Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: AOL Mailadresse verschickt Spam

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 20.05.2013, 22:08   #16
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
AOL Mailadresse verschickt Spam - Standard

AOL Mailadresse verschickt Spam



aswMBR

Downloade dir bitte aswMBR.exe und speichere die Datei auf deinem Desktop.
  • Starte die aswMBR.exe - (aswMBR.exe Anleitung)
    Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten".
  • Das Tool wird dich fragen, ob Du mit der aktuellen Virendefinition von AVAST! dein System scannen willst. Beantworte diese Frage bitte mit Ja. (Sollte deine Firewall fragen, bitte den Zugriff auf das Internet zulassen )
    Der Download der Definitionen kann je nach Verbindung eine Weile dauern.
  • Klicke auf Scan.
  • Warte bitte bis Scan finished successfully im DOS-Fenster steht.
  • Drücke auf Save Log und speichere diese auf dem Desktop.
Poste mir die aswMBR.txt in deiner nächsten Antwort.

Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung

Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none).




TDSS-Killer

Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 21.05.2013, 21:41   #17
Angi23
 
AOL Mailadresse verschickt Spam - Standard

AOL Mailadresse verschickt Spam



Der Scan von aswmbr ist leider abgebrochen, soll ich es jetzt mit der Einstellung none versuchen?
__________________


Alt 21.05.2013, 22:05   #18
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
AOL Mailadresse verschickt Spam - Standard

AOL Mailadresse verschickt Spam



Ja so stehts in der Anleitung
__________________
__________________

Alt 22.05.2013, 20:39   #19
Angi23
 
AOL Mailadresse verschickt Spam - Standard

AOL Mailadresse verschickt Spam



Hallo,

der logfile von aswmbr ist:

Code:
ATTFilter
aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2013-05-22 21:23:32
-----------------------------
21:23:32.220    OS Version: Windows 6.1.7601 Service Pack 1
21:23:32.220    Number of processors: 2 586 0xF06
21:23:32.235    ComputerName: ANGELA-NOTEBOOK  UserName: Angela
21:23:36.619    Initialize success
21:23:51.610    AVAST engine defs: 13052101
21:24:13.216    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP1T0L0-2
21:24:13.232    Disk 0 Vendor: ST9250410ASG 0002SDM1 Size: 238475MB BusType: 11
21:24:13.326    Disk 0 MBR read successfully
21:24:13.326    Disk 0 MBR scan
21:24:13.388    Disk 0 Windows 7 default MBR code
21:24:13.404    Disk 0 Partition 1 80 (A) 07    HPFS/NTFS NTFS          100 MB offset 2048
21:24:13.435    Disk 0 Partition 2 00     07    HPFS/NTFS NTFS        99899 MB offset 206848
21:24:13.450    Disk 0 Partition 3 00     07    HPFS/NTFS NTFS       138473 MB offset 204800000
21:24:13.466    Disk 0 scanning sectors +488392704
21:24:13.575    Disk 0 scanning C:\Windows\system32\drivers
21:24:27.568    Service scanning
21:25:02.529    Modules scanning
21:25:15.290    Disk 0 trace - called modules:
21:25:15.321    ntkrnlpa.exe CLASSPNP.SYS disk.sys ataport.SYS halmacpi.dll PCIIDEX.SYS msahci.sys 
21:25:15.321    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8556f948]
21:25:15.321    3 CLASSPNP.SYS[8798059e] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP1T0L0-2[0x85480030]
21:25:15.337    Scan finished successfully
21:25:40.921    Disk 0 MBR has been saved successfully to "C:\Users\Angela\Desktop\MBR.dat"
21:25:40.936    The log file has been saved successfully to "C:\Users\Angela\Desktop\aswMBR.txt"
         
und der von tdss killer:

Code:
ATTFilter
21:32:09.0045 5180  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
21:32:11.0104 5180  ============================================================
21:32:11.0104 5180  Current date / time: 2013/05/22 21:32:11.0104
21:32:11.0104 5180  SystemInfo:
21:32:11.0104 5180  
21:32:11.0104 5180  OS Version: 6.1.7601 ServicePack: 1.0
21:32:11.0104 5180  Product type: Workstation
21:32:11.0104 5180  ComputerName: ANGELA-NOTEBOOK
21:32:11.0104 5180  UserName: Angela
21:32:11.0104 5180  Windows directory: C:\Windows
21:32:11.0104 5180  System windows directory: C:\Windows
21:32:11.0104 5180  Processor architecture: Intel x86
21:32:11.0104 5180  Number of processors: 2
21:32:11.0104 5180  Page size: 0x1000
21:32:11.0104 5180  Boot type: Normal boot
21:32:11.0104 5180  ============================================================
21:32:21.0088 5180  Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x7E2D, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000050
21:32:21.0977 5180  ============================================================
21:32:21.0977 5180  \Device\Harddisk0\DR0:
21:32:22.0913 5180  MBR partitions:
21:32:22.0913 5180  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
21:32:22.0913 5180  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xC31D800
21:32:22.0913 5180  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0xC350000, BlocksNum 0x10E74800
21:32:22.0913 5180  ============================================================
21:32:23.0803 5180  C: <-> \Device\Harddisk0\DR0\Partition2
21:32:24.0115 5180  E: <-> \Device\Harddisk0\DR0\Partition3
21:32:24.0957 5180  ============================================================
21:32:24.0957 5180  Initialize success
21:32:24.0957 5180  ============================================================
21:35:11.0503 3664  ============================================================
21:35:11.0503 3664  Scan started
21:35:11.0503 3664  Mode: Manual; SigCheck; TDLFS; 
21:35:11.0503 3664  ============================================================
21:35:15.0403 3664  ================ Scan system memory ========================
21:35:15.0403 3664  System memory - ok
21:35:15.0403 3664  ================ Scan services =============================
21:35:15.0575 3664  [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
21:35:16.0089 3664  1394ohci - ok
21:35:16.0152 3664  [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
21:35:16.0167 3664  ACPI - ok
21:35:16.0230 3664  [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
21:35:16.0370 3664  AcpiPmi - ok
21:35:16.0417 3664  [ 45D8E2A2D8B9F33C32A7ADB6900C6E04 ] acsock          C:\Windows\system32\DRIVERS\acsock.sys
21:35:16.0495 3664  acsock - ok
21:35:16.0542 3664  [ 4897455C9EA1D28E4E0980DA497C316D ] ADIHdAudAddService C:\Windows\system32\drivers\ADIHdAud.sys
21:35:16.0651 3664  ADIHdAudAddService - ok
21:35:16.0729 3664  [ 8B46D5A1D3EF08232C04D0EAFB871FB2 ] Adobe LM Service C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
21:35:16.0776 3664  Adobe LM Service ( UnsignedFile.Multi.Generic ) - warning
21:35:16.0776 3664  Adobe LM Service - detected UnsignedFile.Multi.Generic (1)
21:35:16.0901 3664  [ 41D15EAD554396BF35B7C5246AD47A28 ] Adobe Version Cue CS2 c:\Program Files\Adobe\Adobe Version Cue CS2\bin\VersionCueCS2.exe
21:35:16.0932 3664  Adobe Version Cue CS2 ( UnsignedFile.Multi.Generic ) - warning
21:35:16.0932 3664  Adobe Version Cue CS2 - detected UnsignedFile.Multi.Generic (1)
21:35:17.0025 3664  [ ADDA5E1951B90D3D23C56D3CF0622ADC ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
21:35:17.0057 3664  AdobeARMservice - ok
21:35:17.0135 3664  [ F040037B149FD0F5A5044AE563390FA7 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
21:35:17.0181 3664  AdobeFlashPlayerUpdateSvc - ok
21:35:17.0228 3664  [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
21:35:17.0275 3664  adp94xx - ok
21:35:17.0291 3664  [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
21:35:17.0306 3664  adpahci - ok
21:35:17.0322 3664  [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
21:35:17.0337 3664  adpu320 - ok
21:35:17.0369 3664  [ 12D23758621B00B8D3134095EC3325FD ] AEADIFilters    C:\Windows\system32\AEADISRV.EXE
21:35:17.0400 3664  AEADIFilters - ok
21:35:17.0431 3664  [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
21:35:17.0587 3664  AeLookupSvc - ok
21:35:17.0634 3664  [ 9EBBBA55060F786F0FCAA3893BFA2806 ] AFD             C:\Windows\system32\drivers\afd.sys
21:35:17.0759 3664  AFD - ok
21:35:17.0821 3664  [ 7E10E3BB9B258AD8A9300F91214D67B9 ] AgereSoftModem  C:\Windows\system32\DRIVERS\AGRSM.sys
21:35:17.0993 3664  AgereSoftModem - ok
21:35:18.0024 3664  [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440          C:\Windows\system32\drivers\agp440.sys
21:35:18.0039 3664  agp440 - ok
21:35:18.0086 3664  [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx         C:\Windows\system32\DRIVERS\djsvs.sys
21:35:18.0149 3664  aic78xx - ok
21:35:18.0180 3664  [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG             C:\Windows\System32\alg.exe
21:35:18.0258 3664  ALG - ok
21:35:18.0289 3664  [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide          C:\Windows\system32\drivers\aliide.sys
21:35:18.0305 3664  aliide - ok
21:35:18.0336 3664  [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp          C:\Windows\system32\drivers\amdagp.sys
21:35:18.0351 3664  amdagp - ok
21:35:18.0383 3664  [ CD5914170297126B6266860198D1D4F0 ] amdide          C:\Windows\system32\drivers\amdide.sys
21:35:18.0414 3664  amdide - ok
21:35:18.0461 3664  [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
21:35:18.0554 3664  AmdK8 - ok
21:35:18.0570 3664  [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
21:35:18.0663 3664  AmdPPM - ok
21:35:18.0695 3664  [ D320BF87125326F996D4904FE24300FC ] amdsata         C:\Windows\system32\drivers\amdsata.sys
21:35:18.0710 3664  amdsata - ok
21:35:18.0726 3664  [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
21:35:18.0757 3664  amdsbs - ok
21:35:18.0773 3664  [ 46387FB17B086D16DEA267D5BE23A2F2 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
21:35:18.0804 3664  amdxata - ok
21:35:18.0851 3664  [ AEA177F783E20150ACE5383EE368DA19 ] AppID           C:\Windows\system32\drivers\appid.sys
21:35:19.0022 3664  AppID - ok
21:35:19.0038 3664  [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
21:35:19.0100 3664  AppIDSvc - ok
21:35:19.0147 3664  [ EACFDF31921F51C097629F1F3C9129B4 ] Appinfo         C:\Windows\System32\appinfo.dll
21:35:19.0241 3664  Appinfo - ok
21:35:19.0334 3664  [ 4FE5C6D40664AE07BE5105874357D2ED ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
21:35:19.0381 3664  Apple Mobile Device - ok
21:35:19.0428 3664  [ A45D184DF6A8803DA13A0B329517A64A ] AppMgmt         C:\Windows\System32\appmgmts.dll
21:35:19.0521 3664  AppMgmt - ok
21:35:19.0568 3664  [ 2932004F49677BD84DBC72EDB754FFB3 ] arc             C:\Windows\system32\DRIVERS\arc.sys
21:35:19.0584 3664  arc - ok
21:35:19.0599 3664  [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
21:35:19.0631 3664  arcsas - ok
21:35:19.0646 3664  [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
21:35:19.0771 3664  AsyncMac - ok
21:35:19.0802 3664  [ 338C86357871C167A96AB976519BF59E ] atapi           C:\Windows\system32\drivers\atapi.sys
21:35:19.0818 3664  atapi - ok
21:35:19.0865 3664  [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
21:35:19.0943 3664  AudioEndpointBuilder - ok
21:35:19.0958 3664  [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv        C:\Windows\System32\Audiosrv.dll
21:35:20.0021 3664  Audiosrv - ok
21:35:20.0083 3664  [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV        C:\Windows\System32\AxInstSV.dll
21:35:20.0348 3664  AxInstSV - ok
21:35:20.0489 3664  [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbdx.sys
21:35:20.0691 3664  b06bdrv - ok
21:35:20.0738 3664  [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x        C:\Windows\system32\DRIVERS\b57nd60x.sys
21:35:20.0785 3664  b57nd60x - ok
21:35:20.0894 3664  [ 4AA81E69A0A99035392880DBC953B1A1 ] BBSvc           C:\Program Files\Microsoft\BingBar\7.2.233.0\BBSvc.exe
21:35:20.0941 3664  BBSvc - ok
21:35:20.0988 3664  [ 49CBA45AB82D25A6FFC4ECB3307BC9E7 ] BBUpdate        C:\Program Files\Microsoft\BingBar\7.2.233.0\SeaPort.exe
21:35:21.0050 3664  BBUpdate - ok
21:35:21.0081 3664  [ 82DD21BFA8BBE0A3A3833A1BD8E86158 ] bcm4sbxp        C:\Windows\system32\DRIVERS\bcm4sbxp.sys
21:35:21.0113 3664  bcm4sbxp - ok
21:35:21.0144 3664  [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC          C:\Windows\System32\bdesvc.dll
21:35:21.0269 3664  BDESVC - ok
21:35:21.0300 3664  [ 505506526A9D467307B3C393DEDAF858 ] Beep            C:\Windows\system32\drivers\Beep.sys
21:35:21.0347 3664  Beep - ok
21:35:21.0409 3664  [ 1E2BAC209D184BB851E1A187D8A29136 ] BFE             C:\Windows\System32\bfe.dll
21:35:21.0518 3664  BFE - ok
21:35:21.0674 3664  [ 89BF5550E4FC31E3FE728E68C558BF10 ] BHDrvx86        C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.0.36\Definitions\BASHDefs\20130515.001\BHDrvx86.sys
21:35:21.0752 3664  BHDrvx86 - ok
21:35:21.0815 3664  [ E585445D5021971FAE10393F0F1C3961 ] BITS            C:\Windows\system32\qmgr.dll
21:35:21.0908 3664  BITS - ok
21:35:21.0939 3664  [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
21:35:22.0002 3664  blbdrive - ok
21:35:22.0111 3664  [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
21:35:22.0142 3664  Bonjour Service - ok
21:35:22.0173 3664  [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
21:35:22.0251 3664  bowser - ok
21:35:22.0283 3664  [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
21:35:22.0345 3664  BrFiltLo - ok
21:35:22.0361 3664  [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
21:35:22.0423 3664  BrFiltUp - ok
21:35:22.0470 3664  [ 77361D72A04F18809D0EFB6CCEB74D4B ] BridgeMP        C:\Windows\system32\DRIVERS\bridge.sys
21:35:22.0548 3664  BridgeMP - ok
21:35:22.0579 3664  [ 3DAA727B5B0A45039B0E1C9A211B8400 ] Browser         C:\Windows\System32\browser.dll
21:35:22.0704 3664  Browser - ok
21:35:22.0719 3664  [ 845B8CE732E67F3B4133164868C666EA ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
21:35:22.0766 3664  Brserid - ok
21:35:22.0782 3664  [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
21:35:22.0797 3664  BrSerWdm - ok
21:35:22.0813 3664  [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
21:35:22.0844 3664  BrUsbMdm - ok
21:35:22.0860 3664  [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
21:35:22.0891 3664  BrUsbSer - ok
21:35:22.0953 3664  [ EA7E57F87D6FEE5FD6C5F813C04E8CD2 ] BrYNSvc         C:\Program Files\Browny02\BrYNSvc.exe
21:35:22.0985 3664  BrYNSvc ( UnsignedFile.Multi.Generic ) - warning
21:35:22.0985 3664  BrYNSvc - detected UnsignedFile.Multi.Generic (1)
21:35:23.0047 3664  [ 2865A5C8E98C70C605F417908CEBB3A4 ] BthEnum         C:\Windows\system32\drivers\BthEnum.sys
21:35:23.0250 3664  BthEnum - ok
21:35:23.0281 3664  [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
21:35:23.0312 3664  BTHMODEM - ok
21:35:23.0343 3664  [ AD1872E5829E8A2C3B5B4B641C3EAB0E ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
21:35:23.0359 3664  BthPan - ok
21:35:23.0406 3664  [ 1153DE2E4F5941E10C399CB5592F78A1 ] BTHPORT         C:\Windows\System32\Drivers\BTHport.sys
21:35:23.0484 3664  BTHPORT - ok
21:35:23.0515 3664  [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv         C:\Windows\system32\bthserv.dll
21:35:23.0562 3664  bthserv - ok
21:35:23.0577 3664  [ C81E9413A25A439F436B1D4B6A0CF9E9 ] BTHUSB          C:\Windows\System32\Drivers\BTHUSB.sys
21:35:23.0609 3664  BTHUSB - ok
21:35:23.0687 3664  catchme - ok
21:35:23.0780 3664  [ 1277AD8F053CC60C17CAFAB411F3CF40 ] ccSet_N360      C:\Windows\system32\drivers\N360\1403010.016\ccSetx86.sys
21:35:23.0827 3664  ccSet_N360 - ok
21:35:23.0874 3664  [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
21:35:23.0967 3664  cdfs - ok
21:35:24.0061 3664  [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom           C:\Windows\system32\drivers\cdrom.sys
21:35:24.0139 3664  cdrom - ok
21:35:24.0279 3664  [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc     C:\Windows\System32\certprop.dll
21:35:24.0357 3664  CertPropSvc - ok
21:35:24.0389 3664  [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
21:35:24.0420 3664  circlass - ok
21:35:24.0451 3664  [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS            C:\Windows\system32\CLFS.sys
21:35:24.0482 3664  CLFS - ok
21:35:24.0560 3664  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:35:24.0591 3664  clr_optimization_v2.0.50727_32 - ok
21:35:24.0669 3664  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
21:35:24.0763 3664  clr_optimization_v4.0.30319_32 - ok
21:35:24.0810 3664  [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
21:35:24.0825 3664  CmBatt - ok
21:35:24.0841 3664  [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide          C:\Windows\system32\drivers\cmdide.sys
21:35:24.0857 3664  cmdide - ok
21:35:24.0903 3664  [ 247B4CE2DAB1160CD422D532D5241E1F ] CNG             C:\Windows\system32\Drivers\cng.sys
21:35:24.0950 3664  CNG - ok
21:35:24.0981 3664  [ A6023D3823C37043986713F118A89BEE ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
21:35:25.0013 3664  Compbatt - ok
21:35:25.0075 3664  [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
21:35:25.0106 3664  CompositeBus - ok
21:35:25.0122 3664  COMSysApp - ok
21:35:25.0153 3664  [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
21:35:25.0169 3664  crcdisk - ok
21:35:25.0215 3664  [ 96C0E38905CFD788313BE8E11DAE3F2F ] CryptSvc        C:\Windows\system32\cryptsvc.dll
21:35:25.0325 3664  CryptSvc - ok
21:35:25.0371 3664  [ 3C2177A897B4CA2788C6FB0C3FD81D4B ] CSC             C:\Windows\system32\drivers\csc.sys
21:35:25.0449 3664  CSC - ok
21:35:25.0512 3664  [ 15F93B37F6801943360D9EB42485D5D3 ] CscService      C:\Windows\System32\cscsvc.dll
21:35:25.0683 3664  CscService - ok
21:35:25.0715 3664  [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch      C:\Windows\system32\rpcss.dll
21:35:25.0761 3664  DcomLaunch - ok
21:35:25.0793 3664  [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc       C:\Windows\System32\defragsvc.dll
21:35:25.0839 3664  defragsvc - ok
21:35:25.0886 3664  [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
21:35:25.0917 3664  DfsC - ok
21:35:25.0980 3664  [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp            C:\Windows\system32\dhcpcore.dll
21:35:26.0042 3664  Dhcp - ok
21:35:26.0073 3664  [ 1A050B0274BFB3890703D490F330C0DA ] discache        C:\Windows\system32\drivers\discache.sys
21:35:26.0120 3664  discache - ok
21:35:26.0136 3664  [ 565003F326F99802E68CA78F2A68E9FF ] Disk            C:\Windows\system32\DRIVERS\disk.sys
21:35:26.0151 3664  Disk - ok
21:35:26.0183 3664  [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
21:35:26.0276 3664  Dnscache - ok
21:35:26.0323 3664  [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc         C:\Windows\System32\dot3svc.dll
21:35:26.0370 3664  dot3svc - ok
21:35:26.0401 3664  [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS             C:\Windows\system32\dps.dll
21:35:26.0448 3664  DPS - ok
21:35:26.0479 3664  [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
21:35:26.0510 3664  drmkaud - ok
21:35:26.0541 3664  [ 16498EBC04AE9DD07049A8884B205C05 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
21:35:26.0604 3664  DXGKrnl - ok
21:35:26.0635 3664  [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost         C:\Windows\System32\eapsvc.dll
21:35:26.0682 3664  EapHost - ok
21:35:26.0791 3664  [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv           C:\Windows\system32\DRIVERS\evbdx.sys
21:35:26.0947 3664  ebdrv - ok
21:35:27.0134 3664  [ 85B8B4032A895A746D46A288A9B30DED ] eeCtrl          C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
21:35:27.0197 3664  eeCtrl - ok
21:35:27.0243 3664  [ 81951F51E318AECC2D68559E47485CC4 ] EFS             C:\Windows\System32\lsass.exe
21:35:27.0337 3664  EFS - ok
21:35:27.0415 3664  [ A8C362018EFC87BEB013EE28F29C0863 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
21:35:27.0540 3664  ehRecvr - ok
21:35:27.0587 3664  [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched         C:\Windows\ehome\ehsched.exe
21:35:27.0633 3664  ehSched - ok
21:35:27.0680 3664  [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
21:35:27.0711 3664  elxstor - ok
21:35:27.0774 3664  [ B5A8A04A6E5B4E86B95B1553AA918F5F ] EraserUtilRebootDrv C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
21:35:27.0789 3664  EraserUtilRebootDrv - ok
21:35:27.0821 3664  [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
21:35:27.0867 3664  ErrDev - ok
21:35:27.0930 3664  [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem     C:\Windows\system32\es.dll
21:35:27.0992 3664  EventSystem - ok
21:35:28.0008 3664  [ 2DC9108D74081149CC8B651D3A26207F ] exfat           C:\Windows\system32\drivers\exfat.sys
21:35:28.0070 3664  exfat - ok
21:35:28.0086 3664  [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
21:35:28.0133 3664  fastfat - ok
21:35:28.0179 3664  [ 967EA5B213E9984CBE270205DF37755B ] Fax             C:\Windows\system32\fxssvc.exe
21:35:28.0289 3664  Fax - ok
21:35:28.0304 3664  [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
21:35:28.0320 3664  fdc - ok
21:35:28.0351 3664  [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost         C:\Windows\system32\fdPHost.dll
21:35:28.0413 3664  fdPHost - ok
21:35:28.0445 3664  [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub        C:\Windows\system32\fdrespub.dll
21:35:28.0491 3664  FDResPub - ok
21:35:28.0523 3664  [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
21:35:28.0554 3664  FileInfo - ok
21:35:28.0554 3664  [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
21:35:28.0601 3664  Filetrace - ok
21:35:28.0616 3664  [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
21:35:28.0647 3664  flpydisk - ok
21:35:28.0679 3664  [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
21:35:28.0694 3664  FltMgr - ok
21:35:28.0757 3664  [ E12C4928B32ACE04610259647F072635 ] FontCache       C:\Windows\system32\FntCache.dll
21:35:28.0866 3664  FontCache - ok
21:35:28.0928 3664  [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
21:35:28.0975 3664  FontCache3.0.0.0 - ok
21:35:28.0991 3664  [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
21:35:29.0022 3664  FsDepends - ok
21:35:29.0147 3664  [ B74B0578FD1D3F897E95F2A2B69EA051 ] fssfltr         C:\Windows\system32\DRIVERS\fssfltr.sys
21:35:29.0209 3664  fssfltr - ok
21:35:29.0256 3664  [ 206AD9A89BF05DFA1621F1FC7B82592D ] fsssvc          C:\Program Files\Windows Live\Family Safety\fsssvc.exe
21:35:29.0318 3664  fsssvc - ok
21:35:29.0349 3664  [ 7DAE5EBCC80E45D3253F4923DC424D05 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
21:35:29.0381 3664  Fs_Rec - ok
21:35:29.0427 3664  [ E306A24D9694C724FA2491278BF50FDB ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
21:35:29.0459 3664  fvevol - ok
21:35:29.0490 3664  [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
21:35:29.0505 3664  gagp30kx - ok
21:35:29.0568 3664  [ 185ADA973B5020655CEE342059A86CBB ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
21:35:29.0583 3664  GEARAspiWDM - ok
21:35:29.0615 3664  [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc           C:\Windows\System32\gpsvc.dll
21:35:29.0677 3664  gpsvc - ok
21:35:29.0802 3664  [ 626A24ED1228580B9518C01930936DF9 ] gupdate1cacd1cfe6f03d8 C:\Program Files\Google\Update\GoogleUpdate.exe
21:35:29.0817 3664  gupdate1cacd1cfe6f03d8 - ok
21:35:29.0849 3664  [ 626A24ED1228580B9518C01930936DF9 ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe
21:35:29.0864 3664  gupdatem - ok
21:35:29.0911 3664  [ C1B577B2169900F4CF7190C39F085794 ] gusvc           C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
21:35:29.0942 3664  gusvc - ok
21:35:29.0958 3664  [ 7DAD592A4D28092D584CFB4DEEF1373D ] HBtnKey         C:\Windows\system32\DRIVERS\cpqbttn.sys
21:35:29.0989 3664  HBtnKey - ok
21:35:30.0005 3664  [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
21:35:30.0192 3664  hcw85cir - ok
21:35:30.0270 3664  [ A5EF29D5315111C80A5C1ABAD14C8972 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
21:35:30.0332 3664  HdAudAddService - ok
21:35:30.0363 3664  [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
21:35:30.0410 3664  HDAudBus - ok
21:35:30.0426 3664  [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
21:35:30.0441 3664  HidBatt - ok
21:35:30.0473 3664  [ 89448F40E6DF260C206A193A4683BA78 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
21:35:30.0504 3664  HidBth - ok
21:35:30.0535 3664  [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
21:35:30.0582 3664  HidIr - ok
21:35:30.0613 3664  [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv         C:\Windows\System32\hidserv.dll
21:35:30.0644 3664  hidserv - ok
21:35:30.0691 3664  [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb          C:\Windows\system32\drivers\hidusb.sys
21:35:30.0722 3664  HidUsb - ok
21:35:30.0753 3664  [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc          C:\Windows\system32\kmsvc.dll
21:35:30.0800 3664  hkmsvc - ok
21:35:30.0831 3664  [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
21:35:30.0941 3664  HomeGroupListener - ok
21:35:30.0972 3664  [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
21:35:31.0019 3664  HomeGroupProvider - ok
21:35:31.0081 3664  [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
21:35:31.0097 3664  HpSAMD - ok
21:35:31.0128 3664  [ 950CC1E6AE3A6CD23E0945CDE089B02C ] HTCAND32        C:\Windows\system32\Drivers\ANDROIDUSB.sys
21:35:31.0190 3664  HTCAND32 - ok
21:35:31.0221 3664  [ 339ADEFAD60353F960E3CA67CE468C24 ] htcnprot        C:\Windows\system32\DRIVERS\htcnprot.sys
21:35:31.0253 3664  htcnprot - ok
21:35:31.0284 3664  [ 871917B07A141BFF43D76D8844D48106 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
21:35:31.0331 3664  HTTP - ok
21:35:31.0346 3664  [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
21:35:31.0362 3664  hwpolicy - ok
21:35:31.0377 3664  [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
21:35:31.0424 3664  i8042prt - ok
21:35:31.0440 3664  [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
21:35:31.0487 3664  iaStorV - ok
21:35:31.0533 3664  [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
21:35:31.0596 3664  idsvc - ok
21:35:31.0705 3664  [ 404FB2AAF532BC7BBACC8880BE401C74 ] IDSVix86        C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.0.36\Definitions\IPSDefs\20130521.001\IDSvix86.sys
21:35:31.0783 3664  IDSVix86 - ok
21:35:31.0923 3664  [ 9467514EA189475A6E7FDC5D7BDE9D3F ] igfx            C:\Windows\system32\DRIVERS\igdkmd32.sys
21:35:32.0142 3664  igfx - ok
21:35:32.0189 3664  [ 4173FF5708F3236CF25195FECD742915 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
21:35:32.0204 3664  iirsp - ok
21:35:32.0251 3664  [ F95622F161474511B8D80D6B093AA610 ] IKEEXT          C:\Windows\System32\ikeext.dll
21:35:32.0329 3664  IKEEXT - ok
21:35:32.0360 3664  [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide        C:\Windows\system32\drivers\intelide.sys
21:35:32.0391 3664  intelide - ok
21:35:32.0423 3664  [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
21:35:32.0438 3664  intelppm - ok
21:35:32.0469 3664  [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
21:35:32.0532 3664  IPBusEnum - ok
21:35:32.0547 3664  [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:35:32.0594 3664  IpFilterDriver - ok
21:35:32.0657 3664  [ 58F67245D041FBE7AF88F4EAF79DF0FA ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
21:35:32.0828 3664  iphlpsvc - ok
21:35:32.0906 3664  [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
21:35:32.0969 3664  IPMIDRV - ok
21:35:32.0984 3664  [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
21:35:33.0031 3664  IPNAT - ok
21:35:33.0078 3664  [ E46B17060D3962A384AE484094614788 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
21:35:33.0109 3664  iPod Service - ok
21:35:33.0140 3664  [ 42996CFF20A3084A56017B7902307E9F ] IRENUM          C:\Windows\system32\drivers\irenum.sys
21:35:33.0218 3664  IRENUM - ok
21:35:33.0218 3664  [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
21:35:33.0249 3664  isapnp - ok
21:35:33.0281 3664  [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
21:35:33.0296 3664  iScsiPrt - ok
21:35:33.0327 3664  [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass        C:\Windows\system32\drivers\kbdclass.sys
21:35:33.0359 3664  kbdclass - ok
21:35:33.0390 3664  [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
21:35:33.0421 3664  kbdhid - ok
21:35:33.0437 3664  [ 81951F51E318AECC2D68559E47485CC4 ] KeyIso          C:\Windows\system32\lsass.exe
21:35:33.0452 3664  KeyIso - ok
21:35:33.0499 3664  [ B7895B4182C0D16F6EFADEB8081E8D36 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
21:35:33.0546 3664  KSecDD - ok
21:35:33.0561 3664  [ D30159AC9237519FBC62C6EC247D2D46 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
21:35:33.0577 3664  KSecPkg - ok
21:35:33.0967 3664  [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm           C:\Windows\system32\msdtckrm.dll
21:35:34.0045 3664  KtmRm - ok
21:35:34.0076 3664  [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer    C:\Windows\System32\srvsvc.dll
21:35:34.0139 3664  LanmanServer - ok
21:35:34.0154 3664  [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
21:35:34.0217 3664  LanmanWorkstation - ok
21:35:34.0248 3664  [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
21:35:34.0295 3664  lltdio - ok
21:35:34.0341 3664  [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
21:35:34.0373 3664  lltdsvc - ok
21:35:34.0388 3664  [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts         C:\Windows\System32\lmhsvc.dll
21:35:34.0435 3664  lmhosts - ok
21:35:34.0466 3664  [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
21:35:34.0482 3664  LSI_FC - ok
21:35:34.0513 3664  [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
21:35:34.0529 3664  LSI_SAS - ok
21:35:34.0529 3664  [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
21:35:34.0560 3664  LSI_SAS2 - ok
21:35:34.0575 3664  [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
21:35:34.0591 3664  LSI_SCSI - ok
21:35:34.0607 3664  [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv           C:\Windows\system32\drivers\luafv.sys
21:35:34.0653 3664  luafv - ok
21:35:34.0700 3664  [ BFB9EE8EE977EFE85D1A3105ABEF6DD1 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
21:35:34.0731 3664  Mcx2Svc - ok
21:35:34.0825 3664  [ 7CF1B716372B89568AE4C0FE769F5869 ] MDM             C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
21:35:34.0887 3664  MDM ( UnsignedFile.Multi.Generic ) - warning
21:35:34.0887 3664  MDM - detected UnsignedFile.Multi.Generic (1)
21:35:34.0903 3664  [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
21:35:34.0934 3664  megasas - ok
21:35:34.0950 3664  [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
21:35:34.0981 3664  MegaSR - ok
21:35:35.0075 3664  Microsoft SharePoint Workspace Audit Service - ok
21:35:35.0106 3664  [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS           C:\Windows\system32\mmcss.dll
21:35:35.0199 3664  MMCSS - ok
21:35:35.0215 3664  [ F001861E5700EE84E2D4E52C712F4964 ] Modem           C:\Windows\system32\drivers\modem.sys
21:35:35.0262 3664  Modem - ok
21:35:35.0293 3664  [ 79D10964DE86B292320E9DFE02282A23 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
21:35:35.0324 3664  monitor - ok
21:35:35.0355 3664  [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass        C:\Windows\system32\drivers\mouclass.sys
21:35:35.0418 3664  mouclass - ok
21:35:35.0433 3664  [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
21:35:35.0480 3664  mouhid - ok
21:35:35.0511 3664  [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
21:35:35.0527 3664  mountmgr - ok
21:35:35.0683 3664  [ 825BF0E46B4470A463AEB641480C5FCA ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
21:35:35.0761 3664  MozillaMaintenance - ok
21:35:35.0855 3664  [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio            C:\Windows\system32\drivers\mpio.sys
21:35:35.0948 3664  mpio - ok
21:35:35.0995 3664  [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
21:35:36.0120 3664  mpsdrv - ok
21:35:36.0167 3664  [ 9835584E999D25004E1EE8E5F3E3B881 ] MpsSvc          C:\Windows\system32\mpssvc.dll
21:35:36.0245 3664  MpsSvc - ok
21:35:36.0276 3664  [ CEB46AB7C01C9F825F8CC6BABC18166A ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
21:35:36.0307 3664  MRxDAV - ok
21:35:36.0338 3664  [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
21:35:36.0447 3664  mrxsmb - ok
21:35:36.0463 3664  [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:35:36.0510 3664  mrxsmb10 - ok
21:35:36.0557 3664  [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:35:36.0603 3664  mrxsmb20 - ok
21:35:36.0635 3664  [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci          C:\Windows\system32\drivers\msahci.sys
21:35:36.0666 3664  msahci - ok
21:35:36.0681 3664  [ 55055F8AD8BE27A64C831322A780A228 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
21:35:36.0697 3664  msdsm - ok
21:35:36.0713 3664  [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC           C:\Windows\System32\msdtc.exe
21:35:36.0759 3664  MSDTC - ok
21:35:36.0791 3664  [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs            C:\Windows\system32\drivers\Msfs.sys
21:35:36.0837 3664  Msfs - ok
21:35:36.0853 3664  [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
21:35:36.0900 3664  mshidkmdf - ok
21:35:36.0931 3664  [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
21:35:36.0947 3664  msisadrv - ok
21:35:36.0978 3664  [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
21:35:37.0009 3664  MSiSCSI - ok
21:35:37.0025 3664  msiserver - ok
21:35:37.0056 3664  [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
21:35:37.0087 3664  MSKSSRV - ok
21:35:37.0103 3664  [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
21:35:37.0149 3664  MSPCLOCK - ok
21:35:37.0165 3664  [ F456E973590D663B1073E9C463B40932 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
21:35:37.0212 3664  MSPQM - ok
21:35:37.0227 3664  [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
21:35:37.0243 3664  MsRPC - ok
21:35:37.0259 3664  [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
21:35:37.0290 3664  mssmbios - ok
21:35:37.0305 3664  [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
21:35:37.0337 3664  MSTEE - ok
21:35:37.0352 3664  [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
21:35:37.0383 3664  MTConfig - ok
21:35:37.0399 3664  [ 159FAD02F64E6381758C990F753BCC80 ] Mup             C:\Windows\system32\Drivers\mup.sys
21:35:37.0430 3664  Mup - ok
21:35:37.0508 3664  [ 241BD3019FB31E812A51B31B06906335 ] N360            C:\Program Files\Norton 360\Engine\20.3.1.22\ccSvcHst.exe
21:35:37.0555 3664  N360 - ok
21:35:37.0586 3664  [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent        C:\Windows\system32\qagentRT.dll
21:35:37.0617 3664  napagent - ok
21:35:37.0649 3664  [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
21:35:37.0680 3664  NativeWifiP - ok
21:35:37.0742 3664  [ CE2156DF796D41614AB60E68D107D573 ] NAVENG          C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.0.36\Definitions\VirusDefs\20130522.003\NAVENG.SYS
21:35:37.0773 3664  NAVENG - ok
21:35:37.0820 3664  [ 19CEB8F4EC8C800A53D0B67E658E0367 ] NAVEX15         C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.0.36\Definitions\VirusDefs\20130522.003\NAVEX15.SYS
21:35:37.0898 3664  NAVEX15 - ok
21:35:37.0945 3664  [ 8C9C922D71F1CD4DEF73F186416B7896 ] NDIS            C:\Windows\system32\drivers\ndis.sys
21:35:37.0992 3664  NDIS - ok
21:35:38.0023 3664  [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
21:35:38.0085 3664  NdisCap - ok
21:35:38.0117 3664  [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
21:35:38.0210 3664  NdisTapi - ok
21:35:38.0304 3664  [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
21:35:38.0397 3664  Ndisuio - ok
21:35:38.0444 3664  [ 38FBE267E7E6983311179230FACB1017 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
21:35:38.0491 3664  NdisWan - ok
21:35:38.0522 3664  [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
21:35:38.0553 3664  NDProxy - ok
21:35:38.0569 3664  [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
21:35:38.0616 3664  NetBIOS - ok
21:35:38.0663 3664  [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
21:35:38.0725 3664  NetBT - ok
21:35:38.0741 3664  [ 81951F51E318AECC2D68559E47485CC4 ] Netlogon        C:\Windows\system32\lsass.exe
21:35:38.0756 3664  Netlogon - ok
21:35:38.0803 3664  [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman          C:\Windows\System32\netman.dll
21:35:38.0865 3664  Netman - ok
21:35:38.0897 3664  [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm        C:\Windows\System32\netprofm.dll
21:35:38.0928 3664  netprofm - ok
21:35:38.0959 3664  [ F476EC40033CDB91EFBE73EB99B8362D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
21:35:38.0990 3664  NetTcpPortSharing - ok
21:35:39.0084 3664  [ 58218EC6B61B1169CF54AAB0D00F5FE2 ] netw5v32        C:\Windows\system32\DRIVERS\netw5v32.sys
21:35:39.0255 3664  netw5v32 - ok
21:35:39.0333 3664  [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
21:35:39.0365 3664  nfrd960 - ok
21:35:39.0458 3664  [ 374071043F9E4231EE43BE2BB48DD36D ] NlaSvc          C:\Windows\System32\nlasvc.dll
21:35:39.0521 3664  NlaSvc - ok
21:35:39.0552 3664  [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
21:35:39.0614 3664  Npfs - ok
21:35:39.0645 3664  [ BA387E955E890C8A88306D9B8D06BF17 ] nsi             C:\Windows\system32\nsisvc.dll
21:35:39.0723 3664  nsi - ok
21:35:39.0739 3664  [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
21:35:39.0817 3664  nsiproxy - ok
21:35:39.0989 3664  [ 5E43D2B0EE64123D4880DFA6626DEFDE ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
21:35:40.0145 3664  Ntfs - ok
21:35:40.0191 3664  [ F9756A98D69098DCA8945D62858A812C ] Null            C:\Windows\system32\drivers\Null.sys
21:35:40.0254 3664  Null - ok
21:35:40.0316 3664  [ B3E25EE28883877076E0E1FF877D02E0 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
21:35:40.0347 3664  nvraid - ok
21:35:40.0379 3664  [ 4380E59A170D88C4F1022EFF6719A8A4 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
21:35:40.0394 3664  nvstor - ok
21:35:40.0425 3664  [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
21:35:40.0441 3664  nv_agp - ok
21:35:40.0488 3664  [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
21:35:40.0519 3664  ohci1394 - ok
21:35:40.0628 3664  [ DA345DE3B450E9E1691E7B9956D8FFC3 ] OMSI download service C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
21:35:40.0675 3664  OMSI download service ( UnsignedFile.Multi.Generic ) - warning
21:35:40.0675 3664  OMSI download service - detected UnsignedFile.Multi.Generic (1)
21:35:40.0722 3664  [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
21:35:40.0753 3664  ose - ok
21:35:41.0268 3664  [ 358A9CCA612C68EB2F07DDAD4CE1D8D7 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
21:35:41.0455 3664  osppsvc - ok
21:35:41.0580 3664  [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
21:35:41.0720 3664  p2pimsvc - ok
21:35:41.0783 3664  [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc          C:\Windows\system32\p2psvc.dll
21:35:41.0829 3664  p2psvc - ok
21:35:41.0876 3664  [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
21:35:41.0892 3664  Parport - ok
21:35:41.0923 3664  [ 3F34A1B4C5F6475F320C275E63AFCE9B ] partmgr         C:\Windows\system32\drivers\partmgr.sys
21:35:41.0939 3664  partmgr - ok
21:35:41.0970 3664  [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm          C:\Windows\system32\DRIVERS\parvdm.sys
21:35:42.0001 3664  Parvdm - ok
21:35:42.0063 3664  [ 5FBCC9EEEFACA3019D5BD5979618F298 ] PassThru Service C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
21:35:42.0095 3664  PassThru Service ( UnsignedFile.Multi.Generic ) - warning
21:35:42.0095 3664  PassThru Service - detected UnsignedFile.Multi.Generic (1)
21:35:42.0126 3664  [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc          C:\Windows\System32\pcasvc.dll
21:35:42.0188 3664  PcaSvc - ok
21:35:42.0204 3664  [ 673E55C3498EB970088E812EA820AA8F ] pci             C:\Windows\system32\drivers\pci.sys
21:35:42.0219 3664  pci - ok
21:35:42.0235 3664  [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide          C:\Windows\system32\drivers\pciide.sys
21:35:42.0251 3664  pciide - ok
21:35:42.0282 3664  [ F396431B31693E71E8A80687EF523506 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
21:35:42.0297 3664  pcmcia - ok
21:35:42.0313 3664  [ 250F6B43D2B613172035C6747AEEB19F ] pcw             C:\Windows\system32\drivers\pcw.sys
21:35:42.0344 3664  pcw - ok
21:35:42.0360 3664  [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
21:35:42.0422 3664  PEAUTH - ok
21:35:42.0438 3664  [ AF4D64D2A57B9772CF3801950B8058A6 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
21:35:42.0531 3664  PeerDistSvc - ok
21:35:42.0609 3664  [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla             C:\Windows\system32\pla.dll
21:35:42.0719 3664  pla - ok
21:35:42.0765 3664  [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
21:35:42.0828 3664  PlugPlay - ok
21:35:42.0843 3664  [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
21:35:42.0875 3664  PNRPAutoReg - ok
21:35:42.0906 3664  [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
21:35:42.0921 3664  PNRPsvc - ok
21:35:42.0937 3664  [ 53946B69BA0836BD95B03759530C81EC ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
21:35:43.0015 3664  PolicyAgent - ok
21:35:43.0077 3664  [ F87D30E72E03D579A5199CCB3831D6EA ] Power           C:\Windows\system32\umpo.dll
21:35:43.0124 3664  Power - ok
21:35:43.0155 3664  [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
21:35:43.0202 3664  PptpMiniport - ok
21:35:43.0233 3664  [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
21:35:43.0265 3664  Processor - ok
21:35:43.0327 3664  [ CADEFAC453040E370A1BDFF3973BE00D ] ProfSvc         C:\Windows\system32\profsvc.dll
21:35:43.0436 3664  ProfSvc - ok
21:35:43.0452 3664  [ 81951F51E318AECC2D68559E47485CC4 ] ProtectedStorage C:\Windows\system32\lsass.exe
21:35:43.0483 3664  ProtectedStorage - ok
21:35:43.0514 3664  [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
21:35:43.0561 3664  Psched - ok
21:35:43.0623 3664  [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
21:35:43.0717 3664  ql2300 - ok
21:35:43.0733 3664  [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
21:35:43.0764 3664  ql40xx - ok
21:35:43.0779 3664  [ 31AC809E7707EB580B2BDB760390765A ] QWAVE           C:\Windows\system32\qwave.dll
21:35:43.0826 3664  QWAVE - ok
21:35:43.0842 3664  [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
21:35:43.0889 3664  QWAVEdrv - ok
21:35:43.0920 3664  [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
21:35:43.0967 3664  RasAcd - ok
21:35:44.0013 3664  [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
21:35:44.0045 3664  RasAgileVpn - ok
21:35:44.0060 3664  [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto         C:\Windows\System32\rasauto.dll
21:35:44.0107 3664  RasAuto - ok
21:35:44.0123 3664  [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
21:35:44.0154 3664  Rasl2tp - ok
21:35:44.0201 3664  [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan          C:\Windows\System32\rasmans.dll
21:35:44.0247 3664  RasMan - ok
21:35:44.0279 3664  [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
21:35:44.0325 3664  RasPppoe - ok
21:35:44.0341 3664  [ 44101F495A83EA6401D886E7FD70096B ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
21:35:44.0372 3664  RasSstp - ok
21:35:44.0403 3664  [ D528BC58A489409BA40334EBF96A311B ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
21:35:44.0450 3664  rdbss - ok
21:35:44.0466 3664  [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
21:35:44.0481 3664  rdpbus - ok
21:35:44.0528 3664  [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
21:35:44.0575 3664  RDPCDD - ok
21:35:44.0606 3664  [ B973FCFC50DC1434E1970A146F7E3885 ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
21:35:44.0653 3664  RDPDR - ok
21:35:44.0684 3664  [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
21:35:44.0715 3664  RDPENCDD - ok
21:35:44.0731 3664  [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
21:35:44.0762 3664  RDPREFMP - ok
21:35:44.0825 3664  [ 68A0387F58E226DEEE23D9715955572A ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
21:35:44.0918 3664  RdpVideoMiniport - ok
21:35:44.0965 3664  [ F031683E6D1FEA157ABB2FF260B51E61 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
21:35:45.0027 3664  RDPWD - ok
21:35:45.0090 3664  [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
21:35:45.0105 3664  rdyboost - ok
21:35:45.0121 3664  [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess    C:\Windows\System32\mprdim.dll
21:35:45.0168 3664  RemoteAccess - ok
21:35:45.0215 3664  [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
21:35:45.0261 3664  RemoteRegistry - ok
21:35:45.0293 3664  [ CB928D9E6DAF51879DD6BA8D02F01321 ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
21:35:45.0339 3664  RFCOMM - ok
21:35:45.0355 3664  [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
21:35:45.0402 3664  RpcEptMapper - ok
21:35:45.0449 3664  [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator      C:\Windows\system32\locator.exe
21:35:45.0480 3664  RpcLocator - ok
21:35:45.0495 3664  [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs           C:\Windows\system32\rpcss.dll
21:35:45.0527 3664  RpcSs - ok
21:35:45.0573 3664  [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
21:35:45.0620 3664  rspndr - ok
21:35:45.0651 3664  [ 7FA7F2E249A5DCBB7970630E15E1F482 ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
21:35:45.0761 3664  s3cap - ok
21:35:45.0792 3664  [ 81951F51E318AECC2D68559E47485CC4 ] SamSs           C:\Windows\system32\lsass.exe
21:35:45.0807 3664  SamSs - ok
21:35:45.0839 3664  [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
21:35:45.0854 3664  sbp2port - ok
21:35:45.0885 3664  [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
21:35:45.0948 3664  SCardSvr - ok
21:35:45.0979 3664  [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
21:35:46.0010 3664  scfilter - ok
21:35:46.0057 3664  [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule        C:\Windows\system32\schedsvc.dll
21:35:46.0135 3664  Schedule - ok
21:35:46.0197 3664  [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc     C:\Windows\System32\certprop.dll
21:35:46.0229 3664  SCPolicySvc - ok
21:35:46.0291 3664  [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
21:35:46.0416 3664  SDRSVC - ok
21:35:46.0463 3664  [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
21:35:46.0525 3664  secdrv - ok
21:35:46.0541 3664  [ A59B3A4442C52060CC7A85293AA3546F ] seclogon        C:\Windows\system32\seclogon.dll
21:35:46.0587 3664  seclogon - ok
21:35:46.0619 3664  [ E5B56569A9F79B70314FEDE6C953641E ] seehcri         C:\Windows\system32\DRIVERS\seehcri.sys
21:35:46.0665 3664  seehcri - ok
21:35:46.0697 3664  [ DCB7FCDCC97F87360F75D77425B81737 ] SENS            C:\Windows\system32\sens.dll
21:35:46.0728 3664  SENS - ok
21:35:46.0759 3664  [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc        C:\Windows\system32\sensrsvc.dll
21:35:46.0837 3664  SensrSvc - ok
21:35:46.0853 3664  [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
21:35:46.0884 3664  Serenum - ok
21:35:46.0915 3664  [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial          C:\Windows\system32\DRIVERS\serial.sys
21:35:46.0931 3664  Serial - ok
21:35:46.0962 3664  [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
21:35:46.0977 3664  sermouse - ok
21:35:47.0024 3664  [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv      C:\Windows\system32\sessenv.dll
21:35:47.0071 3664  SessionEnv - ok
21:35:47.0087 3664  [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
21:35:47.0133 3664  sffdisk - ok
21:35:47.0149 3664  [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
21:35:47.0165 3664  sffp_mmc - ok
21:35:47.0180 3664  [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
21:35:47.0196 3664  sffp_sd - ok
21:35:47.0211 3664  [ DB96666CC8312EBC45032F30B007A547 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
21:35:47.0227 3664  sfloppy - ok
21:35:47.0258 3664  [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
21:35:47.0305 3664  SharedAccess - ok
21:35:47.0352 3664  [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
21:35:47.0430 3664  ShellHWDetection - ok
21:35:47.0461 3664  [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp          C:\Windows\system32\drivers\sisagp.sys
21:35:47.0477 3664  sisagp - ok
21:35:47.0508 3664  [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
21:35:47.0523 3664  SiSRaid2 - ok
21:35:47.0539 3664  [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
21:35:47.0570 3664  SiSRaid4 - ok
21:35:47.0633 3664  [ 3467821FD04A66C9786DF0C8C0219A73 ] SkypeUpdate     C:\Program Files\Skype\Updater\Updater.exe
21:35:47.0679 3664  SkypeUpdate - ok
21:35:47.0711 3664  [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb             C:\Windows\system32\DRIVERS\smb.sys
21:35:47.0742 3664  Smb - ok
21:35:47.0789 3664  [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
21:35:47.0804 3664  SNMPTRAP - ok
21:35:47.0820 3664  [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr           C:\Windows\system32\drivers\spldr.sys
21:35:47.0835 3664  spldr - ok
21:35:47.0882 3664  [ 9AEA093B8F9C37CF45538382CABA2475 ] Spooler         C:\Windows\System32\spoolsv.exe
21:35:48.0007 3664  Spooler - ok
21:35:48.0163 3664  [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc          C:\Windows\system32\sppsvc.exe
21:35:48.0303 3664  sppsvc - ok
21:35:48.0335 3664  [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
21:35:48.0397 3664  sppuinotify - ok
21:35:48.0491 3664  [ 0A8F71E1DB5432A5B9285111421E77EC ] SRTSP           C:\Windows\System32\Drivers\N360\1403010.016\SRTSP.SYS
21:35:48.0537 3664  SRTSP - ok
21:35:48.0569 3664  [ FE9BD381778A344F0E39AE2D5E607D7F ] SRTSPX          C:\Windows\system32\drivers\N360\1403010.016\SRTSPX.SYS
21:35:48.0584 3664  SRTSPX - ok
21:35:48.0631 3664  [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv             C:\Windows\system32\DRIVERS\srv.sys
21:35:48.0725 3664  srv - ok
21:35:48.0756 3664  [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
21:35:48.0787 3664  srv2 - ok
21:35:48.0803 3664  [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
21:35:48.0849 3664  srvnet - ok
21:35:48.0896 3664  [ D6870895FE46A464A19141440EB6CC1E ] sscdbus         C:\Windows\system32\DRIVERS\sscdbus.sys
21:35:48.0959 3664  sscdbus - ok
21:35:49.0005 3664  [ 0FE167362E4689B716CDC8D93ADEDDA8 ] sscdmdfl        C:\Windows\system32\DRIVERS\sscdmdfl.sys
21:35:49.0068 3664  sscdmdfl - ok
21:35:49.0099 3664  [ 55A15707E32B6709242AD127E62CA55A ] sscdmdm         C:\Windows\system32\DRIVERS\sscdmdm.sys
21:35:49.0161 3664  sscdmdm - ok
21:35:49.0193 3664  [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
21:35:49.0239 3664  SSDPSRV - ok
21:35:49.0255 3664  [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc         C:\Windows\system32\sstpsvc.dll
21:35:49.0286 3664  SstpSvc - ok
21:35:49.0349 3664  [ 306521935042FC0A6988D528643619B3 ] StarOpen        C:\Windows\system32\drivers\StarOpen.sys
21:35:49.0380 3664  StarOpen ( UnsignedFile.Multi.Generic ) - warning
21:35:49.0380 3664  StarOpen - detected UnsignedFile.Multi.Generic (1)
21:35:49.0411 3664  [ DB32D325C192B801DF274BFD12A7E72B ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
21:35:49.0427 3664  stexstor - ok
21:35:49.0473 3664  [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc          C:\Windows\System32\wiaservc.dll
21:35:49.0520 3664  StiSvc - ok
21:35:49.0536 3664  [ 472AF0311073DCECEAA8FA18BA2BDF89 ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
21:35:49.0551 3664  storflt - ok
21:35:49.0567 3664  [ 0BF669F0A910BEDA4A32258D363AF2A5 ] StorSvc         C:\Windows\system32\storsvc.dll
21:35:49.0645 3664  StorSvc - ok
21:35:49.0676 3664  [ DCAFFD62259E0BDB433DD67B5BB37619 ] storvsc         C:\Windows\system32\drivers\storvsc.sys
21:35:49.0707 3664  storvsc - ok
21:35:49.0723 3664  [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum          C:\Windows\system32\drivers\swenum.sys
21:35:49.0739 3664  swenum - ok
21:35:49.0754 3664  [ A28BD92DF340E57B024BA433165D34D7 ] swprv           C:\Windows\System32\swprv.dll
21:35:49.0801 3664  swprv - ok
21:35:49.0832 3664  [ 6EA77FF0CE4E839EA8B1CEA5F5B28C00 ] SymDS           C:\Windows\system32\drivers\N360\1403010.016\SYMDS.SYS
21:35:49.0879 3664  SymDS - ok
21:35:49.0926 3664  [ 1773FB2920EBB3A8BAD0360618091470 ] SymEFA          C:\Windows\system32\drivers\N360\1403010.016\SYMEFA.SYS
21:35:49.0973 3664  SymEFA - ok
21:35:50.0035 3664  [ C940F10C31E2C60CC967FFD6A370720C ] SymEvent        C:\Windows\system32\Drivers\SYMEVENT.SYS
21:35:50.0066 3664  SymEvent - ok
21:35:50.0097 3664  [ 8C9B9036E301A9965CF15BEC91C58A12 ] SymIRON         C:\Windows\system32\drivers\N360\1403010.016\Ironx86.SYS
21:35:50.0129 3664  SymIRON - ok
21:35:50.0144 3664  [ 21698476A90ACAA056B8CFE09A82785F ] SymNetS         C:\Windows\System32\Drivers\N360\1403010.016\SYMNETS.SYS
21:35:50.0160 3664  SymNetS - ok
21:35:50.0285 3664  Synth3dVsc - ok
21:35:50.0347 3664  [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain         C:\Windows\system32\sysmain.dll
21:35:50.0425 3664  SysMain - ok
21:35:50.0456 3664  [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\Windows\System32\TabSvc.dll
21:35:50.0503 3664  TabletInputService - ok
21:35:50.0534 3664  [ 613BF4820361543956909043A265C6AC ] TapiSrv         C:\Windows\System32\tapisrv.dll
21:35:50.0581 3664  TapiSrv - ok
21:35:50.0643 3664  [ B799D9FDB26111737F58288D8DC172D9 ] TBS             C:\Windows\System32\tbssvc.dll
21:35:50.0690 3664  TBS - ok
21:35:50.0846 3664  [ 7C0507D2391AF5933600CBCED799F277 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
21:35:50.0955 3664  Tcpip - ok
21:35:51.0018 3664  [ 7C0507D2391AF5933600CBCED799F277 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
21:35:51.0049 3664  TCPIP6 - ok
21:35:51.0096 3664  [ 3EEBD3BD93DA46A26E89893C7AB2FF3B ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
21:35:51.0127 3664  tcpipreg - ok
21:35:51.0158 3664  [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
21:35:51.0253 3664  TDPIPE - ok
21:35:51.0268 3664  [ 2C2C5AFE7EE4F620D69C23C0617651A8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
21:35:51.0300 3664  TDTCP - ok
21:35:51.0331 3664  [ B459575348C20E8121D6039DA063C704 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
21:35:51.0424 3664  tdx - ok
21:35:51.0456 3664  [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD          C:\Windows\system32\drivers\termdd.sys
21:35:51.0487 3664  TermDD - ok
21:35:51.0518 3664  [ 382C804C92811BE57829D8E550A900E2 ] TermService     C:\Windows\System32\termsrv.dll
21:35:51.0580 3664  TermService - ok
21:35:51.0596 3664  [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes          C:\Windows\system32\themeservice.dll
21:35:51.0643 3664  Themes - ok
21:35:51.0658 3664  [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER     C:\Windows\system32\mmcss.dll
21:35:51.0705 3664  THREADORDER - ok
21:35:51.0721 3664  [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks          C:\Windows\System32\trkwks.dll
21:35:51.0768 3664  TrkWks - ok
21:35:51.0799 3664  [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
21:35:51.0861 3664  TrustedInstaller - ok
21:35:51.0892 3664  [ 254BB140EEE3C59D6114C1A86B636877 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
21:35:51.0924 3664  tssecsrv - ok
21:35:51.0970 3664  [ FD1D6C73E6333BE727CBCC6054247654 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
21:35:52.0048 3664  TsUsbFlt - ok
21:35:52.0064 3664  tsusbhub - ok
21:35:52.0111 3664  [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
21:35:52.0142 3664  tunnel - ok
21:35:52.0173 3664  [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
21:35:52.0204 3664  uagp35 - ok
21:35:52.0220 3664  [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
21:35:52.0267 3664  udfs - ok
21:35:52.0298 3664  [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
21:35:52.0329 3664  UI0Detect - ok
21:35:52.0360 3664  [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
21:35:52.0376 3664  uliagpkx - ok
21:35:52.0423 3664  [ D295BED4B898F0FD999FCFA9B32B071B ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
21:35:52.0438 3664  umbus - ok
21:35:52.0454 3664  [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
21:35:52.0485 3664  UmPass - ok
21:35:52.0532 3664  [ 409994A8EACEEE4E328749C0353527A0 ] UmRdpService    C:\Windows\System32\umrdp.dll
21:35:52.0594 3664  UmRdpService - ok
21:35:52.0626 3664  [ 833FBB672460EFCE8011D262175FAD33 ] upnphost        C:\Windows\System32\upnphost.dll
21:35:52.0672 3664  upnphost - ok
21:35:52.0704 3664  [ 6E421CCC57059B0186C6259CA3B6DFC9 ] USBAAPL         C:\Windows\system32\Drivers\usbaapl.sys
21:35:52.0766 3664  USBAAPL - ok
21:35:52.0828 3664  [ 1D9F2BD026E8E2D45033A4DF3F16B78C ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
21:35:52.0844 3664  usbaudio - ok
21:35:52.0875 3664  [ BD9C55D7023C5DE374507ACC7A14E2AC ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
21:35:52.0969 3664  usbccgp - ok
21:35:53.0016 3664  [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
21:35:53.0062 3664  usbcir - ok
21:35:53.0078 3664  [ F92DE757E4B7CE9C07C5E65423F3AE3B ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
21:35:53.0094 3664  usbehci - ok
21:35:53.0125 3664  [ 8DC94AEC6A7E644A06135AE7506DC2E9 ] usbhub          C:\Windows\system32\drivers\usbhub.sys
21:35:53.0156 3664  usbhub - ok
21:35:53.0218 3664  [ E185D44FAC515A18D9DEDDC23C2CDF44 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
21:35:53.0250 3664  usbohci - ok
21:35:53.0343 3664  [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
21:35:53.0390 3664  usbprint - ok
21:35:53.0421 3664  [ 576096CCBC07E7C4EA4F5E6686D6888F ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
21:35:53.0468 3664  usbscan - ok
21:35:53.0484 3664  [ F991AB9CC6B908DB552166768176896A ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
21:35:53.0562 3664  USBSTOR - ok
21:35:53.0577 3664  [ 68DF884CF41CDADA664BEB01DAF67E3D ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
21:35:53.0593 3664  usbuhci - ok
21:35:53.0640 3664  [ AF77716205C97E902E6C5B78DECE2CCA ] usb_rndisx      C:\Windows\system32\drivers\usb8023x.sys
21:35:53.0733 3664  usb_rndisx - ok
21:35:53.0764 3664  [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms           C:\Windows\System32\uxsms.dll
21:35:53.0827 3664  UxSms - ok
21:35:53.0842 3664  [ 81951F51E318AECC2D68559E47485CC4 ] VaultSvc        C:\Windows\system32\lsass.exe
21:35:53.0858 3664  VaultSvc - ok
21:35:53.0874 3664  [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
21:35:53.0889 3664  vdrvroot - ok
21:35:53.0936 3664  [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds             C:\Windows\System32\vds.exe
21:35:53.0998 3664  vds - ok
21:35:54.0030 3664  [ 17C408214EA61696CEC9C66E388B14F3 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
21:35:54.0061 3664  vga - ok
21:35:54.0092 3664  [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave         C:\Windows\System32\drivers\vga.sys
21:35:54.0139 3664  VgaSave - ok
21:35:54.0139 3664  VGPU - ok
21:35:54.0186 3664  [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
21:35:54.0201 3664  vhdmp - ok
21:35:54.0232 3664  [ C829317A37B4BEA8F39735D4B076E923 ] viaagp          C:\Windows\system32\drivers\viaagp.sys
21:35:54.0248 3664  viaagp - ok
21:35:54.0264 3664  [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7           C:\Windows\system32\DRIVERS\viac7.sys
21:35:54.0279 3664  ViaC7 - ok
21:35:54.0310 3664  [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide          C:\Windows\system32\drivers\viaide.sys
21:35:54.0342 3664  viaide - ok
21:35:54.0357 3664  [ C2F2911156FDC7817C52829C86DA494E ] vmbus           C:\Windows\system32\drivers\vmbus.sys
21:35:54.0388 3664  vmbus - ok
21:35:54.0388 3664  [ D4D77455211E204F370D08F4963063CE ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
21:35:54.0420 3664  VMBusHID - ok
21:35:54.0435 3664  [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
21:35:54.0466 3664  volmgr - ok
21:35:54.0482 3664  [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
21:35:54.0529 3664  volmgrx - ok
21:35:54.0560 3664  [ F497F67932C6FA693D7DE2780631CFE7 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
21:35:54.0576 3664  volsnap - ok
21:35:54.0638 3664  [ 8CA9793CBEE993660FF7FC2769A4E252 ] vpnagent        C:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
21:35:54.0685 3664  vpnagent - ok
21:35:54.0700 3664  [ FDDAFA1C89B0B07494AF5879F7ECE857 ] vpnva           C:\Windows\system32\DRIVERS\vpnva.sys
21:35:54.0732 3664  vpnva - ok
21:35:54.0747 3664  [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
21:35:54.0778 3664  vsmraid - ok
21:35:54.0825 3664  [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS             C:\Windows\system32\vssvc.exe
21:35:54.0903 3664  VSS - ok
21:35:54.0919 3664  [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
21:35:54.0966 3664  vwifibus - ok
21:35:54.0997 3664  [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time         C:\Windows\system32\w32time.dll
21:35:55.0059 3664  W32Time - ok
21:35:55.0075 3664  [ DE3721E89C653AA281428C8A69745D90 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
21:35:55.0106 3664  WacomPen - ok
21:35:55.0137 3664  [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
21:35:55.0184 3664  WANARP - ok
21:35:55.0184 3664  [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
21:35:55.0215 3664  Wanarpv6 - ok
21:35:55.0309 3664  [ 353A04C273EC58475D8633E75CCD5604 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
21:35:55.0418 3664  WatAdminSvc - ok
21:35:55.0480 3664  [ 691E3285E53DCA558E1A84667F13E15A ] wbengine        C:\Windows\system32\wbengine.exe
21:35:55.0621 3664  wbengine - ok
21:35:55.0652 3664  [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
21:35:55.0699 3664  WbioSrvc - ok
21:35:55.0730 3664  [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc         C:\Windows\System32\wcncsvc.dll
21:35:55.0777 3664  wcncsvc - ok
21:35:55.0792 3664  [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
21:35:55.0870 3664  WcsPlugInService - ok
21:35:55.0933 3664  [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd              C:\Windows\system32\DRIVERS\wd.sys
21:35:55.0948 3664  Wd - ok
21:35:56.0058 3664  [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
21:35:56.0120 3664  Wdf01000 - ok
21:35:56.0136 3664  [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost  C:\Windows\system32\wdi.dll
21:35:56.0260 3664  WdiServiceHost - ok
21:35:56.0260 3664  [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost   C:\Windows\system32\wdi.dll
21:35:56.0292 3664  WdiSystemHost - ok
21:35:56.0323 3664  [ A9D880F97530D5B8FEE278923349929D ] WebClient       C:\Windows\System32\webclnt.dll
21:35:56.0354 3664  WebClient - ok
21:35:56.0401 3664  [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc          C:\Windows\system32\wecsvc.dll
21:35:56.0448 3664  Wecsvc - ok
21:35:56.0479 3664  [ AC804569BB2364FB6017370258A4091B ] wercplsupport   C:\Windows\System32\wercplsupport.dll
21:35:56.0666 3664  wercplsupport - ok
21:35:56.0760 3664  [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc          C:\Windows\System32\WerSvc.dll
21:35:56.0822 3664  WerSvc - ok
21:35:56.0853 3664  [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
21:35:56.0884 3664  WfpLwf - ok
21:35:56.0916 3664  [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
21:35:56.0931 3664  WIMMount - ok
21:35:56.0994 3664  [ 3FAE8F94296001C32EAB62CD7D82E0FD ] WinDefend       C:\Program Files\Windows Defender\mpsvc.dll
21:35:57.0040 3664  WinDefend - ok
21:35:57.0072 3664  WinHttpAutoProxySvc - ok
21:35:57.0118 3664  [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
21:35:57.0212 3664  Winmgmt - ok
21:35:57.0274 3664  [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] WinRM           C:\Windows\system32\WsmSvc.dll
21:35:57.0399 3664  WinRM - ok
21:35:57.0446 3664  [ A67E5F9A400F3BD1BE3D80613B45F708 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
21:35:57.0477 3664  WinUsb - ok
21:35:57.0524 3664  [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc         C:\Windows\System32\wlansvc.dll
21:35:57.0586 3664  Wlansvc - ok
21:35:57.0602 3664  [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
21:35:57.0633 3664  WmiAcpi - ok
21:35:57.0680 3664  [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
21:35:57.0711 3664  wmiApSrv - ok
21:35:57.0789 3664  [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
21:35:57.0898 3664  WMPNetworkSvc - ok
21:35:57.0914 3664  [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc          C:\Windows\System32\wpcsvc.dll
21:35:57.0961 3664  WPCSvc - ok
21:35:57.0992 3664  [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
21:35:58.0054 3664  WPDBusEnum - ok
21:35:58.0070 3664  [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
21:35:58.0101 3664  ws2ifsl - ok
21:35:58.0132 3664  [ 6F5D49EFE0E7164E03AE773A3FE25340 ] wscsvc          C:\Windows\system32\wscsvc.dll
21:35:58.0164 3664  wscsvc - ok
21:35:58.0195 3664  [ 553F6CCD7C58EB98D4A8FBDAF283D7A9 ] WSDPrintDevice  C:\Windows\system32\DRIVERS\WSDPrint.sys
21:35:58.0273 3664  WSDPrintDevice - ok
21:35:58.0288 3664  WSearch - ok
21:35:58.0366 3664  [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv        C:\Windows\system32\wuaueng.dll
21:35:58.0476 3664  wuauserv - ok
21:35:58.0554 3664  [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
21:35:58.0710 3664  WudfPf - ok
21:35:58.0741 3664  [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
21:35:58.0772 3664  WUDFRd - ok
21:35:58.0803 3664  [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
21:35:58.0834 3664  wudfsvc - ok
21:35:58.0866 3664  [ 3C5E51C05BE9B56EAFF4E388C3AB25E4 ] WwanSvc         C:\Windows\System32\wwansvc.dll
21:35:58.0959 3664  WwanSvc - ok
21:35:59.0006 3664  ================ Scan global ===============================
21:35:59.0037 3664  [ DAB748AE0439955ED2FA22357533DDDB ] C:\Windows\system32\basesrv.dll
21:35:59.0068 3664  [ 1F5F07091D50244F17DD8D5147A628CC ] C:\Windows\system32\winsrv.dll
21:35:59.0100 3664  [ 1F5F07091D50244F17DD8D5147A628CC ] C:\Windows\system32\winsrv.dll
21:35:59.0115 3664  [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll
21:35:59.0146 3664  [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe
21:35:59.0146 3664  [Global] - ok
21:35:59.0146 3664  ================ Scan MBR ==================================
21:35:59.0162 3664  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
21:35:59.0631 3664  \Device\Harddisk0\DR0 - ok
21:35:59.0631 3664  ================ Scan VBR ==================================
21:35:59.0647 3664  [ 58E676624C9DDB478A6180CED6898809 ] \Device\Harddisk0\DR0\Partition1
21:35:59.0647 3664  \Device\Harddisk0\DR0\Partition1 - ok
21:35:59.0678 3664  [ 0CCD1ECA65B594D84F962A4961A847B7 ] \Device\Harddisk0\DR0\Partition2
21:35:59.0693 3664  \Device\Harddisk0\DR0\Partition2 - ok
21:35:59.0709 3664  [ 1E7889D39A217B27AF746D281EDE8D8E ] \Device\Harddisk0\DR0\Partition3
21:35:59.0709 3664  \Device\Harddisk0\DR0\Partition3 - ok
21:35:59.0709 3664  ============================================================
21:35:59.0709 3664  Scan finished
21:35:59.0709 3664  ============================================================
21:35:59.0740 5824  Detected object count: 7
21:35:59.0740 5824  Actual detected object count: 7
21:36:15.0761 5824  Adobe LM Service ( UnsignedFile.Multi.Generic ) - skipped by user
21:36:15.0761 5824  Adobe LM Service ( UnsignedFile.Multi.Generic ) - User select action: Skip 
21:36:15.0761 5824  Adobe Version Cue CS2 ( UnsignedFile.Multi.Generic ) - skipped by user
21:36:15.0761 5824  Adobe Version Cue CS2 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
21:36:15.0761 5824  BrYNSvc ( UnsignedFile.Multi.Generic ) - skipped by user
21:36:15.0761 5824  BrYNSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
21:36:15.0761 5824  MDM ( UnsignedFile.Multi.Generic ) - skipped by user
21:36:15.0761 5824  MDM ( UnsignedFile.Multi.Generic ) - User select action: Skip 
21:36:15.0761 5824  OMSI download service ( UnsignedFile.Multi.Generic ) - skipped by user
21:36:15.0761 5824  OMSI download service ( UnsignedFile.Multi.Generic ) - User select action: Skip 
21:36:15.0777 5824  PassThru Service ( UnsignedFile.Multi.Generic ) - skipped by user
21:36:15.0777 5824  PassThru Service ( UnsignedFile.Multi.Generic ) - User select action: Skip 
21:36:15.0777 5824  StarOpen ( UnsignedFile.Multi.Generic ) - skipped by user
21:36:15.0777 5824  StarOpen ( UnsignedFile.Multi.Generic ) - User select action: Skip 
21:36:22.0391 4784  Deinitialize success
         
Grüße

Alt 22.05.2013, 20:51   #20
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
AOL Mailadresse verschickt Spam - Standard

AOL Mailadresse verschickt Spam



JRT - Junkware Removal Tool

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.




Im Anschluss:

adwCleaner - Toolbars und ungewollte Start-/Suchseiten entfernen

Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).


Danach eine Kontrolle mit OTL bitte:
  • Doppelklick auf die OTL.exe
  • Vista User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen
  • Setze oben mittig den Haken bei Scanne alle Benutzer
  • Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output
  • Unter Extra Registry, wähle bitte Use SafeList
  • Klicke nun auf Run Scan links oben
  • Wenn der Scan beendet wurde werden 2 Logfiles erstellt
  • Poste die Logfiles in CODE-Tags hier in den Thread.

__________________
Logfiles bitte immer in CODE-Tags posten

Alt 24.05.2013, 22:02   #21
Angi23
 
AOL Mailadresse verschickt Spam - Standard

AOL Mailadresse verschickt Spam



Hallo,

der JRT Scan war:
Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.9.4 (05.06.2013:1)
OS: Windows 7 Enterprise x86
Ran by Angela on 24.05.2013 at 22:13:27,31
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\apnupdater
Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks\\{00000000-6E41-4FD3-8538-502F5495E5FC} 



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\conduit
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\appid\genericasktoolbar.dll
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\installer\features\a28b4d68debaa244eb686953b7074fef
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\installer\products\a28b4d68debaa244eb686953b7074fef
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\installer\upgradecodes\f928123a039649549966d4c29d35b1c9
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC} 
Successfully deleted: [Registry Key] "hkey_current_user\software\apn" 
Successfully deleted: [Registry Key] "hkey_current_user\software\appdatalow\asktoolbarinfo" 
Successfully deleted: [Registry Key] "hkey_current_user\software\appdatalow\software\asktoolbar" 
Successfully deleted: [Registry Key] "hkey_current_user\software\ask.com" 
Successfully deleted: [Registry Key] "hkey_local_machine\software\apn" 
Successfully deleted: [Registry Key] "hkey_local_machine\software\asktoolbar" 
Successfully deleted: [Registry Key] "hkey_local_machine\software\microsoft\windows\currentversion\installer\userdata\s-1-5-18\components\0cfe535c35f99574e8340bfa75bf92c2" 
Successfully deleted: [Registry Key] "hkey_local_machine\software\microsoft\windows\currentversion\installer\userdata\s-1-5-18\components\0e12f736682067fde4d1158d5940a82e" 
Successfully deleted: [Registry Key] "hkey_local_machine\software\microsoft\windows\currentversion\installer\userdata\s-1-5-18\components\120dfadeb50841f408f04d2a278f9509" 
Successfully deleted: [Registry Key] "hkey_local_machine\software\microsoft\windows\currentversion\installer\userdata\s-1-5-18\components\1a24b5bb8521b03e0c8d908f5abc0ae6" 
Successfully deleted: [Registry Key] "hkey_local_machine\software\microsoft\windows\currentversion\installer\userdata\s-1-5-18\components\261f213d1f55267499b1f87d0cc3bcf7" 
Successfully deleted: [Registry Key] "hkey_local_machine\software\microsoft\windows\currentversion\installer\userdata\s-1-5-18\components\2b0d56c4f4c46d844a57ffed6f0d2852" 
Successfully deleted: [Registry Key] "hkey_local_machine\software\microsoft\windows\currentversion\installer\userdata\s-1-5-18\components\49d4375fe41653242aea4c969e4e65e0" 
Successfully deleted: [Registry Key] "hkey_local_machine\software\microsoft\windows\currentversion\installer\userdata\s-1-5-18\components\6aa0923513360135b272e8289c5f13fa" 
Successfully deleted: [Registry Key] "hkey_local_machine\software\microsoft\windows\currentversion\installer\userdata\s-1-5-18\components\6f7467af8f29c134cbbab394eccfde96" 
Successfully deleted: [Registry Key] "hkey_local_machine\software\microsoft\windows\currentversion\installer\userdata\s-1-5-18\components\741b4adf27276464790022c965ab6da8" 
Successfully deleted: [Registry Key] "hkey_local_machine\software\microsoft\windows\currentversion\installer\userdata\s-1-5-18\components\7de196b10195f5647a2b21b761f3de01" 
Successfully deleted: [Registry Key] "hkey_local_machine\software\microsoft\windows\currentversion\installer\userdata\s-1-5-18\components\922525dcc5199162f8935747ca3d8e59" 
Successfully deleted: [Registry Key] "hkey_local_machine\software\microsoft\windows\currentversion\installer\userdata\s-1-5-18\components\9d4f5849367142e4685ed8c25e44c5ed" 
Successfully deleted: [Registry Key] "hkey_local_machine\software\microsoft\windows\currentversion\installer\userdata\s-1-5-18\components\a5875b04372c19545beb90d4d606c472" 
Successfully deleted: [Registry Key] "hkey_local_machine\software\microsoft\windows\currentversion\installer\userdata\s-1-5-18\components\a876d9e80b896ec44a8620248cc79296" 
Successfully deleted: [Registry Key] "hkey_local_machine\software\microsoft\windows\currentversion\installer\userdata\s-1-5-18\components\b66ffab725b92594c986de826a867888" 
Successfully deleted: [Registry Key] "hkey_local_machine\software\microsoft\windows\currentversion\installer\userdata\s-1-5-18\components\bcda179d619b91648538e3394cac94cc" 
Successfully deleted: [Registry Key] "hkey_local_machine\software\microsoft\windows\currentversion\installer\userdata\s-1-5-18\components\d677b1a9671d4d4004f6f2a4469e86ea" 
Successfully deleted: [Registry Key] "hkey_local_machine\software\microsoft\windows\currentversion\installer\userdata\s-1-5-18\components\dd1402a9dd4215a43abde169a41afa0e" 
Successfully deleted: [Registry Key] "hkey_local_machine\software\microsoft\windows\currentversion\installer\userdata\s-1-5-18\components\e36e114a0ead2ad46b381d23ad69cddf" 
Successfully deleted: [Registry Key] "hkey_local_machine\software\microsoft\windows\currentversion\installer\userdata\s-1-5-18\components\ef8e618db3aedfbb384561b5c548f65e" 
Successfully deleted: [Registry Key] "hkey_local_machine\software\microsoft\windows\currentversion\installer\userdata\s-1-5-18\products\a28b4d68debaa244eb686953b7074fef" 



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\boost_interprocess"
Successfully deleted: [Folder] "C:\Users\Angela\AppData\Roaming\opencandy"
Successfully deleted: [Folder] "C:\Users\Angela\appdata\locallow\boost_interprocess"
Successfully deleted: [Folder] "C:\ProgramData\ask" 
Successfully deleted: [Folder] "C:\Users\Angela\appdata\locallow\asktoolbar" 
Successfully deleted: [Folder] "C:\Program Files\ask.com" 
Successfully deleted: [Folder] "C:\Windows\installer\{86d4b82a-abed-442a-be86-96357b70f4fe}" 



~~~ FireFox

Successfully deleted: [File] C:\Users\Angela\AppData\Roaming\mozilla\firefox\profiles\m4hcwook.default\user.js
Successfully deleted: [File] C:\Users\Angela\AppData\Roaming\mozilla\firefox\profiles\m4hcwook.default\searchplugins\askcom.xml
Successfully deleted: [Folder] C:\Users\Angela\AppData\Roaming\mozilla\firefox\profiles\m4hcwook.default\extensions\software@loadtubes.com
Successfully deleted: [Folder] C:\Users\Angela\AppData\Roaming\mozilla\firefox\profiles\m4hcwook.default\extensions\toolbar@ask.com
Successfully deleted the following from C:\Users\Angela\AppData\Roaming\mozilla\firefox\profiles\m4hcwook.default\prefs.js

user_pref("CT2856415..clientLogIsEnabled", false);
user_pref("CT2856415..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asmx/ReportDiagnosticsEvent");
user_pref("CT2856415..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/RegisterToolbarUninstallation");
user_pref("CT2856415.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
user_pref("CT2856415.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
user_pref("CT2856415.BrowserCompStateIsOpen_129502651137682069", true);
user_pref("CT2856415.BrowserCompStateIsOpen_129560745131733767", true);
user_pref("CT2856415.BrowserCompStateIsOpen_129683315081957463", true);
user_pref("CT2856415.BrowserCompStateIsOpen_130104337782566575", true);
user_pref("CT2856415.BrowserCompStateIsOpen_1365942036000", true);
user_pref("CT2856415.CTID", "CT2856415");
user_pref("CT2856415.CurrentServerDate", "24-5-2013");
user_pref("CT2856415.DialogsAlignMode", "LTR");
user_pref("CT2856415.DialogsGetterLastCheckTime", "Fri May 24 2013 20:55:35 GMT+0200");
user_pref("CT2856415.DownloadReferralCookieData", "{\"BannerName\":\"\",\"BannerTypeId\":\"\",\"BannerCulture\":\"\",\"DownloadTime\":\"12/26/2010 3:09:01 PM\",\"SourceId\":0,
user_pref("CT2856415.FirstServerDate", "26-12-2010");
user_pref("CT2856415.FirstTime", true);
user_pref("CT2856415.FirstTimeFF3", true);
user_pref("CT2856415.FixPageNotFoundErrors", true);
user_pref("CT2856415.GroupingServerCheckInterval", 1440);
user_pref("CT2856415.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
user_pref("CT2856415.HasUserGlobalKeys", true);
user_pref("CT2856415.Initialize", true);
user_pref("CT2856415.InitializeCommonPrefs", true);
user_pref("CT2856415.InstallationAndCookieDataSentCount", 3);
user_pref("CT2856415.InstalledDate", "Sun Dec 26 2010 13:09:39 GMT+0100");
user_pref("CT2856415.IsGrouping", false);
user_pref("CT2856415.IsMulticommunity", false);
user_pref("CT2856415.IsOpenThankYouPage", true);
user_pref("CT2856415.IsOpenUninstallPage", true);
user_pref("CT2856415.LanguagePackLastCheckTime", "Fri May 24 2013 20:55:35 GMT+0200");
user_pref("CT2856415.LanguagePackReloadIntervalMM", 1440);
user_pref("CT2856415.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx");
user_pref("CT2856415.LastLogin_3.12.0.7", "Thu May 03 2012 18:12:05 GMT+0200");
user_pref("CT2856415.LastLogin_3.12.2.3", "Thu May 31 2012 08:15:24 GMT+0200");
user_pref("CT2856415.LastLogin_3.13.0.6", "Sun Jul 15 2012 14:57:55 GMT+0200");
user_pref("CT2856415.LastLogin_3.14.1.0", "Wed Aug 22 2012 09:12:44 GMT+0200");
user_pref("CT2856415.LastLogin_3.15.1.0", "Sun Nov 11 2012 13:41:50 GMT+0100");
user_pref("CT2856415.LastLogin_3.16.0.3", "Wed Feb 13 2013 16:07:33 GMT+0100");
user_pref("CT2856415.LastLogin_3.18.0.7", "Fri May 24 2013 20:55:35 GMT+0200");
user_pref("CT2856415.LastLogin_3.2.5.2", "Thu Dec 30 2010 15:50:56 GMT+0100");
user_pref("CT2856415.LatestVersion", "3.18.0.7");
user_pref("CT2856415.Locale", "en");
user_pref("CT2856415.MAX_NUMBER_OF_ALERTS_129560745131733767", "11_1369167655877");
user_pref("CT2856415.MCDetectTooltipHeight", "83");
user_pref("CT2856415.MCDetectTooltipShow", false);
user_pref("CT2856415.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
user_pref("CT2856415.MCDetectTooltipWidth", "295");
user_pref("CT2856415.MyStuffEnabledAtInstallation", true);
user_pref("CT2856415.SHRINK_TOOLBAR", 1);
user_pref("CT2856415.SavedHomepage", "hxxp://de.ask.com?o=16784&l=dis&gct=hp");
user_pref("CT2856415.SearchBoxWidth", 153);
user_pref("CT2856415.SearchFromAddressBarIsInit", true);
user_pref("CT2856415.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2856415&q=");
user_pref("CT2856415.SearchInNewTabEnabled", true);
user_pref("CT2856415.SearchInNewTabIntervalMM", 1440);
user_pref("CT2856415.SearchInNewTabLastCheckTime", "Fri May 24 2013 20:55:29 GMT+0200");
user_pref("CT2856415.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_TOOLBAR_ID&UM=UM_ID");
user_pref("CT2856415.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageService.asmx/UsersRequests?ctid=EB_TOOLBAR_ID");
user_pref("CT2856415.SearchInNewTabUserEnabled", false);
user_pref("CT2856415.ServiceMapLastCheckTime", "Fri May 24 2013 14:02:24 GMT+0200");
user_pref("CT2856415.SettingsLastCheckTime", "Fri May 24 2013 20:55:28 GMT+0200");
user_pref("CT2856415.SettingsLastUpdate", "1369383118");
user_pref("CT2856415.ThirdPartyComponentsInterval", 504);
user_pref("CT2856415.ThirdPartyComponentsLastCheck", "Sun Dec 26 2010 13:09:36 GMT+0100");
user_pref("CT2856415.ThirdPartyComponentsLastUpdate", "1246790578");
user_pref("CT2856415.TrusteLinkUrl", "hxxp://trust.conduit.com/CT2856415");
user_pref("CT2856415.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,client.conduit-storage.com,OurToolbar.com,CommunityToolbars.com,ForumToolbar.com
user_pref("CT2856415.UserID", "UN14638814830852187");
user_pref("CT2856415.ValidationData_Search", 0);
user_pref("CT2856415.ValidationData_Toolbar", 2);
user_pref("CT2856415.alertChannelId", "1248439");
user_pref("CT2856415.backendstorage./9b+7e+x305", "247E27413334363379453A3D2A722C797A7E7A3128333B474953462D584D503D263F2D2E3135443B464E4F5B565E695B426D6265523B544243464959505B
user_pref("CT2856415.backendstorage./9b+7e,x305", "247E28412F3F3E3779453A3D2A722C797B787D3128333C4748402C574C4F3C253E2C2E2B2F433A454E59505B57676A66426D62455E69543D56444643465B
user_pref("CT2856415.backendstorage./9b+7e-x305", "247E29327641363937333545397E3F493B2F77317E202520362D3842474A58515A5C585D505F593964595C49324B393A3F395047525C4173686B6965677B
user_pref("CT2856415.backendstorage./9b+7e.:2z527", "2423");
user_pref("CT2856415.backendstorage./9b+7e.x305", "247E2A4137374434337A463B3E2B732D7A7D7C213229343F564654524C474A595A4851505E51523964595C49324B393C3B3E5047525D6C6A6B6F786D6850
user_pref("CT2856415.backendstorage./9b+7e/x305", "247E2B413536327844393C29712B787C7B773027323E4C4343534E2D585B3C253E2C302E34433A45515862695E675A416C6164513A5341454348584F5A66
user_pref("CT2856415.backendstorage./9b+7e06cg5el8:", "6E6D6B69716F756E736F");
user_pref("CT2856415.backendstorage./9b+7e06cg5el;8i:k", "247E2D2F226A7473716F77757B747975242F4B49474F42357D5D5C3D");
user_pref("CT2856415.backendstorage./9b+7e0x305", "247E2C403A407743383B28702A777C757D2F26313E41295547484D515A4E5A59325D5255422B443237303749404B585E685E706E6E6674626E696B4D786D
user_pref("CT2856415.backendstorage./9b+7e1x305", "247E2D41313D403279453A3D2A722C7A77797E31283341473E454745482F5A4F523F2841302D2F33463D48566265685C6B675F6D70604873686B58415A49
user_pref("CT2856415.backendstorage./9b+7e2x305", "247E2E3542313D3D393A7B473C3F2C742E79207D3229344356554E472E594E51325E4F412A4335373231483F4A59655F5F626C5B717369756975744D786D
user_pref("CT2856415.backendstorage./9b+7e3x305", "247E2F413F3B36333F47463F7D493E412E76307E222421352C37474B59574B4A4858584E5E3762573A535E49324B3A3D3F3B504752626C625D75786D766A
user_pref("CT2856415.backendstorage./9b+7e4x305", "247E302C407642373A276F29777B74762E2530413E4F494A522B55553A233C2B2F282941384354515E5D56615F56685C426D6265523B544346494A59505B
user_pref("CT2856415.backendstorage./9b+7e5x305", "247E3136422B7743383B28702A79757A772F2631434B3D49564A50592E594E314A55402942322E332F473E495B5D595A6A5E58707262674974696C59425B
user_pref("CT2856415.backendstorage./9b+7e6x305", "247E322C3E32323238453E7C483D402D752F7E7B2424342B364953545259585A5A50524E36615659462F4838353D3C4D444F626C6D6B72716A77614D786D
user_pref("CT2856415.backendstorage./9b+7e7x305", "247E333D2C3F3E3F79453A3D2A722C7B7A797A31283347513F445559424C5A315C5154412A4333323037483F4A5E68565B5970606E6C666164734C776C6F
user_pref("CT2856415.backendstorage./9b+7e8x305", "247E343D3F3B35373B3F367C47472C742E7E782332293449565540472E594E513E274030323533453C475C5558636A656E625E6C616B7068734B766B6E5B
user_pref("CT2856415.backendstorage./9b+7e9x305", "247E35332C3F327844393C29712B7B757979302732484C4F4F44504C4754585C5048345F5457442D46373135344B424D636B5D5F5F73696B4A756A6D5A43
user_pref("CT2856415.backendstorage./9b+7e:x305", "247E36333B38327844393C29712B7B76797A30273249485545442C574C4F3C253E2F2A2D2D433A455C67555B5E3F6A5F624F3851423D403F564D586F7A68
user_pref("CT2856415.backendstorage./9b+7e;x305", "247E373F333F3738422F7B473C3F2C742E7E7A7A22332A354D462C574C4F3C253E2F2B2B31433A455D6356575C5C5A416C6164513A5344404045584F5A72
user_pref("CT2856415.backendstorage./9b+7e<x305", "247E38343030442F463644377D493E412E7630217D2426352C37504C4757514B4F47345F5457442D4637343A3A4B424D665E705B646571634A756A6D5A43
user_pref("CT2856415.backendstorage./9b+7e=x305", "247E3933363F41413739357C483D402D752F207E2022342B36505459574C554F515B345F5457442D46373637384B424D676B706E606F61666B63664D786D
user_pref("CT2856415.backendstorage./9b+7e>x305", "247E3A41363F323238387B473C3F2C742E7E20217C332A35504F5346482F5A4F523F28413233342F463D48635C5D66626A436E6366533C55464748425A51
user_pref("CT2856415.backendstorage./9b+7e?x305", "247E3B2D2F2F334134403A3A7D494C2D752F2023207E342B3652504C5249555256525C35605558452E47383B38364C434E6A706F5F65635D736F67757868
user_pref("CT2856415.backendstorage./9b+7e@x305", "247E3C40422B7743383B28702A7B767E782F26314E52543D2A554A2D46513C253E302B332C433A45626756516259655F5F436E63465F6A553E5749444C44
user_pref("CT2856415.backendstorage./9b+7eax305", "247E3D3D37387743383B28702A7B7A757E2F26314F4B524B4445494B49485450585952535F513863585B48314A3C3B363D4F46516F6B6E6D63776D687666
user_pref("CT2856415.backendstorage./9b+7ebe3g=;d9n9=d", "372C2D326975762E3A3C7B3A39434A494841434B265146492965504656496571734D334B57");
user_pref("CT2856415.backendstorage./9b+7ebx305", "247E3E393141303D33454036327E4A3F422F77317B7D23352C37565949484E4F51525C4E4C55535B54605A5A3E695E614E37503B3D41544B567575656D73
user_pref("CT2856415.backendstorage./9b+7ecx305", "247E3F3D303043312E7A463B3E2B732D7B207E3128335351565551575A4F584C5E335E5356432C4534383649404B6B59566C686B46716669563F58474B48
user_pref("CT2856415.backendstorage./9b+7edx305", "247E4035422A363879453A3D2A722C7D202F26315247543C484A2C574C2F48533E27403233433A45665B68505C5E406B6E4F38514343544B56776C79616D
user_pref("CT2856415.backendstorage./9b+7etx305", "247E6E2F2E3B323342357B44392B732D7A7B7B7C32293423524C5457474A4E50565D4A61515F5D575255643D685D604D364F3D3E3E3D544B5645486A736D
user_pref("CT2856415.backendstorage./9b-0?3g>d", "3B3A69693D7341417A4577797420787A497C25507A4E222A7E5457592B275A2A285D2A31");
user_pref("CT2856415.backendstorage./9b-0?3g@6:5;", "");
user_pref("CT2856415.backendstorage./9b-0?3gfa7ef", "2B2E2C3D");
user_pref("CT2856415.backendstorage./9b-3=3eccja=f>", "247E333D2C452F4135276F292A212C393D44307832332A354448584C3A232E333E58604F6456604F6852645858635E604E376B7167617059");
user_pref("CT2856415.backendstorage./9b/>01=9a6k6<im;krie@pdawm", "6A696B7273747576");
user_pref("CT2856415.backendstorage./9b3=>@44i48?", "372C2D32697576334236334148477A213F3E484F4E4D4648502B564B4E2E5959595F4C564F3764535750");
user_pref("CT2856415.backendstorage./9b5ba==9cjag", "6D6B6B3D6A4375767A437274747A4A764C4B507A22");
user_pref("CT2856415.backendstorage./9b6b11g4c56b>f;p;anr@p", "6E6D6B69716F756E7373787276");
user_pref("CT2856415.backendstorage./9b9643g3/9e", "6A");
user_pref("CT2856415.backendstorage./9b;45>:bi9i7ie", "2B2E2C3D");
user_pref("CT2856415.backendstorage./9b<:222h64<", "393F352F3E");
user_pref("CT2856415.backendstorage./9b<:222h64<l8daj", "6D70706F7674707975772A787B727B7E757D7B");
user_pref("CT2856415.backendstorage./9b=+03eh8h8j?:", "4443");
user_pref("CT2856415.backendstorage./9b?+e2a52d8", "372C2D326975762E3A3C7B3A39434A494841434B2651464929655046566470727951555E5E52");
user_pref("CT2856415.backendstorage./9b?b0d:8aj62<h", "6D");
user_pref("CT2856415.backendstorage./9ba@0<0bi6a7gn:6@l?", "6E6B");
user_pref("CT2856415.backendstorage.cbcountry_001", "4445");
user_pref("CT2856415.backendstorage.cbfirsttime", "53756E2044656320303920323031322031303A32313A353320474D542B30313030");
user_pref("CT2856415.backendstorage.cbopenmamsettings", "30");
user_pref("CT2856415.backendstorage.mam_gk_appsdata", "7B2261707073223A5B7B226964223A225072696365476F6E67222C2275726C223A22687474703A2F2F7072696365676F6E672E636F6E647569746170
user_pref("CT2856415.backendstorage.mam_gk_appsdefaultenabled", "6E756C6C");
user_pref("CT2856415.backendstorage.mam_gk_appstate_couponbuddy", "6F6E");
user_pref("CT2856415.backendstorage.mam_gk_appstate_easytobook", "6F6E");
user_pref("CT2856415.backendstorage.mam_gk_appstate_easytobook_targeted", "6F6E");
user_pref("CT2856415.backendstorage.mam_gk_appstate_pricegong", "6F6E");
user_pref("CT2856415.backendstorage.mam_gk_appstate_windowshopper", "6F6E");
user_pref("CT2856415.backendstorage.mam_gk_appstatereporttime", "31333639323530383433303637");
user_pref("CT2856415.backendstorage.mam_gk_configuration", "7B22636F6E66696775726174696F6E223A5B7B226964223A225072696365476F6E67222C22637269746572696173223A5B7B226372697465726
user_pref("CT2856415.backendstorage.mam_gk_currentversion", "312E362E302E31");
user_pref("CT2856415.backendstorage.mam_gk_first_time", "31");
user_pref("CT2856415.backendstorage.mam_gk_lastlogintime", "31333639323530383430333035");
user_pref("CT2856415.backendstorage.mam_gk_localization", "7B22676164676574436F6E74656E74506F6C696379223A7B2254657874223A22436F6E74656E742D52696368746C696E6965227D2C2267616467
user_pref("CT2856415.backendstorage.mam_gk_settings1.6.0.1", "7B22537461747573223A22737563636565646564222C2244617461223A7B22696E74657276616C223A3234302C227374616D70223A2236315
user_pref("CT2856415.backendstorage.mam_gk_showclosebutton", "74727565");
user_pref("CT2856415.backendstorage.mam_gk_showwelcomegadget", "66616C7365");
user_pref("CT2856415.backendstorage.mam_gk_userid", "61656536646333662D396365332D346237662D393832352D626337653230346163303834");
user_pref("CT2856415.backendstorage.pg_enable", "74727565");
user_pref("CT2856415.backendstorage.sf_just_installed", "46414C5345");
user_pref("CT2856415.backendstorage.sf_status", "454E41424C4544");
user_pref("CT2856415.backendstorage.sf_user_id", "6369645F3231353230313332323230343032343938373130");
user_pref("CT2856415.backendstorage.url_history0001", "687474703A2F2F7777772E74726F6A616E65722D626F6172642E64652F3130313536342D6173776D62722D6578652D746F6F6C2D656E746665726E65
user_pref("CT2856415.components.1000080", false);
user_pref("CT2856415.components.129355801163506562", false);
user_pref("CT2856415.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.conduit.com;apps.conduit.com;services.apps.conduit.com\",\"AppsDetectionUrlP
user_pref("CT2856415.homepageProtectorEnableByLogin", true);
user_pref("CT2856415.initDone", true);
user_pref("CT2856415.myStuffEnabled", true);
user_pref("CT2856415.myStuffPublihserMinWidth", 400);
user_pref("CT2856415.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOrigin=29&ctid=EB_TOOLBAR_ID&octid=EB_ORIGINAL_CTID");
user_pref("CT2856415.myStuffServiceIntervalMM", 1440);
user_pref("CT2856415.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?ComponentId=EB_MY_STUFF_INSTANCE_GUID&lut=EB_MY_STUFF_LUT");
user_pref("CT2856415.revertSettingsEnabled", true);
user_pref("CT2856415.searchProtectorDialogDelayInSec", 10);
user_pref("CT2856415.searchProtectorEnableByLogin", true);
user_pref("CT2856415.testingCtid", "");
user_pref("CT2856415.toolbarAppMetaDataLastCheckTime", "Fri May 24 2013 20:55:35 GMT+0200");
user_pref("CT2856415.toolbarContextMenuLastCheckTime", "Sun Dec 26 2010 13:09:39 GMT+0100");
user_pref("CT2856415.usagesFlag", 2);
user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/CT2856415/CT2856415", "\"f6de72fc2614b48276e26891813b45003\"");
user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/1248439/1244112/DE", "\"0\"");
user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/909619/905414/DE", "\"0\"");
user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2856415", "\"1365960178\"");
user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&locale=en", "MUj9hNyEiPxkVQ8Q8IYZ6A==");
user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&locale=en", "ZF/VZo7UyQBp8ghNNzhnSQ==");
user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&locale=en", "+RsYuZ9IN1smka6Zuggr5w==");
user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&locale=en", "t6SQZ7j9WsBHhE8zC0kAEQ==");
user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\"01ffa8b1cc6cb1:0\"");
user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.engine.conduit-services.com/DLG.pkg?ver=3.3.3.2", "\"0652eeacc6cb1:0\"");
user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.12.0.7", "\"4ead38b3e6bcd1:0\"");
user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.12.2.3", "\"4ead38b3e6bcd1:0\"");
user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.13.0.6", "\"0d648794549cd1:0\"");
user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.14.1.0", "\"0e0a4327275cd1:0\"");
user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.15.1.0", "\"0343677cfb1cd1:0\"");
user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.16.0.3", "\"0343677cfb1cd1:0\"");
user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.18.0.7", "\"0343677cfb1cd1:0\"");
user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2856415", "\"dbe4460d95840339477519b3f77dc11a\"");
user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/toolbar/", "\"634289840782570000\"");
user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=0", "634285417620000000");
user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=12/21/2010 3:22:42 PM", "634293235860000000");
user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=12/30/2010 4:33:06 PM", "634356118310000000");
user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=3/13/2011 11:17:11 AM", "634356118310000000");
user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.search.conduit.com/root/CT2856415/CT2856415", "\"1291812328\"");
user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en", "\"4f32490f242482dcb7d768353a8dc7d4\"");
user_pref("CommunityToolbar.EngineHiddenByUser", true);
user_pref("CommunityToolbar.EngineOwner", "");
user_pref("CommunityToolbar.EngineOwnerGuid", "{22e03916-85c5-44b0-8dc9-1830c11238d9}");
user_pref("CommunityToolbar.EngineOwnerToolbarId", "elf_1");
user_pref("CommunityToolbar.IsEngineShown", false);
user_pref("CommunityToolbar.IsMyStuffImportedToEngine", true);
user_pref("CommunityToolbar.OriginalEngineOwner", "CT2856415");
user_pref("CommunityToolbar.OriginalEngineOwnerGuid", "{22e03916-85c5-44b0-8dc9-1830c11238d9}");
user_pref("CommunityToolbar.OriginalEngineOwnerToolbarId", "elf_1");
user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=FJS&o=16784&locale=de_DE&apn_uid=3FE1B21C-C91F-475B-B8FA-CE7C
user_pref("CommunityToolbar.ToolbarsList", "CT2856415");
user_pref("CommunityToolbar.ToolbarsList2", "CT2856415");
user_pref("CommunityToolbar.alert.alertDialogsGetterLastCheckTime", "Fri Mar 18 2011 10:34:50 GMT+0100");
user_pref("CommunityToolbar.alert.alertInfoInterval", 1440);
user_pref("CommunityToolbar.alert.alertInfoLastCheckTime", "Sat Jun 25 2011 13:19:28 GMT+0200");
user_pref("CommunityToolbar.alert.clientsServerUrl", "hxxp://alert.client.conduit.com");
user_pref("CommunityToolbar.alert.locale", "en");
user_pref("CommunityToolbar.alert.loginIntervalMin", 1440);
user_pref("CommunityToolbar.alert.loginLastCheckTime", "Sun Jun 26 2011 12:59:31 GMT+0200");
user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1305622559");
user_pref("CommunityToolbar.alert.messageShowTimeSec", 20);
user_pref("CommunityToolbar.alert.servicesServerUrl", "hxxp://alert.services.conduit.com");
user_pref("CommunityToolbar.alert.showTrayIcon", false);
user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300);
user_pref("CommunityToolbar.alert.userId", "3fedd3e5-fb9b-48eb-9c6e-5d5b2b77089a");
user_pref("CommunityToolbar.globalUserId", "33ee7896-84dd-415f-818e-641eca511eac");
user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT2856415");
user_pref("CommunityToolbar.killedEngine", true);
user_pref("CommunityToolbar.undefined", "");
user_pref("browser.search.defaultengine", "Ask.com");
user_pref("browser.search.defaultenginename", "Ask.com");
user_pref("browser.search.defaultthis.engineName", "Elf 1 Customized Web Search");
user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2856415&SearchSource=3&q={searchTerms}");
user_pref("browser.search.order.1", "Ask.com");
user_pref("extensions.asktb.InstallDir", "C:\\Program Files\\Ask.com\\");
user_pref("extensions.asktb.abar-war-timeout", "4000");
user_pref("extensions.asktb.autofill-competitor-query-enabled", true);
user_pref("extensions.asktb.autofill-text-highlight-enabled", true);
user_pref("extensions.asktb.cbid", "3S");
user_pref("extensions.asktb.config-updated", false);
user_pref("extensions.asktb.default-channel-url-mask", "hxxp://de.ask.com/web?q={query}&qsrc={qsrc}&o={o}&l={l}&gct=bar");
user_pref("extensions.asktb.displaybehavior", "");
user_pref("extensions.asktb.displaytext", "");
user_pref("extensions.asktb.dtid", "YYYYYYYYDE");
user_pref("extensions.asktb.dyn-weather-do-locid-lookup-weatherWidget", true);
user_pref("extensions.asktb.ff-original-keyword-url", "hxxp://www.google.com/search?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&q=");
user_pref("extensions.asktb.first-launch-url", "hxxp://www.zalando.de/nike-velocity-woven-cuffed-trainingsanzug-black-blue-n1243b02k-801.html");
user_pref("extensions.asktb.fresh-install", false);
user_pref("extensions.asktb.guid", "3FE1B21C-C91F-475B-B8FA-CE7C4CC38513");
user_pref("extensions.asktb.hxxp-header-whitelist-hosts", "[\"static-dev.en.dev.ask.com\", \"ask.com\", \"www.facebook.com\", \"www.playsushi.com\", \"WWW.google.com\", \"hxxp
user_pref("extensions.asktb.if", "su");
user_pref("extensions.asktb.l", "dis");
user_pref("extensions.asktb.last-config-req", "1327832991213");
user_pref("extensions.asktb.last-search-timestamp", "1326301381512");
user_pref("extensions.asktb.last-v", "3.14.0.100009");
user_pref("extensions.asktb.locale", "de_DE");
user_pref("extensions.asktb.lstation", "");
user_pref("extensions.asktb.o", "16784");
user_pref("extensions.asktb.overlay-reloaded-using-restart", true);
user_pref("extensions.asktb.pstate", "");
user_pref("extensions.asktb.qsrc", "2871");
user_pref("extensions.asktb.r", "2");
user_pref("extensions.asktb.sa", "YES");
user_pref("extensions.asktb.saguid", "C994ACBD-37D0-4ECB-97AD-4DB837212223");
user_pref("extensions.asktb.search-history-queries", "lmu lsf");
user_pref("extensions.asktb.search-suggestions-enabled", true);
user_pref("extensions.asktb.silent-upgrade", true);
user_pref("extensions.asktb.silent-upgrade-from-pre-newtabs-build", true);
user_pref("extensions.asktb.socialmini-first", true);
user_pref("extensions.asktb.socialmini-interval", "1200000");
user_pref("extensions.asktb.socialmini-max-char-ticker", "33");
user_pref("extensions.asktb.socialmini-max-items", "30");
user_pref("extensions.asktb.socialmini-native-on", true);
user_pref("extensions.asktb.socialmini-speed", "5000");
user_pref("extensions.asktb.socialmini-transition-first-open", false);
user_pref("extensions.asktb.themeid", "");
user_pref("extensions.asktb.v", "3.14.1.100009");
user_pref("extensions.asktb.volume", "");
user_pref("keyword.URL", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2856415&q=");
Emptied folder: C:\Users\Angela\AppData\Roaming\mozilla\firefox\profiles\m4hcwook.default\minidumps [45 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 24.05.2013 at 22:17:09,63
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         
Der ADW:

Code:
ATTFilter
# AdwCleaner v2.301 - Datei am 24/05/2013 um 22:22:27 erstellt
# Aktualisiert am 16/05/2013 von Xplode
# Betriebssystem : Windows 7 Enterprise Service Pack 1 (32 bits)
# Benutzer : Angela - ANGELA-NOTEBOOK
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Angela\Desktop\adwcleaner.exe
# Option [Löschen]


**** [Dienste] ****


***** [Dateien / Ordner] *****

Ordner Gelöscht : C:\Users\Administrator\AppData\LocalLow\AskToolbar
Ordner Gelöscht : C:\Users\Angela\AppData\Roaming\Mozilla\Firefox\Profiles\m4hcwook.default\Conduit
Ordner Gelöscht : C:\Users\Angela\AppData\Roaming\Mozilla\Firefox\Profiles\m4hcwook.default\CT2856415
Ordner Gelöscht : C:\Users\Angela\AppData\Roaming\Mozilla\Firefox\Profiles\m4hcwook.default\extensions\{22e03916-85c5-44b0-8dc9-1830c11238d9}

***** [Registrierungsdatenbank] *****

Schlüssel Gelöscht : HKCU\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000000-6E41-4FD3-8538-502F5495E5FC}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}
Schlüssel Gelöscht : HKCU\Software\YahooPartnerToolbar
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\063A857434EDED11A893800002C0A966
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2BDF3E992C0908741B7C11F4B4E0F775
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6B3BC4CF5ECE1F54BBA174C13A1AB907
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B5BAE2ED018083A4C8DA86D6E3F4B024
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BEABAA33A5E68374DBF197F2A00CD011
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CB61AF52AD64B6B45930BE969F316720
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}

***** [Internet Browser] *****

-\\ Internet Explorer v10.0.9200.16576

Ersetzt : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://www.hiergehtslos.de --> hxxp://www.google.com

-\\ Mozilla Firefox v21.0 (de)

Datei : C:\Users\Angela\AppData\Roaming\Mozilla\Firefox\Profiles\m4hcwook.default\prefs.js

Gelöscht : user_pref("CT2856415..clientLogIsEnabled", false);
Gelöscht : user_pref("CT2856415..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]
Gelöscht : user_pref("CT2856415..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]
Gelöscht : user_pref("CT2856415.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
Gelöscht : user_pref("CT2856415.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Gelöscht : user_pref("CT2856415.BrowserCompStateIsOpen_129502651137682069", true);
Gelöscht : user_pref("CT2856415.BrowserCompStateIsOpen_129560745131733767", true);
Gelöscht : user_pref("CT2856415.BrowserCompStateIsOpen_130104337782566575", true);
Gelöscht : user_pref("CT2856415.CT2856415", "CT2856415");
Gelöscht : user_pref("CT2856415.CurrentServerDate", "24-5-2013");
Gelöscht : user_pref("CT2856415.DSInstall", false);
Gelöscht : user_pref("CT2856415.DialogsGetterLastCheckTime", "Fri May 24 2013 22:18:59 GMT+0200");
Gelöscht : user_pref("CT2856415.DownloadReferralCookieData", "{\"BannerName\":\"\",\"BannerTypeId\":\"\",\"Bann[...]
Gelöscht : user_pref("CT2856415.FirstServerDate", "24-5-2013");
Gelöscht : user_pref("CT2856415.FirstTime", true);
Gelöscht : user_pref("CT2856415.FirstTimeFF3", true);
Gelöscht : user_pref("CT2856415.FirstTimeHiddenVer", true);
Gelöscht : user_pref("CT2856415.FixPageNotFoundErrors", true);
Gelöscht : user_pref("CT2856415.GroupingServerCheckInterval", 1440);
Gelöscht : user_pref("CT2856415.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Gelöscht : user_pref("CT2856415.HPInstall", false);
Gelöscht : user_pref("CT2856415.HasUserGlobalKeys", true);
Gelöscht : user_pref("CT2856415.Initialize", true);
Gelöscht : user_pref("CT2856415.InitializeCommonPrefs", true);
Gelöscht : user_pref("CT2856415.InstallationAndCookieDataSentCount", 1);
Gelöscht : user_pref("CT2856415.InstallationType", "DirectDownload");
Gelöscht : user_pref("CT2856415.InstalledDate", "Fri May 24 2013 22:19:09 GMT+0200");
Gelöscht : user_pref("CT2856415.IsInitSetupIni", true);
Gelöscht : user_pref("CT2856415.IsMulticommunity", false);
Gelöscht : user_pref("CT2856415.IsOpenThankYouPage", true);
Gelöscht : user_pref("CT2856415.IsOpenUninstallPage", true);
Gelöscht : user_pref("CT2856415.LanguagePackReloadIntervalMM", 1440);
Gelöscht : user_pref("CT2856415.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Gelöscht : user_pref("CT2856415.LastLogin_3.18.0.7", "Fri May 24 2013 22:19:21 GMT+0200");
Gelöscht : user_pref("CT2856415.LatestVersion", "3.18.0.7");
Gelöscht : user_pref("CT2856415.MyStuffEnabledAtInstallation", true);
Gelöscht : user_pref("CT2856415.OriginalFirstVersion", "3.18.0.7");
Gelöscht : user_pref("CT2856415.SearchCaption", "Elf 1 Customized Web Search");
Gelöscht : user_pref("CT2856415.SearchFromAddressBarIsInit", true);
Gelöscht : user_pref("CT2856415.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT285[...]
Gelöscht : user_pref("CT2856415.SearchInNewTabEnabled", true);
Gelöscht : user_pref("CT2856415.SearchInNewTabIntervalMM", 1440);
Gelöscht : user_pref("CT2856415.SearchInNewTabLastCheckTime", "Fri May 24 2013 22:19:22 GMT+0200");
Gelöscht : user_pref("CT2856415.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Gelöscht : user_pref("CT2856415.SearchInNewTabUserEnabled", false);
Gelöscht : user_pref("CT2856415.SendProtectorDataViaLogin", true);
Gelöscht : user_pref("CT2856415.ServiceMapLastCheckTime", "Fri May 24 2013 22:18:59 GMT+0200");
Gelöscht : user_pref("CT2856415.SettingsLastCheckTime", "Fri May 24 2013 22:18:54 GMT+0200");
Gelöscht : user_pref("CT2856415.TBHomePageUrl", "hxxp://search.conduit.com/?ctid=CT2856415&SearchSource=13");
Gelöscht : user_pref("CT2856415.ToolbarShrinkedFromSetup", false);
Gelöscht : user_pref("CT2856415.TrusteLinkUrl", "hxxp://trust.conduit.com/CT2856415");
Gelöscht : user_pref("CT2856415.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,clien[...]
Gelöscht : user_pref("CT2856415.UserID", "UN45320663845210707");
Gelöscht : user_pref("CT2856415.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.c[...]
Gelöscht : user_pref("CT2856415.homepageProtectorEnableByLogin", true);
Gelöscht : user_pref("CT2856415.initDone", true);
Gelöscht : user_pref("CT2856415.myStuffEnabled", true);
Gelöscht : user_pref("CT2856415.myStuffPublihserMinWidth", 400);
Gelöscht : user_pref("CT2856415.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Gelöscht : user_pref("CT2856415.myStuffServiceIntervalMM", 1440);
Gelöscht : user_pref("CT2856415.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Gelöscht : user_pref("CT2856415.navigateToUrlOnSearch", false);
Gelöscht : user_pref("CT2856415.searchProtectorDialogDelayInSec", 10);
Gelöscht : user_pref("CT2856415.searchProtectorEnableByLogin", true);
Gelöscht : user_pref("CT2856415.testingCtid", "");
Gelöscht : user_pref("CT2856415.toolbarAppMetaDataLastCheckTime", "Fri May 24 2013 22:18:59 GMT+0200");
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/CT2856415/CT2856415[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/1248439/1244112/DE", "\"0\"[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/909619/905414/DE", "\"0\"")[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2856415", [...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.engine.conduit-services.com/DLG.pkg?ver=3.3.3[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.12[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.12[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.13[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.14[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.15[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.16[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.18[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2856415",[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/toolbar/", "\"63428984078257[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.search.conduit.com/root/CT2856415/CT2856415[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en", "\"4f3[...]
Gelöscht : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "");
Gelöscht : user_pref("CommunityToolbar.ToolbarsList", "CT2856415");
Gelöscht : user_pref("CommunityToolbar.ToolbarsList2", "CT2856415");
Gelöscht : user_pref("CommunityToolbar.ToolbarsList4", "CT2856415");
Gelöscht : user_pref("CommunityToolbar.globalUserId", "3e7c36b2-420f-4150-9fc1-9fea58a72429");
Gelöscht : user_pref("CommunityToolbar.originalHomepage", "hxxp://www.spiegel.de/");
Gelöscht : user_pref("CommunityToolbar.originalSearchEngine", "Google");
Gelöscht : user_pref("extensions.asktb.InstallDir", "C:\\Program Files\\Ask.com\\");
Gelöscht : user_pref("extensions.asktb.hxxp-header-whitelist-hosts", "[\"static-dev.en.dev.ask.com\", \"ask.com[...]

Datei : C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\e8cnju95.default\prefs.js

Gelöscht : user_pref("browser.search.defaultengine", "Ask.com");
Gelöscht : user_pref("browser.search.defaultenginename", "Ask.com");
Gelöscht : user_pref("browser.search.order.1", "Ask.com");
Gelöscht : user_pref("browser.search.selectedEngine", "Ask.com");
Gelöscht : user_pref("extensions.asktb.ff-original-keyword-url", "");
Gelöscht : user_pref("keyword.URL", "hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=FJS&o=16784&locale=d[...]

-\\ Google Chrome v27.0.1453.94

Datei : C:\Users\Angela\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Die Datei ist sauber.

*************************

AdwCleaner[S1].txt - [12003 octets] - [24/05/2013 22:22:27]

########## EOF - C:\AdwCleaner[S1].txt - [12064 octets] ##########
         
und OTL:

Code:
ATTFilter
OTL logfile created on: 24.05.2013 22:36:02 - Run 2
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Angela\Desktop
 Enterprise Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16576)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
1015,43 Mb Total Physical Memory | 160,54 Mb Available Physical Memory | 15,81% Memory free
1,99 Gb Paging File | 0,77 Gb Available in Paging File | 38,77% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 97,56 Gb Total Space | 28,33 Gb Free Space | 29,03% Space Free | Partition Type: NTFS
Drive E: | 135,23 Gb Total Space | 90,47 Gb Free Space | 66,91% Space Free | Partition Type: NTFS
 
Computer Name: ANGELA-NOTEBOOK | User Name: Angela | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Angela\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Programme\Microsoft\BingBar\7.2.233.0\BBSvc.EXE (Microsoft Corporation.)
PRC - C:\Users\Angela\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
PRC - C:\Programme\Norton 360\Engine\20.3.1.22\ccsvchst.exe (Symantec Corporation)
PRC - C:\Windows\System32\conhost.exe (Microsoft Corporation)
PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)
PRC - C:\Programme\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe (Cisco Systems, Inc.)
PRC - C:\Programme\Common Files\Java\Java Update\jucheck.exe (Sun Microsystems, Inc.)
PRC - C:\Programme\DivX\DivX Update\DivXUpdate.exe ()
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Sidebar\sidebar.exe (Microsoft Corporation)
PRC - C:\Programme\HTC\Internet Pass-Through\PassThruSvr.exe ()
PRC - C:\Programme\Browny02\Brother\BrStMonW.exe (Brother Industries, Ltd.)
PRC - C:\Programme\Browny02\BrYNSvc.exe (Brother Industries, Ltd.)
PRC - C:\Programme\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe ()
PRC - C:\Programme\Brownie\BrStsWnd.exe (brother)
PRC - C:\Programme\Brownie\BRNIPMON.exe (Brother Industries, Ltd.)
PRC - C:\Windows\System32\AEADISRV.EXE (Andrea Electronics Corporation)
PRC - C:\Programme\Common Files\microsoft shared\VS7DEBUG\mdm.exe (Microsoft Corporation)
PRC - c:\Programme\Adobe\Adobe Version Cue CS2\data\database\bin\mysqld-nt.exe ()
PRC - C:\Programme\Adobe\Adobe Version Cue CS2\ControlPanel\VersionCueCS2Tray.exe (Adobe Sytems Incorporated)
PRC - c:\Programme\Adobe\Adobe Version Cue CS2\bin\VersionCueCS2.exe (Adobe Systems Incorporated)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Programme\Mozilla Firefox\mozjs.dll ()
MOD - C:\Programme\Norton 360\Engine\20.3.1.22\wincfi39.dll ()
MOD - C:\Programme\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Programme\Common Files\Apple\Apple Application Support\libxml2.dll ()
MOD - C:\Programme\DivX\DivX Update\DivXUpdateCheck.dll ()
MOD - C:\Programme\DivX\DivX Update\DivXUpdate.exe ()
MOD - C:\Programme\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF ()
MOD - C:\Programme\WinRAR\RarExt.dll ()
MOD - C:\Programme\Brother\BrUtilities\BrLogAPI.dll ()
 
 
========== Services (SafeList) ==========
 
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (MozillaMaintenance) -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (AdobeARMservice) -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (BBUpdate) -- C:\Programme\Microsoft\BingBar\7.2.233.0\SeaPort.EXE (Microsoft Corporation.)
SRV - (BBSvc) -- C:\Programme\Microsoft\BingBar\7.2.233.0\BBSvc.EXE (Microsoft Corporation.)
SRV - (SkypeUpdate) -- C:\Programme\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (N360) -- C:\Program Files\Norton 360\Engine\20.3.1.22\ccSvcHst.exe (Symantec Corporation)
SRV - (vpnagent) -- C:\Programme\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe (Cisco Systems, Inc.)
SRV - (Microsoft SharePoint Workspace Audit Service) -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE (Microsoft Corporation)
SRV - (WMPNetworkSvc) -- C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
SRV - (PassThru Service) -- C:\Programme\HTC\Internet Pass-Through\PassThruSvr.exe ()
SRV - (WatAdminSvc) -- C:\Windows\System32\Wat\WatAdminSvc.exe (Microsoft Corporation)
SRV - (BrYNSvc) -- C:\Programme\Browny02\BrYNSvc.exe (Brother Industries, Ltd.)
SRV - (osppsvc) -- C:\Programme\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation)
SRV - (ose) -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE (Microsoft Corporation)
SRV - (fsssvc) -- C:\Programme\Windows Live\Family Safety\fsssvc.exe (Microsoft Corporation)
SRV - (StorSvc) -- C:\Windows\System32\StorSvc.dll (Microsoft Corporation)
SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
SRV - (PeerDistSvc) -- C:\Windows\System32\PeerDistSvc.dll (Microsoft Corporation)
SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (OMSI download service) -- C:\Programme\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe ()
SRV - (AEADIFilters) -- C:\Windows\System32\AEADISRV.EXE (Andrea Electronics Corporation)
SRV - (MDM) -- C:\Programme\Common Files\microsoft shared\VS7DEBUG\mdm.exe (Microsoft Corporation)
SRV - (Adobe Version Cue CS2) -- c:\Programme\Adobe\Adobe Version Cue CS2\bin\VersionCueCS2.exe (Adobe Systems Incorporated)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (VGPU) -- System32\drivers\rdvgkmd.sys File not found
DRV - (tsusbhub) -- system32\drivers\tsusbhub.sys File not found
DRV - (Synth3dVsc) -- System32\drivers\synth3dvsc.sys File not found
DRV - (catchme) -- C:\Users\Angela\AppData\Local\Temp\catchme.sys File not found
DRV - (NAVEX15) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.0.36\Definitions\VirusDefs\20130524.003\NAVEX15.SYS (Symantec Corporation)
DRV - (NAVENG) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.0.36\Definitions\VirusDefs\20130524.003\NAVENG.SYS (Symantec Corporation)
DRV - (eeCtrl) -- C:\Programme\Common Files\Symantec Shared\EENGINE\eeCtrl.sys (Symantec Corporation)
DRV - (SymEvent) -- C:\Windows\System32\drivers\SYMEVENT.SYS (Symantec Corporation)
DRV - (EraserUtilRebootDrv) -- C:\Programme\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys (Symantec Corporation)
DRV - (IDSVix86) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.0.36\Definitions\IPSDefs\20130523.001\IDSvix86.sys (Symantec Corporation)
DRV - (BHDrvx86) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.0.36\Definitions\BASHDefs\20130515.001\BHDrvx86.sys (Symantec Corporation)
DRV - (SymNetS) -- C:\Windows\System32\drivers\N360\1403010.016\symnets.sys (Symantec Corporation)
DRV - (SymEFA) -- C:\Windows\System32\drivers\N360\1403010.016\symefa.sys (Symantec Corporation)
DRV - (SRTSP) -- C:\Windows\System32\drivers\N360\1403010.016\srtsp.sys (Symantec Corporation)
DRV - (SRTSPX) -- C:\Windows\System32\drivers\N360\1403010.016\srtspx.sys (Symantec Corporation)
DRV - (SymDS) -- C:\Windows\System32\drivers\N360\1403010.016\symds.sys (Symantec Corporation)
DRV - (SymIRON) -- C:\Windows\System32\drivers\N360\1403010.016\ironx86.sys (Symantec Corporation)
DRV - (ccSet_N360) -- C:\Windows\System32\drivers\N360\1403010.016\ccsetx86.sys (Symantec Corporation)
DRV - (vpnva) -- C:\Windows\System32\drivers\vpnva.sys (Cisco Systems, Inc.)
DRV - (acsock) -- C:\Windows\System32\drivers\acsock.sys (Cisco Systems, Inc.)
DRV - (vmbus) -- C:\Windows\System32\drivers\vmbus.sys (Microsoft Corporation)
DRV - (storflt) -- C:\Windows\System32\drivers\vmstorfl.sys (Microsoft Corporation)
DRV - (storvsc) -- C:\Windows\System32\drivers\storvsc.sys (Microsoft Corporation)
DRV - (TsUsbFlt) -- C:\Windows\System32\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV - (RdpVideoMiniport) -- C:\Windows\System32\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
DRV - (VMBusHID) -- C:\Windows\System32\drivers\VMBusHID.sys (Microsoft Corporation)
DRV - (s3cap) -- C:\Windows\System32\drivers\vms3cap.sys (Microsoft Corporation)
DRV - (htcnprot) -- C:\Windows\System32\drivers\htcnprot.sys (Windows (R) Win 7 DDK provider)
DRV - (HTCAND32) -- C:\Windows\System32\drivers\ANDROIDUSB.sys (HTC, Corporation)
DRV - (WSDPrintDevice) -- C:\Windows\System32\drivers\WSDPrint.sys (Microsoft Corporation)
DRV - (Serial) -- C:\Windows\System32\drivers\serial.sys (Brother Industries Ltd.)
DRV - (AgereSoftModem) -- C:\Windows\System32\drivers\AGRSM.sys (LSI Corp)
DRV - (netw5v32) -- C:\Windows\System32\drivers\netw5v32.sys (Intel Corporation)
DRV - (bcm4sbxp) -- C:\Windows\System32\drivers\bcm4sbxp.sys (Broadcom Corporation)
DRV - (HBtnKey) -- C:\Windows\System32\drivers\CPQBttn.sys (Hewlett-Packard Development Company, L.P.)
DRV - (seehcri) -- C:\Windows\System32\drivers\seehcri.sys (Sony Ericsson Mobile Communications)
DRV - (sscdmdm) -- C:\Windows\System32\drivers\sscdmdm.sys (MCCI Corporation)
DRV - (sscdmdfl) -- C:\Windows\System32\drivers\sscdmdfl.sys (MCCI Corporation)
DRV - (sscdbus) -- C:\Windows\System32\drivers\sscdbus.sys (MCCI Corporation)
DRV - (StarOpen) -- C:\Windows\System32\drivers\StarOpen.sys ()
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\..\SearchScopes,DefaultScope = 
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
 
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = 
 
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = 
 
IE - HKU\S-1-5-21-3409297040-1576433338-3134443658-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
IE - HKU\S-1-5-21-3409297040-1576433338-3134443658-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
IE - HKU\S-1-5-21-3409297040-1576433338-3134443658-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKU\S-1-5-21-3409297040-1576433338-3134443658-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 28 20 DB 96 8D 88 CA 01  [binary data]
IE - HKU\S-1-5-21-3409297040-1576433338-3134443658-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://www.google.com/ie
IE - HKU\S-1-5-21-3409297040-1576433338-3134443658-1000\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com/ie
IE - HKU\S-1-5-21-3409297040-1576433338-3134443658-1000\..\SearchScopes,DefaultScope = 
IE - HKU\S-1-5-21-3409297040-1576433338-3134443658-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR
IE - HKU\S-1-5-21-3409297040-1576433338-3134443658-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-3409297040-1576433338-3134443658-1000\..\SearchScopes\{8ADB80D7-F543-439D-A6B1-B43A4505C4BD}: "URL" = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKU\S-1-5-21-3409297040-1576433338-3134443658-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3409297040-1576433338-3134443658-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://www.spiegel.de/"
FF - prefs.js..extensions.enabledAddons: %7B1BC9BA34-1EED-42ca-A505-6D2F1A935BBB%7D:4.12.22.2
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:21.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {8AA36F4F-6DC7-4c06-77AF-5035170634FE}:2010.12.10
FF - prefs.js..extensions.enabledItems: engine@conduit.com:3.3.3.2
FF - prefs.js..extensions.enabledItems: {22e03916-85c5-44b0-8dc9-1830c11238d9}:3.3.3.2
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_202.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MIF5BA~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MIF5BA~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{8AA36F4F-6DC7-4c06-77AF-5035170634FE}: C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox [2010.12.11 17:30:21 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012.03.31 21:03:48 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.0.36\IPSFFPlgn\ [2013.05.10 08:59:07 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.0.36\coFFPlgn\ [2013.05.24 22:28:34 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013.05.19 15:29:00 | 000,000,000 | ---D | M]
 
[2010.01.04 11:29:44 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Angela\AppData\Roaming\mozilla\Extensions
[2013.05.24 22:22:45 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Angela\AppData\Roaming\mozilla\Firefox\Profiles\m4hcwook.default\extensions
[2012.12.26 21:06:09 | 000,000,000 | ---D | M] (IE Tab 2 (FF 3.6+)) -- C:\Users\Angela\AppData\Roaming\mozilla\Firefox\Profiles\m4hcwook.default\extensions\{1BC9BA34-1EED-42ca-A505-6D2F1A935BBB}
[2013.05.22 11:04:58 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\browser\extensions
[2013.05.22 11:04:59 | 000,000,000 | ---D | M] (Default) -- C:\Programme\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
 
========== Chrome  ==========
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - homepage: hxxp://www.google.com
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\18.0.1025.142\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\18.0.1025.142\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\18.0.1025.142\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.300.12 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U30 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPOFF12.DLL
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Bio3D (Enabled) = C:\Program Files\CambridgeSoft\ChemOffice2010\Chem3D\npChem3DPlugin.dll
CHR - plugin: ChemDraw (Enabled) = C:\Program Files\CambridgeSoft\ChemOffice2010\ChemDraw\npcdp32.dll
CHR - plugin: DivX Web Player (Enabled) = C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll
CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - Extension: Mehr Leistung und Videoformate f\u00FCr dein HTML5 \u003Cvideo\u003E = C:\Users\Angela\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0\
 
O1 HOSTS File: ([2013.05.15 22:17:19 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (Bing Bar Helper) - {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} - C:\Programme\Microsoft\BingBar\7.2.233.0\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Programme\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Programme\Norton 360\Engine\20.3.1.22\coieplg.dll (Symantec Corporation)
O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Programme\Norton 360\Engine\20.3.1.22\ips\ipsbho.dll (Symantec Corporation)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Programme\Norton 360\Engine\20.3.1.22\coieplg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Bing Bar) - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Programme\Microsoft\BingBar\7.2.233.0\BingExt.dll (Microsoft Corporation.)
O3 - HKU\S-1-5-21-3409297040-1576433338-3134443658-1000\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKU\S-1-5-21-3409297040-1576433338-3134443658-1000\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Programme\Norton 360\Engine\20.3.1.22\coieplg.dll (Symantec Corporation)
O4 - HKLM..\Run: [Adobe Version Cue CS2] c:\Program Files\Adobe\Adobe Version Cue CS2\ControlPanel\VersionCueCS2Tray.exe (Adobe Sytems Incorporated)
O4 - HKLM..\Run: [BCSSync] C:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
O4 - HKLM..\Run: [BrStsMon00] C:\Program Files\Browny02\Brother\BrStMonW.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [BrStsWnd] C:\Program Files\Brownie\BrstsWnd.exe (brother)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - Startup: C:\Users\Angela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Angela\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 28
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3409297040-1576433338-3134443658-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3409297040-1576433338-3134443658-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: &Citavi Picker... - C:\ProgramData\Swiss Academic Software\Citavi Picker\Internet Explorer\ShowContextMenu.html ()
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: An OneNote s&enden - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - C:\Programme\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MIF5BA~1\Office12\EXCEL.EXE/3000 File not found
O9 - Extra Button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {6E718D87-6909-4FCE-92D4-EDCB2F725727} hxxp://navigram.com/engine/v1111/Navigram.cab (Navigram Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab (Java Plug-in 1.6.0_32)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab (Java Plug-in 10.7.2)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{125A7B6C-2123-4E4E-A776-EEA3D34D91FA}: DhcpNameServer = 192.168.2.1 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FF7F7128-7632-44B7-89A8-DF1FB8AFFDC2}: DhcpNameServer = 192.168.178.1
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.05.24 22:13:03 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2013.05.24 22:12:11 | 000,000,000 | ---D | C] -- C:\JRT
[2013.05.24 22:09:44 | 000,545,954 | ---- | C] (Oleg N. Scherbakov) -- C:\Users\Angela\Desktop\JRT.exe
[2013.05.19 15:28:19 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2013.05.16 22:24:59 | 002,706,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2013.05.16 22:24:58 | 002,877,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2013.05.16 22:24:58 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2013.05.16 22:24:57 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2013.05.16 22:24:57 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2013.05.16 22:24:56 | 000,493,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2013.05.16 22:24:56 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2013.05.16 22:24:56 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe
[2013.05.16 22:24:56 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2013.05.16 22:24:56 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2013.05.15 23:05:43 | 017,613,192 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerInstaller.exe
[2013.05.15 22:26:28 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2013.05.15 22:25:43 | 000,000,000 | ---D | C] -- C:\Users\Angela\AppData\Local\temp
[2013.05.15 21:44:05 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2013.05.15 21:44:05 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2013.05.15 21:44:05 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2013.05.15 21:42:13 | 000,000,000 | ---D | C] -- C:\Qoobox
[2013.05.15 21:40:32 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2013.05.15 21:38:49 | 005,066,276 | R--- | C] (Swearware) -- C:\Users\Angela\Desktop\ComboFix.exe
[2013.05.15 08:18:30 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wwanprotdim.dll
[2013.05.15 08:18:29 | 002,347,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2013.05.15 08:18:11 | 000,218,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\dxgmms1.sys
[2013.05.15 08:17:57 | 000,101,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\consent.exe
[2013.05.15 08:17:56 | 001,796,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\authui.dll
[2013.05.13 21:15:15 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Angela\Desktop\OTL.exe
[2013.05.10 21:15:09 | 000,000,000 | ---D | C] -- C:\Users\Angela\Documents\Updater
[2013.05.10 21:04:40 | 000,000,000 | ---D | C] -- C:\Windows\System32\Adobe
[2013.05.10 19:06:14 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Adobe PDF
[2013.05.10 19:05:23 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe Systems Shared
[2013.05.10 19:04:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe
[2013.05.10 18:57:44 | 000,000,000 | ---D | C] -- C:\Creative Suite CS2
[2013.05.10 14:19:33 | 000,000,000 | ---D | C] -- C:\Users\Angela\AppData\Local\CrashDumps
[2013.05.10 09:37:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
[2013.05.10 09:37:00 | 000,000,000 | ---D | C] -- C:\Users\Angela\AppData\Roaming\DVDVideoSoft
[2013.05.10 09:37:00 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DVDVideoSoft
[2013.05.10 09:36:59 | 000,000,000 | ---D | C] -- C:\Program Files\DVDVideoSoft
[2013.05.10 09:08:56 | 000,934,488 | ---- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\N360\1403010.016\symefa.sys
[2013.05.10 09:08:56 | 000,338,592 | ---- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\N360\1403010.016\symnets.sys
[2013.05.10 09:08:56 | 000,021,400 | R--- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\N360\1403010.016\symelam.sys
[2013.05.10 09:08:55 | 000,602,712 | ---- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\N360\1403010.016\srtsp.sys
[2013.05.10 09:08:55 | 000,367,704 | ---- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\N360\1403010.016\symds.sys
[2013.05.10 09:08:55 | 000,175,264 | ---- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\N360\1403010.016\ironx86.sys
[2013.05.10 09:08:55 | 000,134,304 | ---- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\N360\1403010.016\ccsetx86.sys
[2013.05.10 09:08:55 | 000,032,344 | ---- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\N360\1403010.016\srtspx.sys
[2013.05.10 09:08:17 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\N360\1403010.016
[2013.05.10 08:56:49 | 000,142,496 | ---- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\SYMEVENT.SYS
[2013.05.10 08:56:48 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Symantec Shared
[2013.05.10 08:56:48 | 000,000,000 | ---D | C] -- C:\Program Files\Symantec
[2013.05.10 08:54:50 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\N360
[2013.05.10 08:54:47 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton 360
[2013.05.10 08:54:47 | 000,000,000 | ---D | C] -- C:\Program Files\Norton 360
[2013.05.09 08:40:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Norton
[2013.05.09 08:36:42 | 000,000,000 | ---D | C] -- C:\ProgramData\NortonInstaller
[2013.05.09 08:36:42 | 000,000,000 | ---D | C] -- C:\Program Files\NortonInstaller
[2013.05.05 15:50:05 | 000,000,000 | ---D | C] -- C:\Windows\HerculesWebcamUpdater
[2013.05.05 15:50:03 | 000,374,056 | ---- | C] (Guillemot Corporation S.A.) -- C:\Windows\System32\HWLMSET2.exe
[2013.05.05 15:50:03 | 000,000,000 | ---D | C] -- C:\Program Files\Hercules
[2013.04.26 10:01:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2013.04.26 10:01:07 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2013.05.24 22:33:15 | 000,015,344 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.05.24 22:33:15 | 000,015,344 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.05.24 22:26:07 | 000,000,678 | ---- | M] () -- C:\Windows\Brownie.ini
[2013.05.24 22:26:00 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.05.24 22:25:47 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.05.24 22:25:40 | 798,564,352 | -HS- | M] () -- C:\hiberfil.sys
[2013.05.24 22:20:56 | 000,632,031 | ---- | M] () -- C:\Users\Angela\Desktop\adwcleaner.exe
[2013.05.24 22:13:29 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.05.24 22:10:43 | 000,545,954 | ---- | M] (Oleg N. Scherbakov) -- C:\Users\Angela\Desktop\JRT.exe
[2013.05.24 22:05:03 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.05.22 11:05:23 | 000,001,109 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2013.05.19 21:00:58 | 000,672,522 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2013.05.19 21:00:58 | 000,623,428 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013.05.19 21:00:58 | 000,135,806 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2013.05.19 21:00:58 | 000,111,556 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013.05.17 08:06:16 | 000,414,392 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2013.05.17 08:04:43 | 001,931,797 | ---- | M] () -- C:\Windows\System32\drivers\N360\1403010.016\Cat.DB
[2013.05.15 23:05:51 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2013.05.15 23:05:50 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2013.05.15 23:05:43 | 017,613,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerInstaller.exe
[2013.05.15 22:17:19 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2013.05.15 21:39:11 | 005,066,276 | R--- | M] (Swearware) -- C:\Users\Angela\Desktop\ComboFix.exe
[2013.05.13 21:15:30 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Angela\Desktop\OTL.exe
[2013.05.10 19:06:36 | 000,001,249 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk
[2013.05.10 09:25:48 | 000,002,304 | ---- | M] () -- C:\{C44647FC-F019-4957-BD7A-84B1B48CE4D0}
[2013.05.10 08:56:48 | 000,142,496 | ---- | M] (Symantec Corporation) -- C:\Windows\System32\drivers\SYMEVENT.SYS
[2013.05.10 08:56:48 | 000,007,446 | ---- | M] () -- C:\Windows\System32\drivers\SYMEVENT.CAT
[2013.05.10 08:56:48 | 000,000,806 | ---- | M] () -- C:\Windows\System32\drivers\SYMEVENT.INF
[2 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2013.05.24 22:20:42 | 000,632,031 | ---- | C] () -- C:\Users\Angela\Desktop\adwcleaner.exe
[2013.05.15 21:44:05 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2013.05.15 21:44:05 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2013.05.15 21:44:05 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2013.05.15 21:44:05 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2013.05.15 21:44:05 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2013.05.10 21:07:20 | 000,002,550 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Illustrator CS2.lnk
[2013.05.10 21:04:42 | 000,016,384 | ---- | C] () -- C:\Windows\System32\FileOps.exe
[2013.05.10 20:31:01 | 000,000,997 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe InDesign CS2.lnk
[2013.05.10 19:15:35 | 000,002,015 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS2.lnk
[2013.05.10 19:15:35 | 000,002,012 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ImageReady CS2.lnk
[2013.05.10 19:09:26 | 000,001,983 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Help Center.lnk
[2013.05.10 19:06:35 | 000,001,249 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk
[2013.05.10 19:04:54 | 000,001,965 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge.lnk
[2013.05.10 09:25:47 | 000,002,304 | ---- | C] () -- C:\{C44647FC-F019-4957-BD7A-84B1B48CE4D0}
[2013.05.10 09:14:17 | 001,931,797 | ---- | C] () -- C:\Windows\System32\drivers\N360\1403010.016\Cat.DB
[2013.05.10 09:11:34 | 000,014,818 | ---- | C] () -- C:\Windows\System32\drivers\N360\1403010.016\VT20130115.021
[2013.05.10 09:08:56 | 000,009,670 | R--- | C] () -- C:\Windows\System32\drivers\N360\1403010.016\symelam.cat
[2013.05.10 09:08:56 | 000,007,601 | ---- | C] () -- C:\Windows\System32\drivers\N360\1403010.016\symnet.cat
[2013.05.10 09:08:56 | 000,007,583 | ---- | C] () -- C:\Windows\System32\drivers\N360\1403010.016\symefa.cat
[2013.05.10 09:08:56 | 000,003,434 | ---- | C] () -- C:\Windows\System32\drivers\N360\1403010.016\symefa.inf
[2013.05.10 09:08:56 | 000,001,440 | ---- | C] () -- C:\Windows\System32\drivers\N360\1403010.016\symnet.inf
[2013.05.10 09:08:56 | 000,000,996 | R--- | C] () -- C:\Windows\System32\drivers\N360\1403010.016\symelam.inf
[2013.05.10 09:08:55 | 000,007,611 | ---- | C] () -- C:\Windows\System32\drivers\N360\1403010.016\ccsetx86.cat
[2013.05.10 09:08:55 | 000,007,593 | ---- | C] () -- C:\Windows\System32\drivers\N360\1403010.016\iron.cat
[2013.05.10 09:08:55 | 000,007,581 | ---- | C] () -- C:\Windows\System32\drivers\N360\1403010.016\srtspx.cat
[2013.05.10 09:08:55 | 000,007,577 | ---- | C] () -- C:\Windows\System32\drivers\N360\1403010.016\symds.cat
[2013.05.10 09:08:55 | 000,007,577 | ---- | C] () -- C:\Windows\System32\drivers\N360\1403010.016\srtsp.cat
[2013.05.10 09:08:55 | 000,002,852 | ---- | C] () -- C:\Windows\System32\drivers\N360\1403010.016\symds.inf
[2013.05.10 09:08:55 | 000,001,389 | ---- | C] () -- C:\Windows\System32\drivers\N360\1403010.016\srtspx.inf
[2013.05.10 09:08:55 | 000,001,389 | ---- | C] () -- C:\Windows\System32\drivers\N360\1403010.016\srtsp.inf
[2013.05.10 09:08:55 | 000,000,827 | ---- | C] () -- C:\Windows\System32\drivers\N360\1403010.016\ccsetx86.inf
[2013.05.10 09:08:55 | 000,000,737 | ---- | C] () -- C:\Windows\System32\drivers\N360\1403010.016\iron.inf
[2013.05.10 09:08:17 | 000,000,172 | ---- | C] () -- C:\Windows\System32\drivers\N360\1403010.016\isolate.ini
[2013.05.10 08:56:49 | 000,007,446 | ---- | C] () -- C:\Windows\System32\drivers\SYMEVENT.CAT
[2013.05.10 08:56:49 | 000,000,806 | ---- | C] () -- C:\Windows\System32\drivers\SYMEVENT.INF
[2013.05.05 15:50:03 | 000,015,144 | ---- | C] () -- C:\Windows\System32\HWLMSET2PS.dll
[2013.04.21 19:03:43 | 000,045,056 | ---- | C] () -- C:\Windows\System32\BRTCPCON.DLL
[2013.04.21 19:03:39 | 000,000,050 | ---- | C] () -- C:\Windows\System32\BRADM10A.DAT
[2013.02.13 19:44:05 | 000,017,408 | ---- | C] () -- C:\Users\Angela\AppData\Local\WebpageIcons.db
[2013.02.10 21:45:28 | 000,010,851 | ---- | C] () -- C:\Users\Angela\.recently-used.xbel
[2012.11.07 13:41:13 | 000,021,860 | ---- | C] () -- C:\Users\Angela\AppData\Roaming\Kommagetrennte Werte (Windows).ADR
[2012.08.13 23:11:46 | 000,007,602 | ---- | C] () -- C:\Users\Angela\AppData\Local\Resmon.ResmonCfg
[2011.06.07 09:35:15 | 000,080,896 | ---- | C] () -- C:\Windows\System32\RDVGHelper.exe
[2011.06.07 09:33:32 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2010.12.14 11:24:20 | 000,000,000 | ---- | C] () -- C:\ProgramData\LauncherAccess.dt
[2010.12.09 10:17:24 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010.10.29 09:18:08 | 000,000,032 | RHS- | C] () -- C:\Users\Angela\AppData\Local\t56.dat
[2010.06.30 20:48:44 | 000,003,584 | ---- | C] () -- C:\Users\Angela\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007.03.12 19:59:00 | 000,299,008 | ---- | C] () -- C:\Program Files\navigram_register.exe
 
========== ZeroAccess Check ==========
 
[2009.07.14 06:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.02.27 06:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 03:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

< End of report >
         
Viele Grüße

Alt 24.05.2013, 22:14   #22
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
AOL Mailadresse verschickt Spam - Standard

AOL Mailadresse verschickt Spam



Fixen mit OTL

  • Starte bitte die OTL.exe.
  • Kopiere nun den Inhalt aus der Codebox in die Textbox.
Code:
ATTFilter
:OTL
FF - user.js - File not found
FF - prefs.js..extensions.enabledItems: engine@conduit.com:3.3.3.2
:Files
ipconfig /flushdns /c
:Commands
[purity]
[emptytemp]
[resethosts]
         
  • Solltest du deinen Benutzernamen z. B. durch "*****" unkenntlich gemacht haben, so füge an entsprechender Stelle deinen richtigen Benutzernamen ein. Andernfalls wird der Fix nicht funktionieren.
  • Schließe bitte nun alle Programme.
  • Klicke nun bitte auf den Fix Button.
  • OTL kann gegebenfalls einen Neustart verlangen. Bitte dies zulassen.
  • Nach dem Neustart findest Du ein Textdokument auf deinem Desktop.
    ( Auch zu finden unter C:\_OTL\MovedFiles\<Uhrzeit_Datum>.txt)
    Kopiere nun den Inhalt hier in Deinen Thread
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 25.05.2013, 06:57   #23
Angi23
 
AOL Mailadresse verschickt Spam - Standard

AOL Mailadresse verschickt Spam



Ist erledigt, der logfile ist:

Code:
ATTFilter
All processes killed
========== OTL ==========
Prefs.js: engine@conduit.com:3.3.3.2 removed from extensions.enabledItems
========== FILES ==========
< ipconfig /flushdns /c >
Windows-IP-Konfiguration
Der DNS-Aufl”sungscache wurde geleert.
C:\Users\Angela\Desktop\cmd.bat deleted successfully.
C:\Users\Angela\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 402 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 79762421 bytes
->Flash cache emptied: 57550 bytes
 
User: All Users
 
User: Angela
->Temp folder emptied: 84732801 bytes
->Temporary Internet Files folder emptied: 129928812 bytes
->Java cache emptied: 33861753 bytes
->FireFox cache emptied: 79778976 bytes
->Google Chrome cache emptied: 11812329 bytes
->Flash cache emptied: 69547 bytes
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
->Flash cache emptied: 56502 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
 
User: Public
->Temp folder emptied: 0 bytes
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 1633392 bytes
RecycleBin emptied: 513560180 bytes
 
Total Files Cleaned = 892,00 mb
 
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
 
OTL by OldTimer - Version 3.2.69.0 log created on 05252013_074851

Files\Folders moved on Reboot...
File\Folder C:\Windows\temp\hsperfdata_ANGELA-NOTEBOOK$\1760 not found!
C:\Windows\temp\ib41 moved successfully.
C:\Windows\temp\ib42 moved successfully.
C:\Windows\temp\ib43 moved successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...
         
Grüße

Alt 25.05.2013, 19:16   #24
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
AOL Mailadresse verschickt Spam - Standard

AOL Mailadresse verschickt Spam



Sieht ok aus. Wir sollten fast durch sein. Mach bitte zur Kontrolle einen Vollscan mit Malwarebytes Anti-Malware (MBAM) (falls du vor kurzem erst einen Vollscan gemacht hast, reicht auch ein Quickscan (spart Zeit), das dann mir bitte auch mitteilen)

Hinweis: Denk bitte vorher daran, Malwarebytes Anti-Malware über den Updatebutton zu aktualisieren!

Anschließend über den OnlineScanner von ESET eine zusätzliche Meinung zu holen ist auch nicht verkehrt:


ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

__________________
Logfiles bitte immer in CODE-Tags posten

Alt 27.05.2013, 08:17   #25
Angi23
 
AOL Mailadresse verschickt Spam - Standard

AOL Mailadresse verschickt Spam



der Logfile von Malwarebytes ist:

Code:
ATTFilter
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Database version: v2013.05.26.05

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 10.0.9200.16576
Angela :: ANGELA-NOTEBOOK [administrator]

26.05.2013 21:44:34
mbam-log-2013-05-26 (21-44-34).txt

Scan type: Full scan (C:\|E:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 465924
Time elapsed: 2 hour(s), 30 minute(s), 23 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)
         

Alt 27.05.2013, 09:09   #26
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
AOL Mailadresse verschickt Spam - Standard

AOL Mailadresse verschickt Spam



ok, fehlt noch eset
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 27.05.2013, 21:48   #27
Angi23
 
AOL Mailadresse verschickt Spam - Standard

AOL Mailadresse verschickt Spam



Eset hat irgendwas auf meiner externen Festplatte gefunden :-(

Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=08469e80275b0c4a96ee6b761950976e
# engine=13925
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-05-27 07:37:04
# local_time=2013-05-27 09:37:04 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=3592 16777213 100 93 964478 120345920 0 0
# compatibility_mode=5893 16776574 100 94 4594160 121314615 0 0
# scanned=328923
# found=2
# cleaned=0
# scan_time=30518
sh=77116DB8957F067C77FFD3667A7F21B26A7C475F ft=0 fh=0000000000000000 vn="Win32/StartPage.OIE trojan" ac=I fn="G:\ANGELA-NOTEBOOK\Backup Set 2012-01-02 113910\Backup Files 2012-06-03 174903\Backup files 22.zip"
sh=B7EAC6FB7A5A2FD47A2599D066CE042C44C0FB45 ft=0 fh=0000000000000000 vn="Win32/StartPage.OIE trojan" ac=I fn="G:\ANGELA-NOTEBOOK\Backup Set 2012-07-28 152052\Backup Files 2012-07-28 152052\Backup files 32.zip"
         

Alt 27.05.2013, 21:58   #28
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
AOL Mailadresse verschickt Spam - Standard

AOL Mailadresse verschickt Spam



Das sind nur alte Backup-Sets, einfach mal löschen

Sieht soweit ok aus

Wegen Cookies und anderer Dinge im Web: Um die Pest von vornherein zu blocken (also TrackingCookies, Werbebanner etc.) müsstest du dir mal sowas wie MVPS Hosts File anschauen => Blocking Unwanted Parasites with a Hosts File - sinnvollerweise solltest du alle 4 Wochen mal bei MVPS nachsehen, ob er eine neue Hosts Datei herausgebracht hat.

Info: Cookies sind keine Schädlinge direkt, aber es besteht die Gefahr der missbräuchlichen Verwendung (eindeutige Wiedererkennung zB für gezielte Werbung o.ä. => HTTP-Cookie )

Ansonsten gibt es noch gute Cookiemanager, Erweiterungen für den Firefox zB wäre da CookieCuller
Wenn du aber damit leben kannst, dich bei jeder Browsersession überall neu einzuloggen (zB Facebook, Ebay, GMX, oder auch Trojaner-Board) dann stell den Browser einfach so ein, dass einfach alles beim Beenden des Browser inkl. Cookies gelöscht wird.

Ist dein System nun wieder in Ordnung oder gibt's noch andere Funde oder Probleme?
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 29.05.2013, 08:35   #29
Angi23
 
AOL Mailadresse verschickt Spam - Standard

AOL Mailadresse verschickt Spam



Hallo,

puh da bin ich erleichtert!

Wie stelle ich denn beim Firefox ein, dass alles beim Beenden des Browsers gelöscht wird?

Sonst ist eigentlich alles gut nur bei Firefox zeigt der in letzter Zeit immer an: Plugin funktioniert nicht-Skript stoppen oder weiter ausführen. Am Anfang war es nur Shockwave des habe ich dann neu runter geladen, manchmal ist es aber auch Abobe oder andere. Kann man da was dagegen machen?

Tausend Dank für die Hilfe!!!

Alt 29.05.2013, 09:25   #30
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
AOL Mailadresse verschickt Spam - Standard

AOL Mailadresse verschickt Spam



Zitat:
Wie stelle ich denn beim Firefox ein, dass alles beim Beenden des Browsers gelöscht wird?
Extras => Privatspäre => benutzerdefiniert
Alternative: immer den privaten Modus verwenden

Zitat:
Kann man da was dagegen machen?
Erstell dir mal ein neues Profil und teste => Firefox-Profile erstellen und löschen | Hilfe zu Firefox
__________________
Logfiles bitte immer in CODE-Tags posten

Antwort

Themen zu AOL Mailadresse verschickt Spam
angeblich, entfern, entfernt, kaspersky, konnte, laufe, laufen, link, mailadresse, monate, nichts, norton, spam, spammails, troja, trojaner, verschickt




Ähnliche Themen: AOL Mailadresse verschickt Spam


  1. Mailadresse versendet Spam Nachrichten.
    Log-Analyse und Auswertung - 22.05.2015 (14)
  2. web.de Mailadresse verschickt Spam
    Log-Analyse und Auswertung - 20.05.2015 (7)
  3. AOL Mail: Spam-Mails in meinem Namen (andere Mailadresse) an komplettes Adressbuch
    Log-Analyse und Auswertung - 11.04.2015 (19)
  4. Hotmail verschickt Spam
    Plagegeister aller Art und deren Bekämpfung - 19.12.2014 (15)
  5. Yahoo-Mail Account verschickt Spam, hinterlässt keine Spuren im Verschickt-Ordner Win8
    Plagegeister aller Art und deren Bekämpfung - 16.07.2014 (11)
  6. Spam wird scheinbar von einer eigenen Mailadresse versendet
    Überwachung, Datenschutz und Spam - 15.06.2014 (2)
  7. emailadresse verschickt spam
    Log-Analyse und Auswertung - 15.05.2013 (34)
  8. Eigene Mailadresse wird missbraucht um Spam-Mails zu versenden
    Log-Analyse und Auswertung - 05.04.2013 (1)
  9. Spam über GMX Konto verschickt
    Überwachung, Datenschutz und Spam - 01.01.2013 (5)
  10. web.de verschickt eigenständig Spam-mails
    Plagegeister aller Art und deren Bekämpfung - 21.06.2012 (30)
  11. Mailadresse gekapert, verschickt böse links
    Plagegeister aller Art und deren Bekämpfung - 03.04.2012 (0)
  12. Spam-Mails von eigener E-Mailadresse
    Plagegeister aller Art und deren Bekämpfung - 05.03.2012 (11)
  13. Meine E-mailadresse verschickt automatisch links mit viren
    Plagegeister aller Art und deren Bekämpfung - 20.01.2012 (5)
  14. Msn verschickt Spam!
    Plagegeister aller Art und deren Bekämpfung - 12.05.2011 (29)
  15. Extrem zugemüllter PC, Spam-Versand über gespeicherte Mailadresse
    Log-Analyse und Auswertung - 02.10.2010 (1)
  16. PC verschickt SPAM!!!
    Plagegeister aller Art und deren Bekämpfung - 22.01.2008 (1)
  17. Services.exe verschickt Spam
    Plagegeister aller Art und deren Bekämpfung - 01.09.2007 (1)

Zum Thema AOL Mailadresse verschickt Spam - aswMBR Downloade dir bitte aswMBR.exe und speichere die Datei auf deinem Desktop. Starte die aswMBR.exe - ( aswMBR.exe Anleitung ) Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator - AOL Mailadresse verschickt Spam...
Archiv
Du betrachtest: AOL Mailadresse verschickt Spam auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.