9F5F2F0FB0A7F5AA9F16B9A7B6DAD89F ] GoogleDesktopManager-051210-111108 C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
08:59:56.0369 6896  GoogleDesktopManager-051210-111108 - ok
08:59:56.0416 6896  [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc           C:\Windows\System32\gpsvc.dll
08:59:56.0494 6896  gpsvc - ok
08:59:56.0556 6896  [ F852B577F4C55AEAA91E0640A8D5C7F2 ] GRD             C:\Windows\system32\drivers\GRD.sys
08:59:56.0587 6896  GRD - ok
08:59:56.0619 6896  [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
08:59:56.0650 6896  hcw85cir - ok
08:59:56.0681 6896  [ 3530CAD25DEBA7DC7DE8BB51632CBC5F ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
08:59:56.0728 6896  HdAudAddService - ok
08:59:56.0853 6896  [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
08:59:56.0977 6896  HDAudBus - ok
08:59:56.0993 6896  [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
08:59:57.0040 6896  HidBatt - ok
08:59:57.0055 6896  [ 89448F40E6DF260C206A193A4683BA78 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
08:59:57.0087 6896  HidBth - ok
08:59:57.0118 6896  [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
08:59:57.0149 6896  HidIr - ok
08:59:57.0165 6896  [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv         C:\Windows\system32\hidserv.dll
08:59:57.0196 6896  hidserv - ok
08:59:57.0243 6896  [ 25072FB35AC90B25F9E4E3BACF774102 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
08:59:57.0305 6896  HidUsb - ok
08:59:57.0336 6896  [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc          C:\Windows\system32\kmsvc.dll
08:59:57.0399 6896  hkmsvc - ok
08:59:57.0430 6896  [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
08:59:57.0492 6896  HomeGroupListener - ok
08:59:57.0539 6896  [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
08:59:57.0601 6896  HomeGroupProvider - ok
08:59:57.0648 6896  [ 5E541135A41F4C4C77D68C288FF10837 ] HookCentre      C:\Windows\system32\drivers\HookCentre.sys
08:59:57.0679 6896  HookCentre - ok
08:59:57.0695 6896  [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
08:59:57.0711 6896  HpSAMD - ok
08:59:57.0773 6896  [ 871917B07A141BFF43D76D8844D48106 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
08:59:57.0851 6896  HTTP - ok
08:59:57.0882 6896  [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
08:59:57.0929 6896  hwpolicy - ok
08:59:57.0960 6896  [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
08:59:58.0023 6896  i8042prt - ok
08:59:58.0069 6896  [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
08:59:58.0116 6896  iaStorV - ok
08:59:58.0179 6896  [ 6F95324909B502E2651442C1548AB12F ] IDriverT        C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
08:59:58.0194 6896  IDriverT ( UnsignedFile.Multi.Generic ) - warning
08:59:58.0194 6896  IDriverT - detected UnsignedFile.Multi.Generic (1)
08:59:58.0272 6896  [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
08:59:58.0319 6896  idsvc - ok
08:59:58.0381 6896  [ 4173FF5708F3236CF25195FECD742915 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
08:59:58.0413 6896  iirsp - ok
08:59:58.0444 6896  [ F95622F161474511B8D80D6B093AA610 ] IKEEXT          C:\Windows\System32\ikeext.dll
08:59:58.0506 6896  IKEEXT - ok
08:59:58.0553 6896  [ 97FA95E4F486F37D60AD3744D86F3D7E ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
08:59:58.0662 6896  IntcAzAudAddService - ok
08:59:58.0678 6896  [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide        C:\Windows\system32\drivers\intelide.sys
08:59:58.0693 6896  intelide - ok
08:59:58.0725 6896  [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
08:59:58.0756 6896  intelppm - ok
08:59:58.0756 6896  [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
08:59:58.0803 6896  IPBusEnum - ok
08:59:58.0803 6896  [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
08:59:58.0849 6896  IpFilterDriver - ok
08:59:58.0881 6896  [ 4D65A07B795D6674312F879D09AA7663 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
08:59:58.0927 6896  iphlpsvc - ok
08:59:58.0974 6896  [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
08:59:59.0021 6896  IPMIDRV - ok
08:59:59.0037 6896  [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
08:59:59.0099 6896  IPNAT - ok
08:59:59.0177 6896  [ BC0EA61246F8D940FBC5F652D337D6BD ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
08:59:59.0224 6896  iPod Service - ok
08:59:59.0239 6896  [ 42996CFF20A3084A56017B7902307E9F ] IRENUM          C:\Windows\system32\drivers\irenum.sys
08:59:59.0255 6896  IRENUM - ok
08:59:59.0271 6896  [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
08:59:59.0286 6896  isapnp - ok
08:59:59.0395 6896  [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
08:59:59.0458 6896  iScsiPrt - ok
08:59:59.0473 6896  [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
08:59:59.0489 6896  kbdclass - ok
08:59:59.0505 6896  [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
08:59:59.0536 6896  kbdhid - ok
08:59:59.0536 6896  [ 81951F51E318AECC2D68559E47485CC4 ] KeyIso          C:\Windows\system32\lsass.exe
08:59:59.0567 6896  KeyIso - ok
08:59:59.0676 6896  [ 162A5E3A691B903111526147C8D29E6D ] Kodak AiO Network Discovery Service C:\Program Files\Kodak\AiO\Center\EKAiOHostService.exe
08:59:59.0739 6896  Kodak AiO Network Discovery Service - ok
08:59:59.0801 6896  [ B5E53FCA219A6491E9A1BA146A5D2452 ] Kodak AiO Status Monitor Service C:\Program Files\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe
08:59:59.0848 6896  Kodak AiO Status Monitor Service ( UnsignedFile.Multi.Generic ) - warning
08:59:59.0848 6896  Kodak AiO Status Monitor Service - detected UnsignedFile.Multi.Generic (1)
08:59:59.0895 6896  [ B7895B4182C0D16F6EFADEB8081E8D36 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
08:59:59.0957 6896  KSecDD - ok
08:59:59.0988 6896  [ D30159AC9237519FBC62C6EC247D2D46 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
09:00:00.0051 6896  KSecPkg - ok
09:00:00.0082 6896  [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm           C:\Windows\system32\msdtckrm.dll
09:00:00.0129 6896  KtmRm - ok
09:00:00.0160 6896  [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer    C:\Windows\system32\srvsvc.dll
09:00:00.0191 6896  LanmanServer - ok
09:00:00.0238 6896  [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
09:00:00.0285 6896  LanmanWorkstation - ok
09:00:00.0316 6896  [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
09:00:00.0378 6896  lltdio - ok
09:00:00.0409 6896  [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
09:00:00.0441 6896  lltdsvc - ok
09:00:00.0441 6896  [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts         C:\Windows\System32\lmhsvc.dll
09:00:00.0472 6896  lmhosts - ok
09:00:00.0487 6896  [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
09:00:00.0503 6896  LSI_FC - ok
09:00:00.0534 6896  [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
09:00:00.0550 6896  LSI_SAS - ok
09:00:00.0565 6896  [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
09:00:00.0597 6896  LSI_SAS2 - ok
09:00:00.0612 6896  [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
09:00:00.0628 6896  LSI_SCSI - ok
09:00:00.0643 6896  [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv           C:\Windows\system32\drivers\luafv.sys
09:00:00.0675 6896  luafv - ok
09:00:00.0706 6896  [ BFB9EE8EE977EFE85D1A3105ABEF6DD1 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
09:00:00.0753 6896  Mcx2Svc - ok
09:00:00.0784 6896  [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
09:00:00.0815 6896  megasas - ok
09:00:00.0831 6896  [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
09:00:00.0846 6896  MegaSR - ok
09:00:00.0846 6896  [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS           C:\Windows\system32\mmcss.dll
09:00:00.0893 6896  MMCSS - ok
09:00:00.0909 6896  [ F001861E5700EE84E2D4E52C712F4964 ] Modem           C:\Windows\system32\drivers\modem.sys
09:00:00.0987 6896  Modem - ok
09:00:01.0002 6896  [ 79D10964DE86B292320E9DFE02282A23 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
09:00:01.0033 6896  monitor - ok
09:00:01.0080 6896  [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
09:00:01.0127 6896  mouclass - ok
09:00:01.0143 6896  [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
09:00:01.0158 6896  mouhid - ok
09:00:01.0189 6896  [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
09:00:01.0236 6896  mountmgr - ok
09:00:01.0283 6896  [ 4D7F2682D29B92A6251B17957AA0B985 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
09:00:01.0330 6896  MozillaMaintenance - ok
09:00:01.0361 6896  [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio            C:\Windows\system32\drivers\mpio.sys
09:00:01.0392 6896  mpio - ok
09:00:01.0408 6896  [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
09:00:01.0455 6896  mpsdrv - ok
09:00:01.0486 6896  [ 9835584E999D25004E1EE8E5F3E3B881 ] MpsSvc          C:\Windows\system32\mpssvc.dll
09:00:01.0533 6896  MpsSvc - ok
09:00:01.0579 6896  [ CEB46AB7C01C9F825F8CC6BABC18166A ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
09:00:01.0611 6896  MRxDAV - ok
09:00:01.0657 6896  [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
09:00:01.0720 6896  mrxsmb - ok
09:00:01.0767 6896  [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
09:00:01.0798 6896  mrxsmb10 - ok
09:00:01.0813 6896  [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
09:00:01.0829 6896  mrxsmb20 - ok
09:00:01.0860 6896  [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci          C:\Windows\system32\drivers\msahci.sys
09:00:01.0876 6896  msahci - ok
09:00:01.0891 6896  [ 55055F8AD8BE27A64C831322A780A228 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
09:00:01.0923 6896  msdsm - ok
09:00:01.0938 6896  [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC           C:\Windows\System32\msdtc.exe
09:00:01.0969 6896  MSDTC - ok
09:00:01.0969 6896  [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs            C:\Windows\system32\drivers\Msfs.sys
09:00:02.0001 6896  Msfs - ok
09:00:02.0016 6896  [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
09:00:02.0094 6896  mshidkmdf - ok
09:00:02.0125 6896  [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
09:00:02.0141 6896  msisadrv - ok
09:00:02.0172 6896  [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
09:00:02.0203 6896  MSiSCSI - ok
09:00:02.0203 6896  msiserver - ok
09:00:02.0235 6896  [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
09:00:02.0266 6896  MSKSSRV - ok
09:00:02.0281 6896  [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
09:00:02.0313 6896  MSPCLOCK - ok
09:00:02.0313 6896  [ F456E973590D663B1073E9C463B40932 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
09:00:02.0344 6896  MSPQM - ok
09:00:02.0359 6896  [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
09:00:02.0391 6896  MsRPC - ok
09:00:02.0406 6896  [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
09:00:02.0422 6896  mssmbios - ok
09:00:02.0500 6896  MSSQL$SONY_MEDIAMGR2 - ok
09:00:02.0562 6896  [ 1D89EB4E2A99CABD4E81225F4F4C4B25 ] MSSQLServerADHelper c:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe
09:00:02.0609 6896  MSSQLServerADHelper - ok
09:00:02.0609 6896  [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
09:00:02.0640 6896  MSTEE - ok
09:00:02.0640 6896  [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
09:00:02.0671 6896  MTConfig - ok
09:00:02.0687 6896  [ 159FAD02F64E6381758C990F753BCC80 ] Mup             C:\Windows\system32\Drivers\mup.sys
09:00:02.0703 6896  Mup - ok
09:00:02.0749 6896  [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent        C:\Windows\system32\qagentRT.dll
09:00:02.0796 6896  napagent - ok
09:00:02.0827 6896  [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
09:00:02.0859 6896  NativeWifiP - ok
09:00:02.0905 6896  [ 8C9C922D71F1CD4DEF73F186416B7896 ] NDIS            C:\Windows\system32\drivers\ndis.sys
09:00:02.0937 6896  NDIS - ok
09:00:02.0952 6896  [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
09:00:02.0999 6896  NdisCap - ok
09:00:03.0015 6896  [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
09:00:03.0046 6896  NdisTapi - ok
09:00:03.0093 6896  [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
09:00:03.0171 6896  Ndisuio - ok
09:00:03.0202 6896  [ 38FBE267E7E6983311179230FACB1017 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
09:00:03.0233 6896  NdisWan - ok
09:00:03.0264 6896  [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
09:00:03.0295 6896  NDProxy - ok
09:00:03.0295 6896  [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
09:00:03.0327 6896  NetBIOS - ok
09:00:03.0373 6896  [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
09:00:03.0467 6896  NetBT - ok
09:00:03.0483 6896  [ 81951F51E318AECC2D68559E47485CC4 ] Netlogon        C:\Windows\system32\lsass.exe
09:00:03.0623 6896  Netlogon - ok
09:00:03.0654 6896  [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman          C:\Windows\System32\netman.dll
09:00:03.0701 6896  Netman - ok
09:00:03.0701 6896  [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm        C:\Windows\System32\netprofm.dll
09:00:03.0763 6896  netprofm - ok
09:00:03.0795 6896  [ F476EC40033CDB91EFBE73EB99B8362D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
09:00:03.0810 6896  NetTcpPortSharing - ok
09:00:03.0841 6896  [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
09:00:03.0873 6896  nfrd960 - ok
09:00:03.0919 6896  [ 912084381D30D8B89EC4E293053F4710 ] NlaSvc          C:\Windows\System32\nlasvc.dll
09:00:04.0013 6896  NlaSvc - ok
09:00:04.0029 6896  [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
09:00:04.0060 6896  Npfs - ok
09:00:04.0060 6896  [ BA387E955E890C8A88306D9B8D06BF17 ] nsi             C:\Windows\system32\nsisvc.dll
09:00:04.0107 6896  nsi - ok
09:00:04.0107 6896  [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
09:00:04.0138 6896  nsiproxy - ok
09:00:04.0216 6896  [ 0D87503986BB3DFED58E343FE39DDE13 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
09:00:04.0294 6896  Ntfs - ok
09:00:04.0309 6896  [ F9756A98D69098DCA8945D62858A812C ] Null            C:\Windows\system32\drivers\Null.sys
09:00:04.0341 6896  Null - ok
09:00:04.0387 6896  [ B3E25EE28883877076E0E1FF877D02E0 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
09:00:04.0450 6896  nvraid - ok
09:00:04.0465 6896  [ 4380E59A170D88C4F1022EFF6719A8A4 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
09:00:04.0497 6896  nvstor - ok
09:00:04.0512 6896  [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
09:00:04.0528 6896  nv_agp - ok
09:00:04.0575 6896  [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
09:00:04.0637 6896  ohci1394 - ok
09:00:04.0684 6896  [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
09:00:04.0731 6896  ose - ok
09:00:04.0871 6896  [ 358A9CCA612C68EB2F07DDAD4CE1D8D7 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
09:00:05.0027 6896  osppsvc - ok
09:00:05.0043 6896  [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
09:00:05.0089 6896  p2pimsvc - ok
09:00:05.0136 6896  [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc          C:\Windows\system32\p2psvc.dll
09:00:05.0183 6896  p2psvc - ok
09:00:05.0214 6896  [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
09:00:05.0261 6896  Parport - ok
09:00:05.0292 6896  [ 3F34A1B4C5F6475F320C275E63AFCE9B ] partmgr         C:\Windows\system32\drivers\partmgr.sys
09:00:05.0323 6896  partmgr - ok
09:00:05.0323 6896  [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm          C:\Windows\system32\DRIVERS\parvdm.sys
09:00:05.0355 6896  Parvdm - ok
09:00:05.0370 6896  [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc          C:\Windows\System32\pcasvc.dll
09:00:05.0386 6896  PcaSvc - ok
09:00:05.0401 6896  [ 673E55C3498EB970088E812EA820AA8F ] pci             C:\Windows\system32\drivers\pci.sys
09:00:05.0433 6896  pci - ok
09:00:05.0448 6896  [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide          C:\Windows\system32\drivers\pciide.sys
09:00:05.0464 6896  pciide - ok
09:00:05.0495 6896  [ F396431B31693E71E8A80687EF523506 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
09:00:05.0526 6896  pcmcia - ok
09:00:05.0542 6896  [ 250F6B43D2B613172035C6747AEEB19F ] pcw             C:\Windows\system32\drivers\pcw.sys
09:00:05.0557 6896  pcw - ok
09:00:05.0573 6896  [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
09:00:05.0620 6896  PEAUTH - ok
09:00:05.0667 6896  [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla             C:\Windows\system32\pla.dll
09:00:05.0745 6896  pla - ok
09:00:05.0776 6896  [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
09:00:05.0854 6896  PlugPlay - ok
09:00:05.0869 6896  [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
09:00:05.0885 6896  PNRPAutoReg - ok
09:00:05.0901 6896  [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
09:00:05.0916 6896  PNRPsvc - ok
09:00:05.0932 6896  [ 53946B69BA0836BD95B03759530C81EC ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
09:00:05.0994 6896  PolicyAgent - ok
09:00:06.0025 6896  [ F87D30E72E03D579A5199CCB3831D6EA ] Power           C:\Windows\system32\umpo.dll
09:00:06.0057 6896  Power - ok
09:00:06.0072 6896  [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
09:00:06.0119 6896  PptpMiniport - ok
09:00:06.0135 6896  [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
09:00:06.0166 6896  Processor - ok
09:00:06.0197 6896  [ CADEFAC453040E370A1BDFF3973BE00D ] ProfSvc         C:\Windows\system32\profsvc.dll
09:00:06.0275 6896  ProfSvc - ok
09:00:06.0291 6896  [ 81951F51E318AECC2D68559E47485CC4 ] ProtectedStorage C:\Windows\system32\lsass.exe
09:00:06.0306 6896  ProtectedStorage - ok
09:00:06.0337 6896  [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
09:00:06.0369 6896  Psched - ok
09:00:06.0415 6896  [ A6A7AD767BF5141665F5C675F671B3E1 ] PSI_SVC_2       c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
09:00:06.0462 6896  PSI_SVC_2 - ok
09:00:06.0509 6896  [ E42E3433DBB4CFFE8FDD91EAB29AEA8E ] PxHelp20        C:\Windows\system32\Drivers\PxHelp20.sys
09:00:06.0556 6896  PxHelp20 - ok
09:00:06.0587 6896  [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
09:00:06.0634 6896  ql2300 - ok
09:00:06.0649 6896  [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
09:00:06.0681 6896  ql40xx - ok
09:00:06.0696 6896  [ 31AC809E7707EB580B2BDB760390765A ] QWAVE           C:\Windows\system32\qwave.dll
09:00:06.0727 6896  QWAVE - ok
09:00:06.0743 6896  [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
09:00:06.0774 6896  QWAVEdrv - ok
09:00:06.0774 6896  [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
09:00:06.0805 6896  RasAcd - ok
09:00:06.0821 6896  [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
09:00:06.0852 6896  RasAgileVpn - ok
09:00:06.0852 6896  [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto         C:\Windows\System32\rasauto.dll
09:00:06.0883 6896  RasAuto - ok
09:00:06.0899 6896  [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
09:00:06.0946 6896  Rasl2tp - ok
09:00:06.0961 6896  [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan          C:\Windows\System32\rasmans.dll
09:00:07.0008 6896  RasMan - ok
09:00:07.0024 6896  [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
09:00:07.0071 6896  RasPppoe - ok
09:00:07.0086 6896  [ 44101F495A83EA6401D886E7FD70096B ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
09:00:07.0117 6896  RasSstp - ok
09:00:07.0133 6896  [ D528BC58A489409BA40334EBF96A311B ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
09:00:07.0164 6896  rdbss - ok
09:00:07.0180 6896  [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
09:00:07.0211 6896  rdpbus - ok
09:00:07.0242 6896  [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
09:00:07.0305 6896  RDPCDD - ok
09:00:07.0336 6896  [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
09:00:07.0367 6896  RDPENCDD - ok
09:00:07.0367 6896  [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
09:00:07.0398 6896  RDPREFMP - ok
09:00:07.0429 6896  [ F031683E6D1FEA157ABB2FF260B51E61 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
09:00:07.0492 6896  RDPWD - ok
09:00:07.0523 6896  [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
09:00:07.0585 6896  rdyboost - ok
09:00:07.0601 6896  [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess    C:\Windows\System32\mprdim.dll
09:00:07.0663 6896  RemoteAccess - ok
09:00:07.0663 6896  [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
09:00:07.0695 6896  RemoteRegistry - ok
09:00:07.0726 6896  [ CB928D9E6DAF51879DD6BA8D02F01321 ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
09:00:07.0757 6896  RFCOMM - ok
09:00:07.0804 6896  [ 0F6756EF8BDA6DFA7BE50465C83132BB ] RimUsb          C:\Windows\system32\Drivers\RimUsb.sys
09:00:07.0866 6896  RimUsb - ok
09:00:07.0882 6896  [ D9B34325EE5DF78B8F28A3DE9F577C7D ] RimVSerPort     C:\Windows\system32\DRIVERS\RimSerial.sys
09:00:07.0913 6896  RimVSerPort - ok
09:00:07.0929 6896  [ 564297827D213F52C7A3A2FF749568CA ] ROOTMODEM       C:\Windows\system32\Drivers\RootMdm.sys
09:00:07.0960 6896  ROOTMODEM - ok
09:00:07.0991 6896  [ AFD61A7C48A3E15C86A6FADF0B69A2E4 ] Roxio UPnP Renderer 9 C:\Program Files\Roxio\Digital Home 9\RoxioUPnPRenderer9.exe
09:00:08.0007 6896  Roxio UPnP Renderer 9 - ok
09:00:08.0038 6896  [ EFBB36E2BB02169D26E9980778FC20D3 ] Roxio Upnp Server 9 C:\Program Files\Roxio\Digital Home 9\RoxioUpnpService9.exe
09:00:08.0069 6896  Roxio Upnp Server 9 - ok
09:00:08.0131 6896  [ 6BD6D7EFEC6ECED723F186E3BFCC74E9 ] RoxLiveShare9   C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe
09:00:08.0194 6896  RoxLiveShare9 - ok
09:00:08.0209 6896  [ 7F2C88BCC5EF2A896E4827F33CCCA843 ] RoxMediaDB9     C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
09:00:08.0256 6896  RoxMediaDB9 - ok
09:00:08.0303 6896  [ 26C4A8AD3E75679B66FC0A6D3BB6BE2A ] RoxWatch9       C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
09:00:08.0319 6896  RoxWatch9 - ok
09:00:08.0319 6896  [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
09:00:08.0365 6896  RpcEptMapper - ok
09:00:08.0381 6896  [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator      C:\Windows\system32\locator.exe
09:00:08.0412 6896  RpcLocator - ok
09:00:08.0443 6896  [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs           C:\Windows\system32\rpcss.dll
09:00:08.0475 6896  RpcSs - ok
09:00:08.0475 6896  [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
09:00:08.0521 6896  rspndr - ok
09:00:08.0615 6896  [ D5EDE44CA85899E0478208C8413C1C31 ] RTL8167         C:\Windows\system32\DRIVERS\Rt86win7.sys
09:00:08.0662 6896  RTL8167 - ok
09:00:08.0693 6896  [ 9CE8DEFFAFFCCBF473015D76AE8EE514 ] RTL8192su       C:\Windows\system32\DRIVERS\RTL8192su.sys
09:00:08.0724 6896  RTL8192su - ok
09:00:08.0802 6896  [ 81951F51E318AECC2D68559E47485CC4 ] SamSs           C:\Windows\system32\lsass.exe
09:00:08.0849 6896  SamSs - ok
09:00:08.0896 6896  [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
09:00:08.0943 6896  sbp2port - ok
09:00:08.0958 6896  [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
09:00:08.0989 6896  SCardSvr - ok
09:00:09.0005 6896  [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
09:00:09.0036 6896  scfilter - ok
09:00:09.0083 6896  [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule        C:\Windows\system32\schedsvc.dll
09:00:09.0161 6896  Schedule - ok
09:00:09.0192 6896  [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc     C:\Windows\System32\certprop.dll
09:00:09.0239 6896  SCPolicySvc - ok
09:00:09.0270 6896  [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
09:00:09.0301 6896  SDRSVC - ok
09:00:09.0317 6896  [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
09:00:09.0348 6896  secdrv - ok
09:00:09.0348 6896  [ A59B3A4442C52060CC7A85293AA3546F ] seclogon        C:\Windows\system32\seclogon.dll
09:00:09.0395 6896  seclogon - ok
09:00:09.0411 6896  [ DCB7FCDCC97F87360F75D77425B81737 ] SENS            C:\Windows\System32\sens.dll
09:00:09.0442 6896  SENS - ok
09:00:09.0442 6896  [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc        C:\Windows\system32\sensrsvc.dll
09:00:09.0473 6896  SensrSvc - ok
09:00:09.0504 6896  [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
09:00:09.0582 6896  Serenum - ok
09:00:09.0613 6896  [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial          C:\Windows\system32\DRIVERS\serial.sys
09:00:09.0629 6896  Serial - ok
09:00:09.0660 6896  [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
09:00:09.0676 6896  sermouse - ok
09:00:09.0707 6896  [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv      C:\Windows\system32\sessenv.dll
09:00:09.0769 6896  SessionEnv - ok
09:00:09.0801 6896  [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
09:00:09.0879 6896  sffdisk - ok
09:00:09.0894 6896  [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
09:00:09.0941 6896  sffp_mmc - ok
09:00:09.0957 6896  [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
09:00:09.0988 6896  sffp_sd - ok
09:00:10.0003 6896  [ DB96666CC8312EBC45032F30B007A547 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
09:00:10.0035 6896  sfloppy - ok
09:00:10.0066 6896  [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
09:00:10.0175 6896  SharedAccess - ok
09:00:10.0206 6896  [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
09:00:10.0237 6896  ShellHWDetection - ok
09:00:10.0253 6896  [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp          C:\Windows\system32\drivers\sisagp.sys
09:00:10.0284 6896  sisagp - ok
09:00:10.0300 6896  [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
09:00:10.0331 6896  SiSRaid2 - ok
09:00:10.0347 6896  [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
09:00:10.0362 6896  SiSRaid4 - ok
09:00:10.0393 6896  [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb             C:\Windows\system32\DRIVERS\smb.sys
09:00:10.0425 6896  Smb - ok
09:00:10.0440 6896  [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
09:00:10.0471 6896  SNMPTRAP - ok
09:00:10.0534 6896  sony_ssm.sys - ok
09:00:10.0549 6896  [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr           C:\Windows\system32\drivers\spldr.sys
09:00:10.0581 6896  spldr - ok
09:00:10.0612 6896  [ 9AEA093B8F9C37CF45538382CABA2475 ] Spooler         C:\Windows\System32\spoolsv.exe
09:00:10.0674 6896  Spooler - ok
09:00:10.0783 6896  [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc          C:\Windows\system32\sppsvc.exe
09:00:10.0846 6896  sppsvc - ok
09:00:10.0877 6896  [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
09:00:10.0971 6896  sppuinotify - ok
09:00:11.0002 6896  [ 86EBD8B1F23E743AAD21F4D5B4D40985 ] SQLBrowser      c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
09:00:11.0033 6896  SQLBrowser - ok
09:00:11.0080 6896  [ D89083C4EB02DACA8F944B0E05E57F9D ] SQLWriter       c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
09:00:11.0127 6896  SQLWriter - ok
09:00:11.0158 6896  [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv             C:\Windows\system32\DRIVERS\srv.sys
09:00:11.0205 6896  srv - ok
09:00:11.0220 6896  [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
09:00:11.0267 6896  srv2 - ok
09:00:11.0283 6896  [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
09:00:11.0298 6896  srvnet - ok
09:00:11.0314 6896  [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
09:00:11.0392 6896  SSDPSRV - ok
09:00:11.0423 6896  [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc         C:\Windows\system32\sstpsvc.dll
09:00:11.0454 6896  SstpSvc - ok
09:00:11.0485 6896  Steam Client Service - ok
09:00:11.0501 6896  [ DB32D325C192B801DF274BFD12A7E72B ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
09:00:11.0548 6896  stexstor - ok
09:00:11.0595 6896  [ EDB05BD63148796F23EA78506404A538 ] StillCam        C:\Windows\system32\DRIVERS\serscan.sys
09:00:11.0641 6896  StillCam - ok
09:00:11.0688 6896  [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc          C:\Windows\System32\wiaservc.dll
09:00:11.0751 6896  StiSvc - ok
09:00:11.0766 6896  [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum          C:\Windows\system32\drivers\swenum.sys
09:00:11.0797 6896  swenum - ok
09:00:11.0813 6896  [ A28BD92DF340E57B024BA433165D34D7 ] swprv           C:\Windows\System32\swprv.dll
09:00:11.0891 6896  swprv - ok
09:00:11.0938 6896  [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain         C:\Windows\system32\sysmain.dll
09:00:11.0985 6896  SysMain - ok
09:00:12.0000 6896  [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\Windows\System32\TabSvc.dll
09:00:12.0031 6896  TabletInputService - ok
09:00:12.0234 6896  [ 1FF41723B6CF6EF0D2456691B75131BB ] TabletServicePen C:\Program Files\Tablet\Pen\Pen_Tablet.exe
09:00:12.0343 6896  TabletServicePen - ok
09:00:12.0375 6896  [ 613BF4820361543956909043A265C6AC ] TapiSrv         C:\Windows\System32\tapisrv.dll
09:00:12.0406 6896  TapiSrv - ok
09:00:12.0421 6896  [ B799D9FDB26111737F58288D8DC172D9 ] TBS             C:\Windows\System32\tbssvc.dll
09:00:12.0453 6896  TBS - ok
09:00:12.0531 6896  [ A5EBB8F648000E88B7D9390B514976BF ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
09:00:12.0609 6896  Tcpip - ok
09:00:12.0655 6896  [ A5EBB8F648000E88B7D9390B514976BF ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
09:00:12.0687 6896  TCPIP6 - ok
09:00:12.0702 6896  [ CCA24162E055C3714CE5A88B100C64ED ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
09:00:12.0733 6896  tcpipreg - ok
09:00:12.0765 6896  [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
09:00:12.0811 6896  TDPIPE - ok
09:00:12.0858 6896  [ 2C2C5AFE7EE4F620D69C23C0617651A8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
09:00:12.0936 6896  TDTCP - ok
09:00:12.0952 6896  [ B459575348C20E8121D6039DA063C704 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
09:00:12.0999 6896  tdx - ok
09:00:13.0014 6896  [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD          C:\Windows\system32\drivers\termdd.sys
09:00:13.0030 6896  TermDD - ok
09:00:13.0061 6896  [ 382C804C92811BE57829D8E550A900E2 ] TermService     C:\Windows\System32\termsrv.dll
09:00:13.0108 6896  TermService - ok
09:00:13.0123 6896  [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes          C:\Windows\system32\themeservice.dll
09:00:13.0139 6896  Themes - ok
09:00:13.0155 6896  [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER     C:\Windows\system32\mmcss.dll
09:00:13.0186 6896  THREADORDER - ok
09:00:13.0217 6896  [ C17EA46C3326A951DC3B8E883D661E0C ] TouchServicePen C:\Program Files\Tablet\Pen\Pen_TouchService.exe
09:00:13.0279 6896  TouchServicePen - ok
09:00:13.0279 6896  [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks          C:\Windows\System32\trkwks.dll
09:00:13.0311 6896  TrkWks - ok
09:00:13.0342 6896  [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
09:00:13.0404 6896  TrustedInstaller - ok
09:00:13.0404 6896  [ 254BB140EEE3C59D6114C1A86B636877 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
09:00:13.0435 6896  tssecsrv - ok
09:00:13.0451 6896  [ FD1D6C73E6333BE727CBCC6054247654 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
09:00:13.0482 6896  TsUsbFlt - ok
09:00:13.0529 6896  [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
09:00:13.0607 6896  tunnel - ok
09:00:13.0638 6896  [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
09:00:13.0654 6896  uagp35 - ok
09:00:13.0701 6896  [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
09:00:13.0732 6896  udfs - ok
09:00:13.0747 6896  [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
09:00:13.0763 6896  UI0Detect - ok
09:00:13.0810 6896  [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
09:00:13.0857 6896  uliagpkx - ok
09:00:13.0888 6896  [ D295BED4B898F0FD999FCFA9B32B071B ] umbus           C:\Windows\system32\drivers\umbus.sys
09:00:13.0935 6896  umbus - ok
09:00:13.0966 6896  [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
09:00:14.0044 6896  UmPass - ok
09:00:14.0059 6896  [ 833FBB672460EFCE8011D262175FAD33 ] upnphost        C:\Windows\System32\upnphost.dll
09:00:14.0106 6896  upnphost - ok
09:00:14.0122 6896  [ EAFE1E00739AFE6C51487A050E772E17 ] USBAAPL         C:\Windows\system32\Drivers\usbaapl.sys
09:00:14.0137 6896  USBAAPL ( UnsignedFile.Multi.Generic ) - warning
09:00:14.0137 6896  USBAAPL - detected UnsignedFile.Multi.Generic (1)
09:00:14.0153 6896  [ 8455C4ED038EFD09E99327F9D2D48FFA ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
09:00:14.0169 6896  usbccgp - ok
09:00:14.0200 6896  [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
09:00:14.0231 6896  usbcir - ok
09:00:14.0247 6896  [ F92DE757E4B7CE9C07C5E65423F3AE3B ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
09:00:14.0262 6896  usbehci - ok
09:00:14.0309 6896  [ 19999CA8E83F16D271AFC467B84718D7 ] usbfilter       C:\Windows\system32\DRIVERS\usbfilter.sys
09:00:14.0340 6896  usbfilter - ok
09:00:14.0356 6896  [ 8DC94AEC6A7E644A06135AE7506DC2E9 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
09:00:14.0403 6896  usbhub - ok
09:00:14.0434 6896  [ E185D44FAC515A18D9DEDDC23C2CDF44 ] usbohci         C:\Windows\system32\DRIVERS\usbohci.sys
09:00:14.0465 6896  usbohci - ok
09:00:14.0496 6896  [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
09:00:14.0543 6896  usbprint - ok
09:00:14.0574 6896  [ 576096CCBC07E7C4EA4F5E6686D6888F ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
09:00:14.0621 6896  usbscan - ok
09:00:14.0637 6896  [ D8889D56E0D27E57ED4591837FE71D27 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
09:00:14.0652 6896  USBSTOR - ok
09:00:14.0683 6896  [ 68DF884CF41CDADA664BEB01DAF67E3D ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
09:00:14.0699 6896  usbuhci - ok
09:00:14.0730 6896  [ 7764D99877E27436E95E4734624C9B45 ] UserAccess7     C:\Windows\system32\UAService7.exe
09:00:14.0746 6896  UserAccess7 ( UnsignedFile.Multi.Generic ) - warning
09:00:14.0746 6896  UserAccess7 - detected UnsignedFile.Multi.Generic (1)
09:00:14.0761 6896  [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms           C:\Windows\System32\uxsms.dll
09:00:14.0793 6896  UxSms - ok
09:00:14.0793 6896  [ 81951F51E318AECC2D68559E47485CC4 ] VaultSvc        C:\Windows\system32\lsass.exe
09:00:14.0808 6896  VaultSvc - ok
09:00:14.0824 6896  [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
09:00:14.0839 6896  vdrvroot - ok
09:00:14.0871 6896  [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds             C:\Windows\System32\vds.exe
09:00:14.0917 6896  vds - ok
09:00:14.0917 6896  [ 17C408214EA61696CEC9C66E388B14F3 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
09:00:14.0949 6896  vga - ok
09:00:14.0949 6896  [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave         C:\Windows\System32\drivers\vga.sys
09:00:14.0980 6896  VgaSave - ok
09:00:14.0995 6896  [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
09:00:15.0027 6896  vhdmp - ok
09:00:15.0042 6896  [ C829317A37B4BEA8F39735D4B076E923 ] viaagp          C:\Windows\system32\drivers\viaagp.sys
09:00:15.0058 6896  viaagp - ok
09:00:15.0073 6896  [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7           C:\Windows\system32\DRIVERS\viac7.sys
09:00:15.0105 6896  ViaC7 - ok
09:00:15.0120 6896  [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide          C:\Windows\system32\drivers\viaide.sys
09:00:15.0136 6896  viaide - ok
09:00:15.0151 6896  [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
09:00:15.0167 6896  volmgr - ok
09:00:15.0183 6896  [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
09:00:15.0214 6896  volmgrx - ok
09:00:15.0214 6896  [ F497F67932C6FA693D7DE2780631CFE7 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
09:00:15.0245 6896  volsnap - ok
09:00:15.0276 6896  [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
09:00:15.0323 6896  vsmraid - ok
09:00:15.0385 6896  [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS             C:\Windows\system32\vssvc.exe
09:00:15.0495 6896  VSS - ok
09:00:15.0495 6896  [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
09:00:15.0510 6896  vwifibus - ok
09:00:15.0541 6896  [ 7090D3436EEB4E7DA3373090A23448F7 ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
09:00:15.0557 6896  vwififlt - ok
09:00:15.0573 6896  [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time         C:\Windows\system32\w32time.dll
09:00:15.0619 6896  W32Time - ok
09:00:15.0666 6896  [ C3B03ED7B06657A3355F620BC02ACFB6 ] wacmoumonitor   C:\Windows\system32\DRIVERS\wacmoumonitor.sys
09:00:15.0697 6896  wacmoumonitor - ok
09:00:15.0729 6896  [ 427A8BC96F16C40DF81C2D2F4EDD32DD ] wacommousefilter C:\Windows\system32\DRIVERS\wacommousefilter.sys
09:00:15.0760 6896  wacommousefilter - ok
09:00:15.0775 6896  [ DE3721E89C653AA281428C8A69745D90 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
09:00:15.0807 6896  WacomPen - ok
09:00:15.0853 6896  [ 846B58EA44BF8C92E4B59F4E2252C4C0 ] wacomvhid       C:\Windows\system32\DRIVERS\wacomvhid.sys
09:00:15.0885 6896  wacomvhid - ok
09:00:15.0916 6896  [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
09:00:15.0947 6896  WANARP - ok
09:00:15.0947 6896  [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
09:00:15.0978 6896  Wanarpv6 - ok
09:00:16.0009 6896  [ 691E3285E53DCA558E1A84667F13E15A ] wbengine        C:\Windows\system32\wbengine.exe
09:00:16.0056 6896  wbengine - ok
09:00:16.0072 6896  [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
09:00:16.0103 6896  WbioSrvc - ok
09:00:16.0119 6896  [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc         C:\Windows\System32\wcncsvc.dll
09:00:16.0150 6896  wcncsvc - ok
09:00:16.0165 6896  [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
09:00:16.0181 6896  WcsPlugInService - ok
09:00:16.0212 6896  [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd              C:\Windows\system32\DRIVERS\wd.sys
09:00:16.0228 6896  Wd - ok
09:00:16.0259 6896  [ 9950E3D0F08141C7E89E64456AE7DC73 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
09:00:16.0275 6896  Wdf01000 - ok
09:00:16.0290 6896  [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost  C:\Windows\system32\wdi.dll
09:00:16.0321 6896  WdiServiceHost - ok
09:00:16.0321 6896  [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost   C:\Windows\system32\wdi.dll
09:00:16.0337 6896  WdiSystemHost - ok
09:00:16.0384 6896  [ A9D880F97530D5B8FEE278923349929D ] WebClient       C:\Windows\System32\webclnt.dll
09:00:16.0431 6896  WebClient - ok
09:00:16.0446 6896  [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc          C:\Windows\system32\wecsvc.dll
09:00:16.0477 6896  Wecsvc - ok
09:00:16.0493 6896  [ AC804569BB2364FB6017370258A4091B ] wercplsupport   C:\Windows\System32\wercplsupport.dll
09:00:16.0540 6896  wercplsupport - ok
09:00:16.0571 6896  [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc          C:\Windows\System32\WerSvc.dll
09:00:16.0618 6896  WerSvc - ok
09:00:16.0633 6896  [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
09:00:16.0665 6896  WfpLwf - ok
09:00:16.0680 6896  [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
09:00:16.0696 6896  WIMMount - ok
09:00:16.0743 6896  [ 3FAE8F94296001C32EAB62CD7D82E0FD ] WinDefend       C:\Program Files\Windows Defender\mpsvc.dll
09:00:16.0821 6896  WinDefend - ok
09:00:16.0836 6896  WinHttpAutoProxySvc - ok
09:00:16.0883 6896  [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
09:00:16.0992 6896  Winmgmt - ok
09:00:17.0055 6896  [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] WinRM           C:\Windows\system32\WsmSvc.dll
09:00:17.0133 6896  WinRM - ok
09:00:17.0179 6896  [ A67E5F9A400F3BD1BE3D80613B45F708 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
09:00:17.0195 6896  WinUsb - ok
09:00:17.0226 6896  [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc         C:\Windows\System32\wlansvc.dll
09:00:17.0257 6896  Wlansvc - ok
09:00:17.0335 6896  [ 5144AE67D60EC653F97DDF3FEED29E77 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
09:00:17.0413 6896  wlidsvc - ok
09:00:17.0460 6896  [ 588C1DF21321EC51EEBFF2C8909D1587 ] WmBEnum         C:\Windows\system32\drivers\WmBEnum.sys
09:00:17.0554 6896  WmBEnum - ok
09:00:17.0601 6896  [ 3B45B7BFD513D3313E895D187849E3A3 ] WmFilter        C:\Windows\system32\drivers\WmFilter.sys
09:00:17.0616 6896  WmFilter - ok
09:00:17.0663 6896  [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
09:00:17.0694 6896  WmiAcpi - ok
09:00:17.0710 6896  [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
09:00:17.0741 6896  wmiApSrv - ok
09:00:17.0819 6896  [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
09:00:17.0866 6896  WMPNetworkSvc - ok
09:00:17.0913 6896  [ FE7D6991FD5894F06AAE95DC78E79948 ] WmVirHid        C:\Windows\system32\drivers\WmVirHid.sys
09:00:17.0944 6896  WmVirHid - ok
09:00:17.0959 6896  [ DCBB4688EE775912444B9010CD3FE9B6 ] WmXlCore        C:\Windows\system32\drivers\WmXlCore.sys
09:00:17.0975 6896  WmXlCore - ok
09:00:17.0991 6896  [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc          C:\Windows\System32\wpcsvc.dll
09:00:18.0006 6896  WPCSvc - ok
09:00:18.0037 6896  [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
09:00:18.0084 6896  WPDBusEnum - ok
09:00:18.0115 6896  [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
09:00:18.0178 6896  ws2ifsl - ok
09:00:18.0193 6896  [ 6F5D49EFE0E7164E03AE773A3FE25340 ] wscsvc          C:\Windows\System32\wscsvc.dll
09:00:18.0225 6896  wscsvc - ok
09:00:18.0225 6896  WSearch - ok
09:00:18.0318 6896  [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv        C:\Windows\system32\wuaueng.dll
09:00:18.0412 6896  wuauserv - ok
09:00:18.0443 6896  [ E714A1C0354636837E20CCBF00888EE7 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
09:00:18.0474 6896  WudfPf - ok
09:00:18.0505 6896  [ 1023EE888C9B47178C5293ED5336AB69 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
09:00:18.0583 6896  WUDFRd - ok
09:00:18.0599 6896  [ 8D1E1E529A2C9E9B6A85B55A345F7629 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
09:00:18.0630 6896  wudfsvc - ok
09:00:18.0630 6896  [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc         C:\Windows\System32\wwansvc.dll
09:00:18.0677 6896  WwanSvc - ok
09:00:18.0724 6896  [ 276842A27953BE204A2507096F09B1F3 ] xusb21          C:\Windows\system32\DRIVERS\xusb21.sys
09:00:18.0771 6896  xusb21 - ok
09:00:18.0786 6896  ================ Scan global ===============================
09:00:18.0817 6896  [ DAB748AE0439955ED2FA22357533DDDB ] C:\Windows\system32\basesrv.dll
09:00:18.0833 6896  [ 48CB4FDBCAAEAC7BCE2F5941545FF071 ] C:\Windows\system32\winsrv.dll
09:00:18.0849 6896  [ 48CB4FDBCAAEAC7BCE2F5941545FF071 ] C:\Windows\system32\winsrv.dll
09:00:18.0880 6896  [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll
09:00:18.0911 6896  [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe
09:00:18.0911 6896  [Global] - ok
09:00:18.0911 6896  ================ Scan MBR ==================================
09:00:18.0927 6896  [ 6F053CE44510D4BA204AFC85893BC5C5 ] \Device\Harddisk0\DR0
09:00:21.0376 6896  \Device\Harddisk0\DR0 - ok
09:00:21.0376 6896  ================ Scan VBR ==================================
09:00:21.0407 6896  [ 438B8AA94C3D5738C3897D86C64CC5F2 ] \Device\Harddisk0\DR0\Partition1
09:00:21.0407 6896  \Device\Harddisk0\DR0\Partition1 - ok
09:00:21.0423 6896  [ 0B2E93EDBA7733630077AC30C39DDB1D ] \Device\Harddisk0\DR0\Partition2
09:00:21.0423 6896  \Device\Harddisk0\DR0\Partition2 - ok
09:00:21.0454 6896  [ 91206A8CAAAC29F9BBA702DA143937E9 ] \Device\Harddisk0\DR0\Partition3
09:00:21.0454 6896  \Device\Harddisk0\DR0\Partition3 - ok
09:00:21.0454 6896  ============================================================
09:00:21.0454 6896  Scan finished
09:00:21.0454 6896  ============================================================
09:00:21.0469 9072  Detected object count: 7
09:00:21.0469 9072  Actual detected object count: 7
09:00:42.0389 9072  AODDriver4.01 ( UnsignedFile.Multi.Generic ) - skipped by user
09:00:42.0389 9072  AODDriver4.01 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
09:00:42.0389 9072  FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - skipped by user
09:00:42.0389 9072  FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - User select action: Skip 
09:00:42.0389 9072  FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - skipped by user
09:00:42.0389 9072  FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - User select action: Skip 
09:00:42.0389 9072  IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
09:00:42.0389 9072  IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip 
09:00:42.0389 9072  Kodak AiO Status Monitor Service ( UnsignedFile.Multi.Generic ) - skipped by user
09:00:42.0389 9072  Kodak AiO Status Monitor Service ( UnsignedFile.Multi.Generic ) - User select action: Skip 
09:00:42.0389 9072  USBAAPL ( UnsignedFile.Multi.Generic ) - skipped by user
09:00:42.0389 9072  USBAAPL ( UnsignedFile.Multi.Generic ) - User select action: Skip 
09:00:42.0389 9072  UserAccess7 ( UnsignedFile.Multi.Generic ) - skipped by user
09:00:42.0389 9072  UserAccess7 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
09:00:50.0907 9940  Deinitialize success

mfG, Turamber

cosinus · 28.10.2012, 12:06

Sieht ok aus. Wir sollten fast durch sein. Mach bitte zur Kontrolle Scans mit Malwarebytes und SUPERAntiSpyware und poste die Logs.
Denk dran beide Tools zu updaten vor dem Scan!!

turambar · 28.10.2012, 19:10

Malwarebytes:

Code:

ATTFilter

Malwarebytes Anti-Malware 1.65.1.1000
www.malwarebytes.org

Datenbank Version: v2012.10.28.01

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 8.0.7601.17514
Friedel :: WHEATLEY [Administrator]

28.10.2012 12:46:31
mbam-log-2012-10-28 (12-46-31).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 214549
Laufzeit: 5 Minute(n), 45 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)

...und SuperAntiSpyware:

Code:

ATTFilter

SUPERAntiSpyware Scan Log
hxxp://www.superantispyware.com

Generated 10/28/2012 at 05:18 PM

Application Version : 5.6.1012

Core Rules Database Version : 9485
Trace Rules Database Version: 7297

Scan type       : Complete Scan
Total Scan Time : 04:21:41

Operating System Information
Windows 7 Home Premium 32-bit, Service Pack 1 (Build 6.01.7601)
UAC On - Limited User

Memory items scanned      : 919
Memory threats detected   : 0
Registry items scanned    : 41217
Registry threats detected : 0
File items scanned        : 264909
File threats detected     : 193

Adware.Tracking Cookie
	C:\USERS\FRIEDEL\AppData\Roaming\Microsoft\Windows\Cookies\Low\friedel@interclick[1].txt [ Cookie:friedel@interclick.com/ ]
	C:\USERS\FRIEDEL\AppData\Roaming\Microsoft\Windows\Cookies\Low\friedel@eas4.emediate[1].txt [ Cookie:friedel@eas4.emediate.eu/ ]
	C:\USERS\FRIEDEL\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\FRIEDEL@WWW.GOOGLEADSERVICES[2].TXT [ /WWW.GOOGLEADSERVICES ]
	eas.apm.emediate.eu [ C:\USERS\FRIEDEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q1XPEKQA.DEFAULT\COOKIES.SQLITE ]
	eas.apm.emediate.eu [ C:\USERS\FRIEDEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q1XPEKQA.DEFAULT\COOKIES.SQLITE ]
	eas.apm.emediate.eu [ C:\USERS\FRIEDEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q1XPEKQA.DEFAULT\COOKIES.SQLITE ]
	.webmasterplan.com [ C:\USERS\FRIEDEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q1XPEKQA.DEFAULT\COOKIES.SQLITE ]
	.media.photobucket.com [ C:\USERS\FRIEDEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q1XPEKQA.DEFAULT\COOKIES.SQLITE ]
	dc.tremormedia.com [ C:\USERS\FRIEDEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q1XPEKQA.DEFAULT\COOKIES.SQLITE ]
	.invitemedia.com [ C:\USERS\FRIEDEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q1XPEKQA.DEFAULT\COOKIES.SQLITE ]
	.smileycentral.com [ C:\USERS\FRIEDEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q1XPEKQA.DEFAULT\COOKIES.SQLITE ]
	.server.cpmstar.com [ C:\USERS\FRIEDEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q1XPEKQA.DEFAULT\COOKIES.SQLITE ]
	.traffictrack.de [ C:\USERS\FRIEDEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q1XPEKQA.DEFAULT\COOKIES.SQLITE ]
	.collective-media.net [ C:\USERS\FRIEDEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q1XPEKQA.DEFAULT\COOKIES.SQLITE ]
	.legolas-media.com [ C:\USERS\FRIEDEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q1XPEKQA.DEFAULT\COOKIES.SQLITE ]
	.imrworldwide.com [ C:\USERS\FRIEDEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q1XPEKQA.DEFAULT\COOKIES.SQLITE ]
	.imrworldwide.com [ C:\USERS\FRIEDEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q1XPEKQA.DEFAULT\COOKIES.SQLITE ]
	.digitalcameratracker.com [ C:\USERS\FRIEDEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q1XPEKQA.DEFAULT\COOKIES.SQLITE ]
	.adinterax.com [ C:\USERS\FRIEDEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q1XPEKQA.DEFAULT\COOKIES.SQLITE ]
	.adinterax.com [ C:\USERS\FRIEDEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q1XPEKQA.DEFAULT\COOKIES.SQLITE ]
	.adxpose.com [ C:\USERS\FRIEDEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q1XPEKQA.DEFAULT\COOKIES.SQLITE ]
	stats.gamestop.com [ C:\USERS\FRIEDEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q1XPEKQA.DEFAULT\COOKIES.SQLITE ]
	.trackmill.com [ C:\USERS\FRIEDEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q1XPEKQA.DEFAULT\COOKIES.SQLITE ]
	.adtechus.com [ C:\USERS\FRIEDEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q1XPEKQA.DEFAULT\COOKIES.SQLITE ]
	.nextag.de [ C:\USERS\FRIEDEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q1XPEKQA.DEFAULT\COOKIES.SQLITE ]
	.nextag.de [ C:\USERS\FRIEDEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q1XPEKQA.DEFAULT\COOKIES.SQLITE ]
	.legolas-media.com [ C:\USERS\FRIEDEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q1XPEKQA.DEFAULT\COOKIES.SQLITE ]
	.legolas-media.com [ C:\USERS\FRIEDEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q1XPEKQA.DEFAULT\COOKIES.SQLITE ]
	.ad.adnet.de [ C:\USERS\FRIEDEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q1XPEKQA.DEFAULT\COOKIES.SQLITE ]
	.bizrate.com [ C:\USERS\FRIEDEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q1XPEKQA.DEFAULT\COOKIES.SQLITE ]
	int.sitestat.com [ C:\USERS\FRIEDEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q1XPEKQA.DEFAULT\COOKIES.SQLITE ]
	int.sitestat.com [ C:\USERS\FRIEDEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q1XPEKQA.DEFAULT\COOKIES.SQLITE ]
	int.sitestat.com [ C:\USERS\FRIEDEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q1XPEKQA.DEFAULT\COOKIES.SQLITE ]
	.bagfinder.lowepro.com [ C:\USERS\FRIEDEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q1XPEKQA.DEFAULT\COOKIES.SQLITE ]
	int.sitestat.com [ C:\USERS\FRIEDEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q1XPEKQA.DEFAULT\COOKIES.SQLITE ]
	.e-2dj6wnloenajabp.stats.esomniture.com [ C:\USERS\FRIEDEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q1XPEKQA.DEFAULT\COOKIES.SQLITE ]
	.e-2dj6aekyeiazkap.stats.esomniture.com [ C:\USERS\FRIEDEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q1XPEKQA.DEFAULT\COOKIES.SQLITE ]
	.clicksor.com [ C:\USERS\FRIEDEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q1XPEKQA.DEFAULT\COOKIES.SQLITE ]
	.clicksor.com [ C:\USERS\FRIEDEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q1XPEKQA.DEFAULT\COOKIES.SQLITE ]
	.nextag.de [ C:\USERS\FRIEDEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q1XPEKQA.DEFAULT\COOKIES.SQLITE ]
	.interclick.com [ C:\USERS\FRIEDEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q1XPEKQA.DEFAULT\COOKIES.SQLITE ]
	.interclick.com [ C:\USERS\FRIEDEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q1XPEKQA.DEFAULT\COOKIES.SQLITE ]
	.interclick.com [ C:\USERS\FRIEDEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q1XPEKQA.DEFAULT\COOKIES.SQLITE ]
	.statcounter.com [ C:\USERS\FRIEDEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q1XPEKQA.DEFAULT\COOKIES.SQLITE ]
	.doubleclick.net [ C:\USERS\FRIEDEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q1XPEKQA.DEFAULT\COOKIES.SQLITE ]
	.zedo.com [ C:\USERS\FRIEDEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q1XPEKQA.DEFAULT\COOKIES.SQLITE ]
	.atdmt.com [ C:\USERS\FRIEDEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q1XPEKQA.DEFAULT\COOKIES.SQLITE ]
	.specificclick.net [ C:\USERS\FRIEDEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q1XPEKQA.DEFAULT\COOKIES.SQLITE ]
	.apmebf.com [ C:\USERS\FRIEDEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q1XPEKQA.DEFAULT\COOKIES.SQLITE ]
	.mediaplex.com [ C:\USERS\FRIEDEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q1XPEKQA.DEFAULT\COOKIES.SQLITE ]
	.advertising.com [ C:\USERS\FRIEDEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q1XPEKQA.DEFAULT\COOKIES.SQLITE ]
	.questionmarket.com [ C:\USERS\FRIEDEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q1XPEKQA.DEFAULT\COOKIES.SQLITE ]
	.sonyeurope.112.2o7.net [ C:\USERS\FRIEDEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q1XPEKQA.DEFAULT\COOKIES.SQLITE ]
	.adviva.net [ C:\USERS\FRIEDEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q1XPEKQA.DEFAULT\COOKIES.SQLITE ]
	.adtech.de [ C:\USERS\FRIEDEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q1XPEKQA.DEFAULT\COOKIES.SQLITE ]
	.tradedoubler.com [ C:\USERS\FRIEDEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q1XPEKQA.DEFAULT\COOKIES.SQLITE ]
	.tradedoubler.com [ C:\USERS\FRIEDEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q1XPEKQA.DEFAULT\COOKIES.SQLITE ]
	ad.yieldmanager.com [ C:\USERS\FRIEDEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q1XPEKQA.DEFAULT\COOKIES.SQLITE ]
	.xiti.com [ C:\USERS\FRIEDEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q1XPEKQA.DEFAULT\COOKIES.SQLITE ]
	.smartadserver.com [ C:\USERS\FRIEDEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q1XPEKQA.DEFAULT\COOKIES.SQLITE ]
	.smartadserver.com [ C:\USERS\FRIEDEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q1XPEKQA.DEFAULT\COOKIES.SQLITE ]
	.smartadserver.com [ C:\USERS\FRIEDEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q1XPEKQA.DEFAULT\COOKIES.SQLITE ]
	.smartadserver.com [ C:\USERS\FRIEDEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q1XPEKQA.DEFAULT\COOKIES.SQLITE ]
	.amazon-adsystem.com [ C:\USERS\FRIEDEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q1XPEKQA.DEFAULT\COOKIES.SQLITE ]
	.amazon-adsystem.com [ C:\USERS\FRIEDEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q1XPEKQA.DEFAULT\COOKIES.SQLITE ]
	.adserver.adtechus.com [ C:\USERS\FRIEDEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q1XPEKQA.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\FRIEDEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q1XPEKQA.DEFAULT\COOKIES.SQLITE ]
	.revsci.net [ C:\USERS\FRIEDEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q1XPEKQA.DEFAULT\COOKIES.SQLITE ]
	.revsci.net [ C:\USERS\FRIEDEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q1XPEKQA.DEFAULT\COOKIES.SQLITE ]
	.revsci.net [ C:\USERS\FRIEDEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q1XPEKQA.DEFAULT\COOKIES.SQLITE ]
	ad.adition.net [ C:\USERS\FRIEDEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q1XPEKQA.DEFAULT\COOKIES.SQLITE ]
	ad.adition.net [ C:\USERS\FRIEDEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q1XPEKQA.DEFAULT\COOKIES.SQLITE ]
	.mediaplex.com [ C:\USERS\FRIEDEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q1XPEKQA.DEFAULT\COOKIES.SQLITE ]
	.apmebf.com [ C:\USERS\FRIEDEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q1XPEKQA.DEFAULT\COOKIES.SQLITE ]
	.tracking.quisma.com [ C:\USERS\FRIEDEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q1XPEKQA.DEFAULT\COOKIES.SQLITE ]
	tracking.quisma.com [ C:\USERS\FRIEDEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q1XPEKQA.DEFAULT\COOKIES.SQLITE ]
	tracking.quisma.com [ C:\USERS\FRIEDEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q1XPEKQA.DEFAULT\COOKIES.SQLITE ]
	.atdmt.com [ C:\USERS\FRIEDEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q1XPEKQA.DEFAULT\COOKIES.SQLITE ]
	.questionmarket.com [ C:\USERS\FRIEDEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q1XPEKQA.DEFAULT\COOKIES.SQLITE ]
	.serving-sys.com [ C:\USERS\FRIEDEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q1XPEKQA.DEFAULT\COOKIES.SQLITE ]
	.zanox.com [ C:\USERS\FRIEDEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q1XPEKQA.DEFAULT\COOKIES.SQLITE ]
	ad4.adfarm1.adition.com [ C:\USERS\FRIEDEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q1XPEKQA.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\FRIEDEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q1XPEKQA.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\FRIEDEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q1XPEKQA.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\FRIEDEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q1XPEKQA.DEFAULT\COOKIES.SQLITE ]
	.webmasterplan.com [ C:\USERS\FRIEDEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q1XPEKQA.DEFAULT\COOKIES.SQLITE ]
	ad3.adfarm1.adition.com [ C:\USERS\FRIEDEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q1XPEKQA.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\FRIEDEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q1XPEKQA.DEFAULT\COOKIES.SQLITE ]
	www.googleadservices.com [ C:\USERS\FRIEDEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q1XPEKQA.DEFAULT\COOKIES.SQLITE ]
	ad.yieldmanager.com [ C:\USERS\FRIEDEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q1XPEKQA.DEFAULT\COOKIES.SQLITE ]
	ad.yieldmanager.com [ C:\USERS\FRIEDEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q1XPEKQA.DEFAULT\COOKIES.SQLITE ]
	.serving-sys.com [ C:\USERS\FRIEDEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q1XPEKQA.DEFAULT\COOKIES.SQLITE ]
	ad.yieldmanager.com [ C:\USERS\FRIEDEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q1XPEKQA.DEFAULT\COOKIES.SQLITE ]
	ad.yieldmanager.com [ C:\USERS\FRIEDEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q1XPEKQA.DEFAULT\COOKIES.SQLITE ]
	ad.yieldmanager.com [ C:\USERS\FRIEDEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q1XPEKQA.DEFAULT\COOKIES.SQLITE ]
	ad.yieldmanager.com [ C:\USERS\FRIEDEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q1XPEKQA.DEFAULT\COOKIES.SQLITE ]
	ad.yieldmanager.com [ C:\USERS\FRIEDEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q1XPEKQA.DEFAULT\COOKIES.SQLITE ]
	www.googleadservices.com [ C:\USERS\FRIEDEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q1XPEKQA.DEFAULT\COOKIES.SQLITE ]
	.revsci.net [ C:\USERS\FRIEDEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q1XPEKQA.DEFAULT\COOKIES.SQLITE ]
	.revsci.net [ C:\USERS\FRIEDEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q1XPEKQA.DEFAULT\COOKIES.SQLITE ]
	.revsci.net [ C:\USERS\FRIEDEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q1XPEKQA.DEFAULT\COOKIES.SQLITE ]
	ad.zanox.com [ C:\USERS\FRIEDEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q1XPEKQA.DEFAULT\COOKIES.SQLITE ]
	accounts.youtube.com [ C:\USERS\FRIEDEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q1XPEKQA.DEFAULT\COOKIES.SQLITE ]
	accounts.youtube.com [ C:\USERS\FRIEDEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q1XPEKQA.DEFAULT\COOKIES.SQLITE ]
	accounts.youtube.com [ C:\USERS\FRIEDEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q1XPEKQA.DEFAULT\COOKIES.SQLITE ]
	accounts.youtube.com [ C:\USERS\FRIEDEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q1XPEKQA.DEFAULT\COOKIES.SQLITE ]
	.bs.serving-sys.com [ C:\USERS\FRIEDEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q1XPEKQA.DEFAULT\COOKIES.SQLITE ]
	.zanox-affiliate.de [ C:\USERS\FRIEDEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q1XPEKQA.DEFAULT\COOKIES.SQLITE ]
	www.googleadservices.com [ C:\USERS\FRIEDEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q1XPEKQA.DEFAULT\COOKIES.SQLITE ]
	.mediafire.com [ C:\USERS\FRIEDEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q1XPEKQA.DEFAULT\COOKIES.SQLITE ]
	.mediafire.com [ C:\USERS\FRIEDEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q1XPEKQA.DEFAULT\COOKIES.SQLITE ]
	.mediafire.com [ C:\USERS\FRIEDEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q1XPEKQA.DEFAULT\COOKIES.SQLITE ]
	.mediafire.com [ C:\USERS\FRIEDEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q1XPEKQA.DEFAULT\COOKIES.SQLITE ]
	www.mediafire.com [ C:\USERS\FRIEDEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q1XPEKQA.DEFAULT\COOKIES.SQLITE ]
	www.mediafire.com [ C:\USERS\FRIEDEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q1XPEKQA.DEFAULT\COOKIES.SQLITE ]
	www.mediafire.com [ C:\USERS\FRIEDEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q1XPEKQA.DEFAULT\COOKIES.SQLITE ]
	.ru4.com [ C:\USERS\FRIEDEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q1XPEKQA.DEFAULT\COOKIES.SQLITE ]
	.advertising.com [ C:\USERS\FRIEDEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q1XPEKQA.DEFAULT\COOKIES.SQLITE ]
	.lucidmedia.com [ C:\USERS\FRIEDEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q1XPEKQA.DEFAULT\COOKIES.SQLITE ]
	.ad.mlnadvertising.com [ C:\USERS\FRIEDEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q1XPEKQA.DEFAULT\COOKIES.SQLITE ]
	.advertising.com [ C:\USERS\FRIEDEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q1XPEKQA.DEFAULT\COOKIES.SQLITE ]
	.partypoker.com [ C:\USERS\FRIEDEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q1XPEKQA.DEFAULT\COOKIES.SQLITE ]
	.partypoker.com [ C:\USERS\FRIEDEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q1XPEKQA.DEFAULT\COOKIES.SQLITE ]
	.partypoker.com [ C:\USERS\FRIEDEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q1XPEKQA.DEFAULT\COOKIES.SQLITE ]
	.fastclick.net [ C:\USERS\FRIEDEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q1XPEKQA.DEFAULT\COOKIES.SQLITE ]
	track.effiliation.com [ C:\USERS\FRIEDEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q1XPEKQA.DEFAULT\COOKIES.SQLITE ]
	ad2.adfarm1.adition.com [ C:\USERS\FRIEDEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q1XPEKQA.DEFAULT\COOKIES.SQLITE ]
	track.effiliation.com [ C:\USERS\FRIEDEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q1XPEKQA.DEFAULT\COOKIES.SQLITE ]
	track.effiliation.com [ C:\USERS\FRIEDEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q1XPEKQA.DEFAULT\COOKIES.SQLITE ]
	track.effiliation.com [ C:\USERS\FRIEDEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q1XPEKQA.DEFAULT\COOKIES.SQLITE ]
	track.effiliation.com [ C:\USERS\FRIEDEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q1XPEKQA.DEFAULT\COOKIES.SQLITE ]
	track.effiliation.com [ C:\USERS\FRIEDEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q1XPEKQA.DEFAULT\COOKIES.SQLITE ]
	tomtailor.dyntracker.com [ C:\USERS\FRIEDEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q1XPEKQA.DEFAULT\COOKIES.SQLITE ]
	accounts.youtube.com [ C:\USERS\FRIEDEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q1XPEKQA.DEFAULT\COOKIES.SQLITE ]
	accounts.youtube.com [ C:\USERS\FRIEDEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q1XPEKQA.DEFAULT\COOKIES.SQLITE ]
	.invitemedia.com [ C:\USERS\FRIEDEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q1XPEKQA.DEFAULT\COOKIES.SQLITE ]
	.invitemedia.com [ C:\USERS\FRIEDEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q1XPEKQA.DEFAULT\COOKIES.SQLITE ]
	.invitemedia.com [ C:\USERS\FRIEDEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q1XPEKQA.DEFAULT\COOKIES.SQLITE ]
	accounts.youtube.com [ C:\USERS\FRIEDEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q1XPEKQA.DEFAULT\COOKIES.SQLITE ]
	accounts.youtube.com [ C:\USERS\FRIEDEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q1XPEKQA.DEFAULT\COOKIES.SQLITE ]
	accounts.youtube.com [ C:\USERS\FRIEDEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q1XPEKQA.DEFAULT\COOKIES.SQLITE ]
	accounts.youtube.com [ C:\USERS\FRIEDEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q1XPEKQA.DEFAULT\COOKIES.SQLITE ]
	.serving-sys.com [ C:\USERS\FRIEDEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q1XPEKQA.DEFAULT\COOKIES.SQLITE ]
	.serving-sys.com [ C:\USERS\FRIEDEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q1XPEKQA.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\FRIEDEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q1XPEKQA.DEFAULT\COOKIES.SQLITE ]
	.serving-sys.com [ C:\USERS\FRIEDEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q1XPEKQA.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\FRIEDEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q1XPEKQA.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\FRIEDEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q1XPEKQA.DEFAULT\COOKIES.SQLITE ]
	ad1.adfarm1.adition.com [ C:\USERS\FRIEDEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q1XPEKQA.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\FRIEDEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q1XPEKQA.DEFAULT\COOKIES.SQLITE ]
	.unitymedia.de [ C:\USERS\FRIEDEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q1XPEKQA.DEFAULT\COOKIES.SQLITE ]
	.unitymedia.de [ C:\USERS\FRIEDEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q1XPEKQA.DEFAULT\COOKIES.SQLITE ]
	.tracking.quisma.com [ C:\USERS\FRIEDEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q1XPEKQA.DEFAULT\COOKIES.SQLITE ]
	www.googleadservices.com [ C:\USERS\FRIEDEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q1XPEKQA.DEFAULT\COOKIES.SQLITE ]
	.collective-media.net [ C:\USERS\FRIEDEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q1XPEKQA.DEFAULT\COOKIES.SQLITE ]
	accounts.youtube.com [ C:\USERS\FRIEDEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q1XPEKQA.DEFAULT\COOKIES.SQLITE ]
	accounts.youtube.com [ C:\USERS\FRIEDEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q1XPEKQA.DEFAULT\COOKIES.SQLITE ]
	accounts.youtube.com [ C:\USERS\FRIEDEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q1XPEKQA.DEFAULT\COOKIES.SQLITE ]
	accounts.youtube.com [ C:\USERS\FRIEDEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q1XPEKQA.DEFAULT\COOKIES.SQLITE ]
	statse.webtrendslive.com [ C:\USERS\FRIEDEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q1XPEKQA.DEFAULT\COOKIES.SQLITE ]
	accounts.youtube.com [ C:\USERS\FRIEDEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q1XPEKQA.DEFAULT\COOKIES.SQLITE ]
	accounts.youtube.com [ C:\USERS\FRIEDEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q1XPEKQA.DEFAULT\COOKIES.SQLITE ]
	accounts.youtube.com [ C:\USERS\FRIEDEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q1XPEKQA.DEFAULT\COOKIES.SQLITE ]
	accounts.youtube.com [ C:\USERS\FRIEDEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q1XPEKQA.DEFAULT\COOKIES.SQLITE ]
	.kontera.com [ C:\USERS\FRIEDEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q1XPEKQA.DEFAULT\COOKIES.SQLITE ]
	.advertstream.com [ C:\USERS\FRIEDEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q1XPEKQA.DEFAULT\COOKIES.SQLITE ]
	accounts.youtube.com [ C:\USERS\FRIEDEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q1XPEKQA.DEFAULT\COOKIES.SQLITE ]
	accounts.youtube.com [ C:\USERS\FRIEDEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q1XPEKQA.DEFAULT\COOKIES.SQLITE ]
	accounts.google.com [ C:\USERS\FRIEDEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q1XPEKQA.DEFAULT\COOKIES.SQLITE ]
	accounts.youtube.com [ C:\USERS\FRIEDEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q1XPEKQA.DEFAULT\COOKIES.SQLITE ]
	.accounts.google.com [ C:\USERS\FRIEDEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q1XPEKQA.DEFAULT\COOKIES.SQLITE ]
	.accounts.google.com [ C:\USERS\FRIEDEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q1XPEKQA.DEFAULT\COOKIES.SQLITE ]
	.accounts.google.com [ C:\USERS\FRIEDEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q1XPEKQA.DEFAULT\COOKIES.SQLITE ]
	.doubleclick.net [ C:\USERS\FRIEDEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q1XPEKQA.DEFAULT\COOKIES.SQLITE ]
	.adbrite.com [ C:\USERS\FRIEDEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q1XPEKQA.DEFAULT\COOKIES.SQLITE ]
	.adbrite.com [ C:\USERS\FRIEDEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q1XPEKQA.DEFAULT\COOKIES.SQLITE ]
	.casalemedia.com [ C:\USERS\FRIEDEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q1XPEKQA.DEFAULT\COOKIES.SQLITE ]
	.casalemedia.com [ C:\USERS\FRIEDEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q1XPEKQA.DEFAULT\COOKIES.SQLITE ]
	.casalemedia.com [ C:\USERS\FRIEDEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q1XPEKQA.DEFAULT\COOKIES.SQLITE ]
	.casalemedia.com [ C:\USERS\FRIEDEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q1XPEKQA.DEFAULT\COOKIES.SQLITE ]
	.casalemedia.com [ C:\USERS\FRIEDEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q1XPEKQA.DEFAULT\COOKIES.SQLITE ]
	.casalemedia.com [ C:\USERS\FRIEDEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q1XPEKQA.DEFAULT\COOKIES.SQLITE ]
	.invitemedia.com [ C:\USERS\FRIEDEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q1XPEKQA.DEFAULT\COOKIES.SQLITE ]
	.invitemedia.com [ C:\USERS\FRIEDEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q1XPEKQA.DEFAULT\COOKIES.SQLITE ]
	.invitemedia.com [ C:\USERS\FRIEDEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q1XPEKQA.DEFAULT\COOKIES.SQLITE ]
	.webmasterplan.com [ C:\USERS\FRIEDEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q1XPEKQA.DEFAULT\COOKIES.SQLITE ]
	ad.adserver01.de [ C:\USERS\FRIEDEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q1XPEKQA.DEFAULT\COOKIES.SQLITE ]
	.zanox.com [ C:\USERS\FRIEDEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q1XPEKQA.DEFAULT\COOKIES.SQLITE ]
	.zanox-affiliate.de [ C:\USERS\FRIEDEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q1XPEKQA.DEFAULT\COOKIES.SQLITE ]

Trojan.Agent/Gen-FraudTool[Tiny]
	C:\_OTL\MOVEDFILES\10262012_191200\C_USERS\FRIEDEL\APPDATA\ROAMING\.#\MBX@11AC@17A2770.###
	C:\_OTL\MOVEDFILES\10262012_191200\C_USERS\FRIEDEL\APPDATA\ROAMING\.#\MBX@1470@1952770.###
	C:\_OTL\MOVEDFILES\10262012_191200\C_USERS\FRIEDEL\APPDATA\ROAMING\.#\MBX@1624@722770.###
	C:\_OTL\MOVEDFILES\10262012_191200\C_USERS\FRIEDEL\APPDATA\ROAMING\.#\MBX@FE0@1772770.###

cosinus · 29.10.2012, 09:16

Sieht ok aus, da wurden nur Cookies und von OTL isolierte Objekte gefunden, die können alle weg.
Cookies sind keine Schädlinge direkt, aber es besteht die Gefahr der missbräuchlichen Verwendung (eindeutige Wiedererkennung zB für gezielte Werbung o.ä. => HTTP-Cookie )

Wegen Cookies und anderer Dinge im Web: Um die Pest von vornherein zu blocken (also TrackingCookies, Werbebanner etc.) müsstest du dir mal sowas wie MVPS Hosts File anschauen => Blocking Unwanted Parasites with a Hosts File - sinnvollerweise solltest du alle 4 Wochen mal bei MVPS nachsehen, ob er eine neue Hosts Datei herausgebracht hat.

Ansonsten gibt es noch gute Cookiemanager, Erweiterungen für den Firefox zB wäre da CookieCuller
Wenn du aber damit leben kannst, dich bei jeder Browsersession überall neu einzuloggen (zB Facebook, Ebay, GMX, oder auch Trojaner-Board) dann stell den Browser einfach so ein, dass einfach alles beim Beenden des Browser inkl. Cookies gelöscht wird.

Ist dein System nun wieder in Ordnung oder gibt's noch andere Funde oder Probleme?

turambar · 29.10.2012, 13:53

Das Rechner funktioniert wieder, keine Fehler, alles läuft wieder wie geschmiert

Vielen Dank für die Hilfe und den damit verbundenen Zeitaufwand!

cosinus · 29.10.2012, 14:27

Dann wären wir durch!

Die Programme, die hier zum Einsatz kamen, können alle wieder runter. Mit Hilfe von OTL kannst du auch viele Tools entfernen:

Starte bitte OTL und klicke auf Bereinigung.
Dies wird die meisten Tools entfernen, die wir zur Bereinigung benötigt haben. Sollte etwas bestehen bleiben, bitte mit Rechtsklick --> Löschen entfernen.

Malwarebytes zu behalten ist zu empfehlen. Kannst ja 1x im Monat damit einen Scan machen, aber immer vorher ans Update denken.

Es empfiehlt sich auf jeden Fall nach der beseitigten Infektion auch möglichst alle Passwörter zu ändern.

Abschließend ein ganz wichtiger Punkt: Absicherung des Rechners, aktualisieren der Programme siehe http://www.trojaner-board.de/96344-a...tml#post627442

28.10.2012, 12:06	#22
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	"Webseite kann nicht angezeigt werden" bei Windows 7 Boot Sieht ok aus. Wir sollten fast durch sein. Mach bitte zur Kontrolle Scans mit Malwarebytes und SUPERAntiSpyware und poste die Logs. Denk dran beide Tools zu updaten vor dem Scan!! __________________ Logfiles bitte immer in CODE-Tags posten

"Webseite kann nicht angezeigt werden" bei Windows 7 Boot

Plagegeister aller Art und deren Bekämpfung: "Webseite kann nicht angezeigt werden" bei Windows 7 Boot