Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Netbook seeehr langsam, Windows-Update funktioniert nicht

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 01.02.2012, 20:53   #1
carsten87
 
Netbook seeehr langsam, Windows-Update funktioniert nicht - Standard

Netbook seeehr langsam, Windows-Update funktioniert nicht



Hallo,
ich habe ein übles Trojaner-Problem auf dem Netbook meiner Freundin. Der PC läuft sehr sehr langsam und das Problem lässt sich trotz diverser Viren-Check-Ups nicht beheben.

Ich habe schon die Vorschläge auf dem nachfolgenden Thread probiert, aber ich komme echt nicht weiter. http://www.trojaner-board.de/103488-...entfernen.html

Zum Netbook: HP 210 mini, Intel Atom N450 1.6GHz, 1GB RAM, 250GB HDD, Intel GMA 3150, Win 7 Starter, Standard-Antivirus: AntiVir
Folgende Programme habe ich bereits ausprobiert: AntiVir, ESET, OTL-Fix, TDSS-Killer, OSAM, Malwarebytes (2x), SUPERAntispyware (2x), Microsoft Windows Fix it! (das Windows-Update geht nicht), TuneUp-Utilities
Die Logs der einzelnen Programme kann ich gerne posten.

Bitte helft mir, ich bin echt am Verzweifeln!

Viele Grüße,
Carsten

Alt 02.02.2012, 06:53   #2
kira
/// Helfer-Team
 
Netbook seeehr langsam, Windows-Update funktioniert nicht - Standard

Netbook seeehr langsam, Windows-Update funktioniert nicht



Hallo und Herzlich Willkommen!

Bevor wir unsere Zusammenarbeit beginnen, [Bitte Vollständig lesen]:
Zitat:
  • "Fernbehandlungen/Fernhilfe" und die damit verbundenen Haftungsrisken:
    - da die Fehlerprüfung und Handlung werden über große Entfernungen durchgeführt, besteht keine Haftung unsererseits für die daraus entstehenden Folgen.
    - also, jede Haftung für die daraus entstandene Schäden wird ausgeschlossen, ANWEISUNGEN UND DEREN BEFOLGUNG, ERFOLGT AUF DEINE EIGENE VERANTWORTUNG!
  • Charakteristische Merkmale/Profilinformationen:
    - aus der verwendeten Loglisten oder Logdateien - wie z.B. deinen Realnamen, Seriennummer in Programm etc)- kannst Du herauslöschen oder durch [X] ersetzen
  • Die Systemprüfung und Bereinigung:
    - kann einige Zeit in Anspruch nehmen (je nach Art der Infektion), kann aber sogar so stark kompromittiert sein, so dass eine wirkungsvolle technische Säuberung ist nicht mehr möglich bzw Du es neu installieren musst
  • Ich empfehle Dir die Anweisungen erst einmal komplett durchzulesen, bevor du es anwendest, weil wenn du etwas falsch machst, kann es wirklich gefährlich werden. Wenn du meinen Anweisungen Schritt für Schritt folgst, kann eigentlich nichts schief gehen.
  • Innerhalb der Betreuungszeit:
    - ohne Abspräche bitte nicht auf eigene Faust handeln!- bei Problemen nachfragen.
  • Die Reihenfolge:
    - genau so wie beschrieben bitte einhalten, nicht selbst die Reihenfolge wählen!
  • GECRACKTE SOFTWARE werden hier nicht geduldet!!!!
  • Ansonsten unsere Forumsregeln:
    - Bitte erst lesen, dann posten!-> Für alle Hilfesuchenden! Was muss ich vor der Eröffnung eines Themas beachten?
  • Alle Logfile mit einem vBCode Tag eingefügen, das bietet hier eine gute Übersicht, erleichtert mir die Arbeit! Falls das Logfile zu groß, teile es in mehrere Teile auf.

Sobald Du diesen Einführungstext gelesen hast, kannst Du beginnen
► wie hast Du erfahren, dass Du ein Schadprogramm auf dem Rechner hast?
► Falls es Meldung/Bericht von deinem Antivirenprogramm oder andere Schutzprogramme gibt, bitte posten! Was gefunden und vor allem wo...
► Beschreibe, welche Versuche du unternommen hast, um das Problem zu lösen (die schon vorhandenen Ergebnisse auch posten)

► Erster Teil des 3-teiligen Verfahren, werden wir dein System auf Viren untersuchen, bzw nach einem anderen Verursacher suchen:
Für Vista und Win7:
Wichtig: Alle Befehle bitte als Administrator ausführen! rechte Maustaste auf die Eingabeaufforderung und "als Administrator ausführen" auswählen
Auf der angewählten Anwendung einen Rechtsklick (rechte Maustaste) und "Als Administrator ausführen" wählen!

1.
Lade Dir Malwarebytes Anti-Malware von→ malwarebytes.org
  • Installieren und per Doppelklick starten.
  • Deutsch einstellen und gleich mal die Datenbanken zu aktualisieren - online updaten
  • "Komplett Scan durchführen" wählen (überall Haken setzen)
  • wenn der Scanvorgang beendet ist, klicke auf "Zeige Resultate"
  • Alle Funde - falls MBAM meldet in C:\System Volume Information - den Haken bitte entfernen - markieren und auf "Löschen" - "Ausgewähltes entfernen") klicken.
  • Poste das Ergebnis hier in den Thread - den Bericht findest Du unter "Scan-Berichte"
eine bebilderte Anleitung findest Du hier: Anleitung

2.
Systemscan mit OTL

Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
  • Doppelklick auf die OTL.exe
  • Vista User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen
  • Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output
  • Unter Extra Registry, wähle bitte Use SafeList
  • Klicke nun auf Run Scan links oben
  • Wenn der Scan beendet wurde werden 2 Logfiles erstellt - OTL.txt und Extras.txt
  • Poste die Logfiles in Code-Tags hier in den Thread.

3.
Um festzustellen, ob veraltete oder schädliche Software unter Programme installiert sind, ich würde gerne noch all deine installierten Programme sehen:
Lade dir das Tool CCleaner herunter
Download
installieren (Software-Lizenzvereinbarung lesen, falls angeboten wird "Füge CCleaner Yahoo! Toolbar hinzu" abwählen)→ starten→ Sprache → Deutsch auswählen
dann klick auf "Extra (um die installierten Programme auch anzuzeigen)→ weiter auf "Als Textdatei speichern..."
wird eine Textdatei (*.txt) erstellt, kopiere dazu den Inhalt und füge ihn da ein

Zitat:
Damit dein Thread übersichtlicher und schön lesbar bleibt, am besten nutze den Code-Tags für deinen Post:
→ vor dein Log schreibst Du (also am Anfang des Logfiles):[code]
hier kommt dein Logfile rein - z.B OTL-Logfile o. sonstiges
→ dahinter - also am Ende der Logdatei: [/code]
** Möglichst nicht ins internet gehen, kein Online-Banking, File-sharing, Chatprogramme usw
gruß
kira
__________________

__________________

Alt 02.02.2012, 18:45   #3
carsten87
 
Netbook seeehr langsam, Windows-Update funktioniert nicht - Standard

Netbook seeehr langsam, Windows-Update funktioniert nicht



Hallo kira,

danke schonmal für deine Hilfe!

1. AntiVir zeigt mir immer wieder Trojaner an, die trotz der Scans immer wieder auftauchen. Z.B.: TR/Dropper.Gen8, TR/Crypt.XPack.Gen2 und TR/Crypt.ZPack.Gen2

2.
Hier einige Ereignisse von Antivir:

30.1.2012:

In der Datei 'C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe'
wurde ein Virus oder unerwünschtes Programm 'TR/Crypt.XPACK.Gen2' [trojan] gefunden.
Ausgeführte Aktion: Zugriff verweigern

In der Datei 'C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe'
wurde ein Virus oder unerwünschtes Programm 'TR/Dropper.Gen8' [trojan] gefunden.
Ausgeführte Aktion: Zugriff verweigern

In der Datei 'C:\Program Files\Skype\Phone\Skype.exe'
wurde ein Virus oder unerwünschtes Programm 'TR/Crypt.ZPACK.Gen2' [trojan] gefunden.
Ausgeführte Aktion: Zugriff verweigern

31.1.2012:

In der Datei 'C:\Program Files\Skype\Phone\Skype.exe'
wurde ein Virus oder unerwünschtes Programm 'TR/Crypt.ZPACK.Gen2' [trojan] gefunden.
Ausgeführte Aktion: Zugriff verweigern

In der Datei 'C:\Program Files\Skype\Phone\Skype.exe'
wurde ein Virus oder unerwünschtes Programm 'TR/Crypt.ZPACK.Gen2' [trojan] gefunden.
Ausgeführte Aktion: Zugriff verweigern

01.02.2012:

In der Datei 'C:\Program Files\Skype\Phone\Skype.exe'
wurde ein Virus oder unerwünschtes Programm 'TR/Crypt.ZPACK.Gen2' [trojan] gefunden.
Ausgeführte Aktion: Zugriff verweigern

In der Datei 'C:\Program Files\Skype\Phone\Skype.exe'
wurde ein Virus oder unerwünschtes Programm 'TR/Crypt.ZPACK.Gen2' [trojan] gefunden.
Ausgeführte Aktion: Zugriff verweigern


3.
Ich habe folgender Programme ausgeführt: AntiVir, ESET, OTL-Fix, TDSS-Killer, OSAM, Malwarebytes (2x), SUPERAntispyware (2x), Microsoft Windows Fix it! (das Windows-Update geht nicht), TuneUp-Utilities

Leider wurden nur bei SUPERAntiSpyware ein paar Fehler erkannt.

Hier ist auch das Ergebnis des letzten Malwarebytes-Suchlaufs (habe ich vorgestern Abend gestartet).


PHP-Code:
Malwarebytes Anti-Malware (Test1.60.1.1000
www
.malwarebytes.org

Datenbank Version
v2012.01.31.08

Windows 7 x86 NTFS
Internet Explorer 8.0.7600.16385
Mareike 
:: MAREIKES [Administrator]

SchutzDeaktiviert

31.01.2012 19
:57:10
mbam
-log-2012-01-31 (19-57-10).txt

Art des Suchlaufs
Vollständiger Suchlauf
Aktivierte Suchlaufeinstellungen
Speicher Autostart Registrierung Dateisystem Heuristiks/Extra HeuristiKs/Shuriken PUP PUM
Deaktivierte Suchlaufeinstellungen
P2P
Durchsuchte Objekte
333145
Laufzeit
19 Stunde(n), 15 Minute(n), 2 Sekunde(n)

Infizierte Speicherprozesse0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien0
(Keine bösartigen Objekte gefunden)

(
Ende

Ich werde jetzt den OTL-Suchlauf starten und meld mich dann nochmal.

Gruß,
Carsten
__________________

Alt 03.02.2012, 08:41   #4
carsten87
 
Netbook seeehr langsam, Windows-Update funktioniert nicht - Standard

Netbook seeehr langsam, Windows-Update funktioniert nicht



Hallo,

ich habe jetzt den OTL-Scan und den CCleaner ausgeführt.
Die Extras-Datei habe ich nicht gefunden.
Irgendwie hat OTL auch keinen Fortschritt / Status während des Scans ausgeführt.

Hier sind die gewünschten Logs:


OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 02.02.2012 20:18:54 - Run 1
OTL by OldTimer - Version 3.2.31.0     Folder = C:\Users\Mareike\Downloads
 Starter Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
987,48 Mb Total Physical Memory | 401,68 Mb Available Physical Memory | 40,68% Memory free
1,96 Gb Paging File | 1,19 Gb Available in Paging File | 60,80% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 220,97 Gb Total Space | 184,45 Gb Free Space | 83,48% Space Free | Partition Type: NTFS
Drive D: | 11,62 Gb Total Space | 1,94 Gb Free Space | 16,68% Space Free | Partition Type: NTFS
Drive E: | 99,18 Mb Total Space | 95,09 Mb Free Space | 95,88% Space Free | Partition Type: FAT32
 
Computer Name: MAREIKES | User Name: Mareike | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Mareike\Downloads\24960-OTL.exe (OldTimer Tools)
PRC - C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Programme\TuneUp Utilities 2012\TuneUpUtilitiesApp32.exe (TuneUp Software)
PRC - C:\Programme\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe (TuneUp Software)
PRC - C:\Programme\Microsoft\BingBar\SeaPort.EXE (Microsoft Corporation)
PRC - C:\Programme\SUPERAntiSpyware\SASCore.exe (SUPERAntiSpyware.com)
PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Windows\System32\conhost.exe (Microsoft Corporation)
PRC - C:\Programme\Avira\AntiVir Desktop\avshadow.exe (Avira GmbH)
PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\Hewlett-Packard\Shared\HPDrvMntSvc.exe (Hewlett-Packard Company)
PRC - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_5576240ee6baaa25\stacsv.exe (IDT, Inc.)
PRC - C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)
PRC - C:\SPLASH.SYS\config\DVMExportService.exe (DeviceVM, Inc.)
PRC - C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
PRC - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_5576240ee6baaa25\AEstSrv.exe (Andrea Electronics Corporation)
 
 
========== Modules (No Company Name) ==========
 
 
========== Win32 Services (SafeList) ==========
 
SRV - (MBAMService) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (AdobeARMservice) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (TuneUp.UtilitiesSvc) -- C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe (TuneUp Software)
SRV - (BBSvc) -- C:\Program Files\Microsoft\BingBar\BBSvc.EXE (Microsoft Corporation.)
SRV - (BBUpdate) -- C:\Program Files\Microsoft\BingBar\SeaPort.EXE (Microsoft Corporation)
SRV - (!SASCORE) -- C:\Program Files\SUPERAntiSpyware\SASCORE.EXE (SUPERAntiSpyware.com)
SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (HPDrvMntSvc.exe) -- C:\Program Files\Hewlett-Packard\Shared\HPDrvMntSvc.exe (Hewlett-Packard Company)
SRV - (WinHttpAutoProxySvc) -- winhttp.dll (Microsoft Corporation)
SRV - (STacSV) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_5576240ee6baaa25\stacsv.exe (IDT, Inc.)
SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (DvmMDES) -- C:\SPLASH.SYS\config\DVMExportService.exe (DeviceVM, Inc.)
SRV - (GameConsoleService) -- C:\Program Files\HP Games\HP Game Console\GameConsoleService.exe (WildTangent, Inc.)
SRV - (IAANTMON) Intel(R) -- C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
SRV - (AESTFilters) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_5576240ee6baaa25\AEstSrv.exe (Andrea Electronics Corporation)
SRV - (ACDaemon) -- C:\Programme\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (TuneUpUtilitiesDrv) -- C:\Programme\TuneUp Utilities 2012\TuneUpUtilitiesDriver32.sys (TuneUp Software)
DRV - (MBAMProtector) -- C:\Windows\System32\drivers\mbam.sys ()
DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH)
DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH)
DRV - (SASDIFSV) -- C:\Programme\SUPERAntiSpyware\sasdifsv.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (SASKUTIL) -- C:\Programme\SUPERAntiSpyware\SASKUTIL.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (STHDA) -- C:\Windows\System32\drivers\stwrt.sys (IDT, Inc.)
DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (DVMIO) -- C:\SPLASH.SYS\config\dvmio.sys (DeviceVM, Inc.)
DRV - (RSUSBSTOR) -- C:\Windows\System32\drivers\RtsUStor.sys (Realtek Semiconductor Corp.)
DRV - (yukonw7) -- C:\Windows\System32\drivers\yk62x86.sys (Marvell)
DRV - (netw5v32) Intel(R) -- C:\Windows\System32\drivers\netw5v32.sys (Intel Corporation)
DRV - (athr) -- C:\Windows\System32\drivers\athr.sys (Atheros Communications, Inc.)
DRV - (HpqKbFiltr) -- C:\Windows\system32\DRIVERS\HpqKbFiltr.sys (Hewlett-Packard Development Company, L.P.)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = 
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = 
IE - HKCU\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "www.google.de"
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:5.0.0.6483
FF - prefs.js..extensions.enabledItems: toolbar@ask.com:3.9.1.14019
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..keyword.URL: "hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=ALSV5&o=1665&locale=de_DE&apn_uid=D0A8B27F-A462-47D7-A71F-8766C13F1844&apn_ptnrs=AU&apn_sauid=44F7C7E8-FAB7-4C3F-BF95-3FBF64138B09&apn_dtid=YYYYYYYYDE&q="
FF - prefs.js..network.proxy.type: 0
 
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.02.02 17:54:40 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.01.25 19:21:17 | 000,000,000 | ---D | M]
 
[2010.09.30 12:55:52 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mareike\AppData\Roaming\mozilla\Extensions
[2012.01.26 18:59:09 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mareike\AppData\Roaming\mozilla\Firefox\Profiles\bqgdgght.default\extensions
[2012.01.26 18:59:09 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\Mareike\AppData\Roaming\mozilla\Firefox\Profiles\bqgdgght.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2012.02.02 17:56:01 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2010.10.15 11:00:31 | 000,000,000 | ---D | M] (Skype extension) -- C:\Programme\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2012.02.02 17:55:36 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2012.02.02 17:55:36 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2012.02.02 17:54:39 | 000,121,816 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011.11.10 05:54:13 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2012.02.02 17:54:08 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2011.06.09 21:15:35 | 000,002,191 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml
[2012.02.02 17:54:08 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012.02.02 17:54:08 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2012.02.02 17:54:08 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.02.02 17:54:08 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.02.02 17:54:08 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2012.01.24 19:16:55 | 000,000,098 | ---- | M]) - C:\Windows\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1       localhost
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Windows 7 Starter Helper) - {D381FF29-7CFB-4D4E-B92A-C4EDDC696614} - C:\Programme\Oceanis\SystemSetting\StarterHelper.dll (Oceanis)
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files\Ask.com\Updater\Updater.exe (Ask)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [HP] C:\Programme\Hewlett-Packard\HP QuickSync\QuickSync.exe (Hewlett-Packard)
O4 - HKLM..\Run: [IAAnotif] C:\Programme\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [SysTrayApp] C:\Programme\IDT\WDM\sttray.exe (IDT, Inc.)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Programme\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O4 - HKCU..\RunOnce: [FlashPlayerUpdate] C:\Windows\System32\Macromed\Flash\FlashUtil10t_Plugin.exe (Adobe Systems, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} hxxp://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework/microsoft/wrc32.ocx (WRC Class)
O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8F11C8BB-71C2-44B7-BC6F-D474F27A1500}: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) -SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKCU Winlogon: Shell - (EXPLORER.EXE) -C:\Windows\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL) - C:\Programme\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - igfxdev.dll (Intel Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Programme\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O29 - HKLM SecurityProviders - (credssp.dll) -credssp.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{51ef28be-61bd-11e0-bd0f-8b77559d3e1f}\Shell - "" = AutoRun
O33 - MountPoints2\{51ef28be-61bd-11e0-bd0f-8b77559d3e1f}\Shell\AutoRun\command - "" = F:\SETUP.EXE
O34 - HKLM BootExecute: (autocheck autochk /r \??\C:)
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.02.02 20:07:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2012.02.02 20:03:59 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2012.01.30 21:14:32 | 000,031,552 | ---- | C] (TuneUp Software) -- C:\Windows\System32\TURegOpt.exe
[2012.01.30 21:14:31 | 000,021,312 | ---- | C] (TuneUp Software) -- C:\Windows\System32\authuitu.dll
[2012.01.30 21:13:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2012
[2012.01.30 21:08:31 | 000,000,000 | ---D | C] -- C:\Users\Mareike\AppData\Roaming\TuneUp Software
[2012.01.30 21:05:11 | 000,000,000 | ---D | C] -- C:\Program Files\TuneUp Utilities 2012
[2012.01.30 20:57:23 | 000,000,000 | ---D | C] -- C:\ProgramData\TuneUp Software
[2012.01.30 20:55:52 | 000,000,000 | -HSD | C] -- C:\ProgramData\{32364CEA-7855-4A3C-B674-53D8E9B97936}
[2012.01.25 23:12:33 | 000,000,000 | ---D | C] -- C:\Users\Mareike\AppData\Roaming\Malwarebytes
[2012.01.25 23:12:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.01.25 23:11:50 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012.01.25 20:36:13 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2012.01.25 20:36:13 | 000,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2012.01.25 20:36:13 | 000,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2012.01.24 21:56:32 | 000,000,000 | ---D | C] -- C:\Users\Mareike\AppData\Roaming\SUPERAntiSpyware.com
[2012.01.24 21:55:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
[2012.01.24 21:54:27 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2012.01.24 21:54:18 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2012.01.24 20:40:06 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2012.01.24 19:02:32 | 000,000,000 | ---D | C] -- C:\_OTL
[2012.01.23 18:54:52 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2012.01.04 13:53:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2012.01.04 13:44:15 | 000,599,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2012.01.04 13:44:15 | 000,381,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2012.01.04 13:44:14 | 000,606,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2012.01.04 13:44:14 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2012.01.04 13:44:13 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2012.01.04 13:44:12 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2012.01.04 13:44:12 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2012.01.04 13:44:12 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2012.01.04 13:44:11 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2012.01.04 13:44:11 | 000,386,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2012.01.04 13:44:11 | 000,132,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2012.01.04 13:44:11 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2012.01.04 13:44:01 | 002,340,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2012.01.04 13:43:43 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2012.01.04 13:42:53 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EncDec.dll
[2012.01.04 13:42:50 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\csrsrv.dll
[2012.01.04 13:39:11 | 003,901,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2012.01.04 13:39:10 | 003,957,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
 
========== Files - Modified Within 30 Days ==========
 
[2012.02.02 20:42:35 | 000,000,177 | -H-- | M] () -- C:\dvmexp.idx
[2012.02.02 20:12:26 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore1cce1de99775ddb.job
[2012.02.02 20:05:33 | 000,000,969 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012.02.02 06:11:25 | 000,014,128 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.02.02 06:11:25 | 000,014,128 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.02.02 05:57:36 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.02.02 05:57:04 | 776,581,120 | -HS- | M] () -- C:\hiberfil.sys
[2012.01.31 18:56:45 | 000,003,416 | ---- | M] () -- C:\bootsqm.dat
[2012.01.31 18:39:17 | 000,001,071 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.01.30 21:13:57 | 000,002,159 | ---- | M] () -- C:\Users\Public\Desktop\TuneUp 1-Klick-Wartung.lnk
[2012.01.30 21:13:57 | 000,002,139 | ---- | M] () -- C:\Users\Public\Desktop\TuneUp Utilities 2012.lnk
[2012.01.24 21:55:27 | 000,001,965 | ---- | M] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2012.01.24 21:36:06 | 197,769,965 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2012.01.24 19:16:55 | 000,000,098 | ---- | M] () -- C:\Windows\System32\drivers\etc\Hosts
[2012.01.23 18:40:43 | 000,659,004 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012.01.23 18:40:43 | 000,620,150 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.01.23 18:40:43 | 000,132,542 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012.01.23 18:40:43 | 000,108,332 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.01.14 13:14:24 | 000,007,597 | ---- | M] () -- C:\Users\Mareike\AppData\Local\Resmon.ResmonCfg
[2012.01.05 13:36:29 | 000,362,728 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012.01.04 13:53:21 | 000,002,503 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
 
========== Files Created - No Company Name ==========
 
[2012.02.02 20:12:26 | 000,001,094 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore1cce1de99775ddb.job
[2012.02.02 20:05:33 | 000,000,969 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012.01.31 18:56:45 | 000,003,416 | ---- | C] () -- C:\bootsqm.dat
[2012.01.30 21:13:57 | 000,002,159 | ---- | C] () -- C:\Users\Public\Desktop\TuneUp 1-Klick-Wartung.lnk
[2012.01.30 21:13:57 | 000,002,139 | ---- | C] () -- C:\Users\Public\Desktop\TuneUp Utilities 2012.lnk
[2012.01.30 21:13:31 | 000,002,151 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2012.lnk
[2012.01.25 23:12:03 | 000,001,071 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.01.25 23:11:58 | 000,000,000 | ---- | C] () -- C:\Windows\System32\drivers\mbam.sys
[2012.01.24 21:55:27 | 000,001,965 | ---- | C] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2012.01.24 20:39:39 | 197,769,965 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2012.01.14 13:14:24 | 000,007,597 | ---- | C] () -- C:\Users\Mareike\AppData\Local\Resmon.ResmonCfg
[2012.01.04 13:53:21 | 000,002,503 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2011.08.18 15:39:29 | 000,001,025 | ---- | C] () -- C:\Windows\System32\sysprs7.dll
[2011.08.18 15:39:29 | 000,000,205 | ---- | C] () -- C:\Windows\System32\lsprst7.dll
[2011.04.08 12:03:31 | 000,021,840 | ---- | C] () -- C:\Windows\System32\SIntfNT.dll
[2011.04.08 12:03:31 | 000,017,212 | ---- | C] () -- C:\Windows\System32\SIntf32.dll
[2011.04.08 12:03:31 | 000,012,067 | ---- | C] () -- C:\Windows\System32\SIntf16.dll
[2011.04.08 12:01:58 | 000,017,047 | ---- | C] () -- C:\Windows\DIIUnin.dat
[2011.04.02 11:55:22 | 000,001,849 | ---- | C] () -- C:\Users\Mareike\AppData\Roaming\GhostObjGAFix.xml
[2010.10.15 11:03:49 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010.09.30 12:55:24 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2009.12.24 02:05:09 | 000,006,656 | ---- | C] () -- C:\Windows\System32\bcmwlrc.dll
[2009.12.24 01:59:25 | 000,073,728 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll
[2009.12.24 01:57:33 | 000,000,276 | ---- | C] () -- C:\Windows\System32\RStoneLog2.ini
[2009.12.24 01:57:33 | 000,000,217 | ---- | C] () -- C:\Windows\System32\RStoneLog.ini
[2009.11.21 05:48:09 | 000,659,004 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2009.11.21 05:48:09 | 000,295,922 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2009.11.21 05:48:09 | 000,132,542 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2009.11.21 05:48:09 | 000,038,104 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2009.09.27 13:49:50 | 000,362,029 | ---- | C] () -- C:\Windows\System32\sqlite3.dll
[2009.07.14 05:57:37 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009.07.14 05:33:53 | 000,362,728 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2009.07.14 03:05:48 | 000,620,150 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2009.07.14 03:05:48 | 000,291,294 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2009.07.14 03:05:48 | 000,108,332 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2009.07.14 03:05:48 | 000,031,548 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2009.07.14 03:05:05 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2009.07.14 03:04:11 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2009.07.14 00:55:01 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009.07.14 00:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2009.07.13 23:09:19 | 001,498,564 | ---- | C] () -- C:\Windows\System32\igkrng400.bin
[2009.06.10 22:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 112 bytes -> C:\ProgramData\Temp:F8435088

< End of report >
         
--- --- ---

[/PHP]


CCleaner:

PHP-Code:
7-Zip 9.20        22.06.2011        
Acrobat
.com    Adobe Systems Incorporated    19.11.2009    1,61MB    1.6.65
Adobe AIR    Adobe Systems Inc
.    23.12.2009        1.5.1.8210
Adobe Flash Player 10 ActiveX    Adobe Systems Incorporated    23.12.2009        10.0.32.18
Adobe Flash Player 10 Plugin    Adobe Systems Incorporated    27.06.2011    6
,00MB    10.3.181.26
Adobe Reader X 
(10.1.2) - Deutsch    Adobe Systems Incorporated    24.01.2012    167,7MB    10.1.2
ArcSoft WebCam Companion 3    ArcSoft    19.11.2009    78
,1MB    3.0.189
Auslogics Disk Defrag    Auslogics Software Pty Ltd    29.11.2010    9
,19MB    version 3.1
Auslogics Toolbar    Ask
.com    23.01.2012    5,19MB    1.14.1.0
Auslogics Toolbar Updater    Ask
.com    23.01.2012        1.2.0.20007
Avira AntiVir Personal 
Free Antivirus    Avira GmbH    30.10.2011    74,3MB    10.2.0.704
Bing Bar    Microsoft Corporation    04.01.2012    26
,8MB    7.0.850.0
Broadcom 802.11 Wireless LAN Adapter    Broadcom Corporation    24.12.2009        5.60.18.41
CCleaner    Piriform    01.02.2012        3.15
Compatibility Pack für 2007 Office System    Microsoft Corporation    04.01.2012    168
,8MB    12.0.6425.1000
CyberLink DVD Suite    CyberLink Corp
.    19.11.2009    37,2MB    7.0.2118
Diablo II        07.04.2011        
ESET Online Scanner v3        22.01.2012        
Google Chrome    Google Inc
.    01.02.2012        16.0.912.77
HP CloudDrive        29.09.2010        
HP Games    WildTangent    23.12.2009        1.0.0.71
HP MediaStream    Simplify Media    29.09.2010    41
,2MB    2.5.1466
HP Quick Launch Buttons    Hewlett
-Packard    19.11.2009        6.50.7.1
HP QuickSync    Hewlett
-Packard    23.12.2009    136,4MB    5.1.234.4788
HP QuickWeb    DeviceVM
Inc.    23.12.2009    373MB    1.1.2.2
HP Setup    Hewlett
-Packard    19.11.2009        1.2.3560.3170
HP Support Assistant    Hewlett
-Packard Company    21.06.2011    71,2MB    5.2.9.2
HP Update    Hewlett
-Packard    20.11.2009    2,97MB    5.001.000.014
HP User Guides 0169    Hewlett
-Packard    19.11.2009    100,1MB    1.01.0000
HP Wireless Assistant    Hewlett
-Packard    20.11.2009    3,93MB    3.50.10.1
IDT Audio    IDT    23.12.2009        1.0.6246.0
Intel
(RGraphics Media Accelerator Driver    Intel Corporation    23.12.2009    54,3MB    8.14.10.1929
Intel
(RMatrix Storage Manager    Intel Corporation    23.12.2009        
Java
(TM6 Update 30    Sun MicrosystemsInc.    19.11.2009    97,7MB    6.0.300
Malwarebytes Anti
-Malware Version 1.60.1.1000    Malwarebytes Corporation    30.01.2012    17,3MB    1.60.1.1000
Microsoft 
.NET Framework 4 Client Profile    Microsoft Corporation    16.12.2010    38,8MB    4.0.30319
Microsoft Office Home 
and Student 2007    Microsoft Corporation    17.10.2010        12.0.6425.1000
Microsoft Office PowerPoint Viewer 2007 
(German)    Microsoft Corporation    04.01.2012    122,1MB    12.0.6425.1000
Microsoft Office Suite Activation Assistant    Microsoft Corporation    19.11.2009    8
,37MB    2.9
Microsoft Silverlight    Microsoft Corporation    31.10.2011    148
,5MB    4.0.60831.0
Microsoft SQL Server 2005 Compact Edition 
[ENU]    Microsoft Corporation    19.11.2009    1,72MB    3.1.0000
Microsoft Sync Framework Runtime Native v1.0 
(x86)    Microsoft Corporation    23.12.2009    0,61MB    1.0.1215.0
Microsoft Sync Framework Services Native v1.0 
(x86)    Microsoft Corporation    23.12.2009    1,45MB    1.0.1215.0
Microsoft Visual C
++ 2005 ATL Update kb973923 x86 8.0.50727.4053    Microsoft Corporation    17.10.2010    0,25MB    8.0.50727.4053
Microsoft Visual C
++ 2005 Redistributable    Microsoft Corporation    15.06.2011    0,29MB    8.0.61001
Microsoft Visual C
++ 2008 Redistributable KB2467174 x86 9.0.30729.5570    Microsoft Corporation    13.04.2011    0,58MB    9.0.30729.5570
Microsoft Visual C
++ 2008 Redistributable x86 9.0.30729.4148    Microsoft Corporation    23.12.2009    0,58MB    9.0.30729.4148
Microsoft Visual C
++ 2008 Redistributable x86 9.0.30729.6161    Microsoft Corporation    15.06.2011    0,59MB    9.0.30729.6161
Microsoft Works    Microsoft Corporation    15.12.2010    711MB    9.7.0621
Mozilla Firefox 9.0.1 
(x86 de)    Mozilla    01.02.2012    38,3MB    9.0.1
Oceanis Change Background Windows 7    Oceanis    22.06.2011    6
,80MB    1.0
OpenOffice
.org 3.2    OpenOffice.org    12.11.2010    363MB    3.2.9502
Power2Go    CyberLink Corp
.    19.11.2009    199,3MB    6.0.3318
Realtek Ethernet Controller Driver 
For Windows Vista and Later    Realtek    23.12.2009        1.00.0010
Realtek USB 2.0 Card Reader    Realtek Semiconductor Corp
.    23.12.2009        6.1.7600.30104
SecureW2 EAP Suite 1.1.3 
for Windows        30.10.2011        
Skype Toolbars    Skype Technologies S
.A.    14.10.2010    7,05MB    5.0.4112
Skype
&#8482; 5.5    Skype Technologies S.A.    03.01.2012    17,0MB    5.5.124
SUPERAntiSpyware    SUPERAntiSpyware.com    23.01.2012    81,3MB    5.0.1142
Synaptics Pointing Device Driver    Synaptics Incorporated    23.12.2009        14.0.13.1
Times Reader    The 
New York Times Company    23.12.2009    2,51MB    2.055
TuneUp Utilities 2012    TuneUp Software    29.01.2012        12.0.2160.11
Windows Live Anmelde
-Assistent    Microsoft Corporation    19.11.2009    1,94MB    5.000.818.5
Windows Live Essentials    Microsoft Corporation    19.11.2009        14.0.8089.0726
Windows Live Sync    Microsoft Corporation    19.11.2009    2
,79MB    14.0.8089.726
Windows Live
-Uploadtool    Microsoft Corporation    19.11.2009    0,22MB    14.0.8014.1029 



Übrigens: Das Netbook läuft seit heute morgen wieder normal.
Wieso, kann ich mir auch nicht erklären...


Viele Grüße und danke,

Carsten



P.S.: Ich hab am Wochenende leider kein Internet. Die nächste Antwort kann also ein bissl auf sich warten lassen.

Geändert von carsten87 (03.02.2012 um 08:47 Uhr)

Alt 03.02.2012, 10:40   #5
kira
/// Helfer-Team
 
Netbook seeehr langsam, Windows-Update funktioniert nicht - Standard

Netbook seeehr langsam, Windows-Update funktioniert nicht



1.
Zitat:
Zitat von carsten87 Beitrag anzeigen
3.
Ich habe folgender Programme ausgeführt: AntiVir, ESET, OTL-Fix, TDSS-Killer, OSAM, Malwarebytes (2x), SUPERAntispyware (2x),
Bitte poste mir alle Protokolle!

außerdem:

2.
Deinstalliere:
Zitat:
Auslogics Disk Defrag Auslogics Software Pty Ltd 29.11.2010 9,19MB version 3.1
Auslogics Toolbar Ask.com 23.01.2012 5,19MB 1.14.1.0
Auslogics Toolbar Updater Ask.com 23.01.2012 1.2.0.20007
Bing Bar Microsoft Corporation 04.01.2012 26,8MB 7.0.850.0
3.
erneut einen Scan mit OTL:
  • Doppelklick auf die OTL.exe
  • Vista und Windows 7 User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen.
  • Oben findest Du ein Kästchen mit Ausgabe.
    Wähle bitte Standard-Ausgabe
  • Unter Extra-Registrierung wähle bitte Benutze SafeList.
  • Mache Häckchen bei LOP- und Purity-Prüfung.
  • Klicke nun auf Scan links oben.
  • Wenn der Scan beendet wurde werden zwei Logfiles erstellt.
    Du findest die Logfiles auf Deinem Desktop => OTL.txt und Extras.txt
  • Poste die Logfiles in Code-Tags hier in den Thread.

__________________

Warnung!:
Vorsicht beim Rechnungen per Email mit ZIP-Datei als Anhang! Kann mit einen Verschlüsselungs-Trojaner infiziert sein!
Anhang nicht öffnen, in unserem Forum erst nachfragen!

Sichere regelmäßig deine Daten, auf CD/DVD, USB-Sticks oder externe Festplatten, am besten 2x an verschiedenen Orten!
Bitte diese Warnung weitergeben, wo Du nur kannst!

Alt 06.02.2012, 11:40   #6
carsten87
 
Netbook seeehr langsam, Windows-Update funktioniert nicht - Standard

Netbook seeehr langsam, Windows-Update funktioniert nicht



Hallo kira,

1.
Das AntiVir-Log finde ich nicht mehr. Hier die anderen:

ESET:
PHP-Code:
ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=6612caf2b6fa5c4ca361823f5afa7d21
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2012-01-24 07:14:45
# local_time=2012-01-24 08:14:45 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1033
# osver=6.1.7600 NT 
# compatibility_mode=1797 16775165 100 94 6671 63873539 0 0
# compatibility_mode=5893 16776573 100 94 372808 78972867 0 0
# compatibility_mode=8192 67108863 100 0 3981 3981 0 0
# scanned=162659
# found=1
# cleaned=0
# scan_time=47623
C:\Users\Mareike\Downloads\SoftonicDownloader_fuer_auslogics-disk-defrag.exe    a variant of Win32/SoftonicDownloader.A application (unable to clean)    00000000000000000000000000000000    I 
OTL-Fix:

PHP-Code:
All processes killed
========== OTL ==========
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Search_URL| /value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Bar| /value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Page| /value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Search\\Default_Search_URL| /value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Search\\SearchAssistant| /value set successfully!
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable|dword:/value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:/value set successfully!
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{96fd8da4-7bdc-11df-b171-18a905d095be}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{96fd8da4-7bdc-11df-b171-18a905d095be}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{96fd8da4-7bdc-11df-b171-18a905d095be}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{96fd8da4-7bdc-11df-b171-18a905d095be}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{96fd8da4-7bdc-11df-b171-18a905d095be}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{96fd8da4-7bdc-11df-b171-18a905d095be}\ not found.
File D:\AutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{96fd8dbf-7bdc-11df-b171-18a905d095be}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{96fd8dbf-7bdc-11df-b171-18a905d095be}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{96fd8dbf-7bdc-11df-b171-18a905d095be}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{96fd8dbf-7bdc-11df-b171-18a905d095be}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{96fd8dbf-7bdc-11df-b171-18a905d095be}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{96fd8dbf-7bdc-11df-b171-18a905d095be}\ not found.
File D:\AutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b5b3f0c9-7fc6-11df-8771-18a905d095be}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{b5b3f0c9-7fc6-11df-8771-18a905d095be}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b5b3f0c9-7fc6-11df-8771-18a905d095be}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{b5b3f0c9-7fc6-11df-8771-18a905d095be}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b5b3f0c9-7fc6-11df-8771-18a905d095be}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{b5b3f0c9-7fc6-11df-8771-18a905d095be}\ not found.
File D:\AutoRun.exe not found.
========== 
COMMANDS ==========
 
[
EMPTYTEMP]
 
UserAdministrator
 
User
All Users
 
User
: Default
->
Temp folder emptied0 bytes
->Temporary Internet Files folder emptied33170 bytes
 
User
: Default User
 
User
Mareike
->Temp folder emptied458415343 bytes
->Temporary Internet Files folder emptied91993107 bytes
->Java cache emptied588550 bytes
->FireFox cache emptied50358720 bytes
->Google Chrome cache emptied6341937 bytes
->Flash cache emptied105810 bytes
 
User
: Public
 
%
systemdrive% .tmp files removed0 bytes
%systemroot% .tmp files removed0 bytes
%systemroot%\System32 .tmp files removed0 bytes
%systemroot%\System32\drivers .tmp files removed0 bytes
Windows Temp folder emptied
105147705 bytes
RecycleBin emptied
0 bytes
 
Total Files Cleaned 
680,00 mb
 
C
:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
 
OTL by OldTimer 
Version 3.2.31.0 log created on 01242012_190232

Files
\Folders moved on Reboot...

Registry entries deleted on Reboot... 
TDSS-Killer:
PHP-Code:
19:49:39.0900 3836    TDSS rootkit removing tool 2.7.6.0 Jan 19 2012 13:09:04
19
:50:08.0230 3836    ============================================================
19:50:08.0230 3836    Current date time2012/01/24 19:50:08.0230
19
:50:08.0230 3836    SystemInfo:
19:50:08.0230 3836    
19
:50:08.0231 3836    OS Version6.1.7600 ServicePack0.0
19
:50:08.0231 3836    Product typeWorkstation
19
:50:08.0231 3836    ComputerNameMAREIKES
19
:50:08.0232 3836    UserNameMareike
19
:50:08.0232 3836    Windows directoryC:\Windows
19
:50:08.0232 3836    System windows directoryC:\Windows
19
:50:08.0232 3836    Processor architectureIntel x86
19
:50:08.0233 3836    Number of processors2
19
:50:08.0233 3836    Page size0x1000
19
:50:08.0233 3836    Boot typeNormal boot
19
:50:08.0233 3836    ============================================================
19:50:08.0961 3836    Drive \Device\Harddisk0\DR0 Size0x3A38B2E000 (232.89 Gb), SectorSize0x200Cylinders0x76C1SectorsPerTrack0x3FTracksPerCylinder0xFFType 'K0'Flags 0x00000050
19
:50:08.0972 3836    Drive \Device\Harddisk1\DR1 Size0xF5CD4000 (3.84 Gb), SectorSize0x200Cylinders0x1F5SectorsPerTrack0x3FTracksPerCylinder0xFFType 'W'
19:50:09.0210 3836    Initialize success
19
:51:32.0522 2976    ============================================================
19:51:32.0522 2976    Scan started
19
:51:32.0522 2976    ModeManual
19:51:32.0522 2976    ============================================================
19:51:33.0193 2976    1394ohci        (6d2aca41739bfe8cb86ee8e85f29697dC:\Windows\system32\DRIVERS\1394ohci.sys
19
:51:33.0239 2976    1394ohci ok
19
:51:33.0411 2976    ACPI            (f0e07d144c8685b8774bc32fc8da4df0C:\Windows\system32\DRIVERS\ACPI.sys
19
:51:33.0442 2976    ACPI ok
19
:51:36.0281 2976    AcpiPmi         (98d81ca942d19f7d9153b095162ac013C:\Windows\system32\DRIVERS\acpipmi.sys
19
:51:57.0995 2976    AcpiPmi ok
19
:51:58.0151 2976    adp94xx         (21e785ebd7dc90a06391141aac7892fbC:\Windows\system32\DRIVERS\adp94xx.sys
19
:51:58.0292 2976    adp94xx ok
19
:51:58.0323 2976    adpahci         (0c676bc278d5b59ff5abd57bbe9123f2C:\Windows\system32\DRIVERS\adpahci.sys
19
:51:58.0401 2976    adpahci ok
19
:51:58.0448 2976    adpu320         (7c7b5ee4b7b822ec85321fe23a27db33C:\Windows\system32\DRIVERS\adpu320.sys
19
:51:58.0541 2976    adpu320 ok
19
:51:58.0744 2976    AFD             (0db7a48388d54d154ebec120461a0fcdC:\Windows\system32\drivers\afd.sys
19
:51:58.0760 2976    AFD ok
19
:51:58.0853 2976    agp440          (507812c3054c21cef746b6ee3d04dd6eC:\Windows\system32\DRIVERS\agp440.sys
19
:51:58.0853 2976    agp440 ok
19
:51:58.0978 2976    aic78xx         (8b30250d573a8f6b4bd23195160d8707C:\Windows\system32\DRIVERS\djsvs.sys
19
:51:58.0978 2976    aic78xx ok
19
:51:59.0025 2976    aliide          (0d40bcf52ea90fc7df2aeab6503dea44C:\Windows\system32\DRIVERS\aliide.sys
19
:51:59.0025 2976    aliide ok
19
:51:59.0056 2976    amdagp          (3c6600a0696e90a463771c7422e23ab5C:\Windows\system32\DRIVERS\amdagp.sys
19
:51:59.0056 2976    amdagp ok
19
:51:59.0087 2976    amdide          (cd5914170297126b6266860198d1d4f0C:\Windows\system32\DRIVERS\amdide.sys
19
:51:59.0087 2976    amdide ok
19
:51:59.0119 2976    AmdK8           (00dda200d71bac534bf56a9db5dfd666C:\Windows\system32\DRIVERS\amdk8.sys
19
:51:59.0119 2976    AmdK8 ok
19
:51:59.0150 2976    AmdPPM          (3cbf30f5370fda40dd3e87df38ea53b6C:\Windows\system32\DRIVERS\amdppm.sys
19
:51:59.0150 2976    AmdPPM ok
19
:51:59.0181 2976    amdsata         (19ce906b4cdc11fc4fef5745f33a63b6C:\Windows\system32\drivers\amdsata.sys
19
:51:59.0197 2976    amdsata ok
19
:51:59.0243 2976    amdsbs          (ea43af0c423ff267355f74e7a53bdabaC:\Windows\system32\DRIVERS\amdsbs.sys
19
:51:59.0259 2976    amdsbs ok
19
:51:59.0275 2976    amdxata         (869e67d66be326a5a9159fba8746fa70C:\Windows\system32\drivers\amdxata.sys
19
:51:59.0275 2976    amdxata ok
19
:51:59.0384 2976    AppID           (feb834c02ce1e84b6a38f953ca067706C:\Windows\system32\drivers\appid.sys
19
:51:59.0384 2976    AppID ok
19
:51:59.0446 2976    arc             (2932004f49677bd84dbc72edb754ffb3C:\Windows\system32\DRIVERS\arc.sys
19
:51:59.0446 2976    arc ok
19
:51:59.0493 2976    arcsas          (5d6f36c46fd283ae1b57bd2e9feb0bc7C:\Windows\system32\DRIVERS\arcsas.sys
19
:51:59.0509 2976    arcsas ok
19
:51:59.0540 2976    AsyncMac        (add2ade1c2b285ab8378d2daaf991481C:\Windows\system32\DRIVERS\asyncmac.sys
19
:51:59.0540 2976    AsyncMac ok
19
:51:59.0571 2976    atapi           (338c86357871c167a96ab976519bf59eC:\Windows\system32\DRIVERS\atapi.sys
19
:51:59.0571 2976    atapi ok
19
:51:59.0665 2976    athr            (76bab0c824e2d05b940c4dd40a9b08bfC:\Windows\system32\DRIVERS\athr.sys
19
:51:59.0727 2976    athr ok
19
:51:59.0821 2976    avgntflt        (1e4114685de1ffa9675e09c6a1fb3f4bC:\Windows\system32\DRIVERS\avgntflt.sys
19
:51:59.0821 2976    avgntflt ok
19
:51:59.0883 2976    avipbb          (0f78d3dae6dedd99ae54c9491c62adf2C:\Windows\system32\DRIVERS\avipbb.sys
19
:51:59.0899 2976    avipbb ok
19
:51:59.0977 2976    b06bdrv         (1a231abec60fd316ec54c66715543cecC:\Windows\system32\DRIVERS\bxvbdx.sys
19
:51:59.0992 2976    b06bdrv ok
19
:52:00.0039 2976    b57nd60x        (bd8869eb9cde6bbe4508d869929869eeC:\Windows\system32\DRIVERS\b57nd60x.sys
19
:52:00.0055 2976    b57nd60x ok
19
:52:00.0663 2976    BCM43XX         (3508fd340c8b0fbbdb548f174d48762eC:\Windows\system32\DRIVERS\bcmwl6.sys
19
:52:00.0757 2976    BCM43XX ok
19
:52:00.0991 2976    Beep            (505506526a9d467307b3c393dedaf858C:\Windows\system32\drivers\Beep.sys
19
:52:01.0053 2976    Beep ok
19
:52:01.0181 2976    blbdrive        (2287078ed48fcfc477b05b20cf38f36fC:\Windows\system32\DRIVERS\blbdrive.sys
19
:52:01.0212 2976    blbdrive ok
19
:52:01.0278 2976    bowser          (9a5c671b7fbae4865149bb11f59b91b2C:\Windows\system32\DRIVERS\bowser.sys
19
:52:01.0363 2976    bowser ok
19
:52:01.0393 2976    BrFiltLo        (9f9acc7f7ccde8a15c282d3f88b43309C:\Windows\system32\DRIVERS\BrFiltLo.sys
19
:52:01.0451 2976    BrFiltLo ok
19
:52:01.0474 2976    BrFiltUp        (56801ad62213a41f6497f96dee83755aC:\Windows\system32\DRIVERS\BrFiltUp.sys
19
:52:01.0508 2976    BrFiltUp ok
19
:52:01.0594 2976    Brserid         (845b8ce732e67f3b4133164868c666eaC:\Windows\System32\Drivers\Brserid.sys
19
:52:01.0678 2976    Brserid ok
19
:52:01.0715 2976    BrSerWdm        (203f0b1e73adadbbb7b7b1fabd901f6bC:\Windows\System32\Drivers\BrSerWdm.sys
19
:52:01.0768 2976    BrSerWdm ok
19
:52:01.0788 2976    BrUsbMdm        (bd456606156ba17e60a04e18016ae54bC:\Windows\System32\Drivers\BrUsbMdm.sys
19
:52:01.0817 2976    BrUsbMdm ok
19
:52:01.0836 2976    BrUsbSer        (af72ed54503f717a43268b3cc5faec2eC:\Windows\System32\Drivers\BrUsbSer.sys
19
:52:01.0862 2976    BrUsbSer ok
19
:52:01.0880 2976    BTHMODEM        (ed3df7c56ce0084eb2034432fc56565aC:\Windows\system32\DRIVERS\bthmodem.sys
19
:52:01.0919 2976    BTHMODEM ok
19
:52:01.0998 2976    cdfs            (77ea11b065e0a8ab902d78145ca51e10C:\Windows\system32\DRIVERS\cdfs.sys
19
:52:02.0042 2976    cdfs ok
19
:52:02.0099 2976    cdrom           (ba6e70aa0e6091bc39de29477d866a77C:\Windows\system32\DRIVERS\cdrom.sys
19
:52:02.0129 2976    cdrom ok
19
:52:02.0167 2976    circlass        (3fe3fe94a34df6fb06e6418d0f6a0060C:\Windows\system32\DRIVERS\circlass.sys
19
:52:02.0208 2976    circlass ok
19
:52:02.0294 2976    CLFS            (635181e0e9bbf16871bf5380d71db02dC:\Windows\system32\CLFS.sys
19
:52:02.0372 2976    CLFS ok
19
:52:02.0435 2976    CmBatt          (dea805815e587dad1dd2c502220b5616C:\Windows\system32\DRIVERS\CmBatt.sys
19
:52:02.0450 2976    CmBatt ok
19
:52:02.0497 2976    cmdide          (c537b1db64d495b9b4717b4d6d9edbf2C:\Windows\system32\DRIVERS\cmdide.sys
19
:52:02.0528 2976    cmdide ok
19
:52:02.0606 2976    CNG             (1b675691ed940766149c93e8f4488d68C:\Windows\system32\Drivers\cng.sys
19
:52:02.0684 2976    CNG ok
19
:52:02.0794 2976    Compbatt        (a6023d3823c37043986713f118a89beeC:\Windows\system32\DRIVERS\compbatt.sys
19
:52:02.0825 2976    Compbatt ok
19
:52:02.0872 2976    CompositeBus    (f1724ba27e97d627f808fb0ba77a28a6C:\Windows\system32\DRIVERS\CompositeBus.sys
19
:52:02.0887 2976    CompositeBus ok
19
:52:02.0934 2976    crcdisk         (2c4ebcfc84a9b44f209dff6c6e6c61d1C:\Windows\system32\DRIVERS\crcdisk.sys
19
:52:02.0950 2976    crcdisk ok
19
:52:11.0249 2976    DfsC            (83d1ecea8faae75604c0fa49ac7ad996C:\Windows\system32\Drivers\dfsc.sys
19
:52:11.0280 2976    DfsC ok
19
:52:22.0231 2976    discache        (1a050b0274bfb3890703d490f330c0daC:\Windows\system32\drivers\discache.sys
19
:52:27.0707 2976    discache ok
19
:52:27.0769 2976    Disk            (565003f326f99802e68ca78f2a68e9ffC:\Windows\system32\DRIVERS\disk.sys
19
:52:27.0834 2976    Disk ok
19
:52:27.0909 2976    drmkaud         (b918e7c5f9bf77202f89e1a9539f2eb4C:\Windows\system32\drivers\drmkaud.sys
19
:52:27.0950 2976    drmkaud ok
19
:52:28.0059 2976    DVMIO           (8cf55015b2a443ee869c90cab31fd435C:\SPLASH.SYS\config\dvmio.sys
19
:52:28.0103 2976    DVMIO ok
19
:52:28.0335 2976    DXGKrnl         (1679a4669326cb1a67cc95658d273234C:\Windows\System32\drivers\dxgkrnl.sys
19
:52:28.0416 2976    DXGKrnl ok
19
:52:28.0680 2976    ebdrv           (024e1b5cac09731e4d868e64dbfb4ab0C:\Windows\system32\DRIVERS\evbdx.sys
19
:52:28.0874 2976    ebdrv ok
19
:52:28.0988 2976    elxstor         (0ed67910c8c326796faa00b2bf6d9d3cC:\Windows\system32\DRIVERS\elxstor.sys
19
:52:29.0066 2976    elxstor ok
19
:52:29.0112 2976    ErrDev          (8fc3208352dd3912c94367a206ab3f11C:\Windows\system32\DRIVERS\errdev.sys
19
:52:29.0144 2976    ErrDev ok
19
:52:29.0315 2976    exfat           (2dc9108d74081149cc8b651d3a26207fC:\Windows\system32\drivers\exfat.sys
19
:52:29.0346 2976    exfat ok
19
:52:29.0456 2976    fastfat         (7e0ab74553476622fb6ae36f73d97d35C:\Windows\system32\drivers\fastfat.sys
19
:52:29.0502 2976    fastfat ok
19
:52:29.0549 2976    fdc             (e817a017f82df2a1f8cfdbda29388b29C:\Windows\system32\DRIVERS\fdc.sys
19
:52:29.0580 2976    fdc ok
19
:52:29.0705 2976    FileInfo        (6cf00369c97f3cf563be99be983d13d8C:\Windows\system32\drivers\fileinfo.sys
19
:52:29.0736 2976    FileInfo ok
19
:52:29.0783 2976    Filetrace       (42c51dc94c91da21cb9196eb64c45db9C:\Windows\system32\drivers\filetrace.sys
19
:52:29.0814 2976    Filetrace ok
19
:52:29.0986 2976    flpydisk        (87907aa70cb3c56600f1c2fb8841579bC:\Windows\system32\DRIVERS\flpydisk.sys
19
:52:30.0017 2976    flpydisk ok
19
:52:30.0080 2976    FltMgr          (7520ec808e0c35e0ee6f841294316653C:\Windows\system32\drivers\fltmgr.sys
19
:52:30.0111 2976    FltMgr ok
19
:52:30.0189 2976    FsDepends       (1a16b57943853e598cff37fe2b8cbf1dC:\Windows\system32\drivers\FsDepends.sys
19
:52:30.0220 2976    FsDepends ok
19
:52:30.0314 2976    Fs_Rec          (a574b4360e438977038aae4bf60d79a2C:\Windows\system32\drivers\Fs_Rec.sys
19
:52:30.0345 2976    Fs_Rec ok
19
:52:30.0454 2976    fvevol          (dafbd9fe39197495aed6d51f3b85b5d2C:\Windows\system32\DRIVERS\fvevol.sys
19
:52:30.0532 2976    fvevol ok
19
:52:30.0610 2976    gagp30kx        (65ee0c7a58b65e74ae05637418153938C:\Windows\system32\DRIVERS\gagp30kx.sys
19
:52:30.0657 2976    gagp30kx ok
19
:52:30.0766 2976    hcw85cir        (c44e3c2bab6837db337ddee7544736dbC:\Windows\system32\drivers\hcw85cir.sys
19
:52:30.0860 2976    hcw85cir ok
19
:52:30.0906 2976    HdAudAddService (3530cad25deba7dc7de8bb51632cbc5fC:\Windows\system32\drivers\HdAudio.sys
19
:52:30.0953 2976    HdAudAddService ok
19
:52:31.0047 2976    HDAudBus        (717a2207fd6f13ad3e664c7d5a43c7bfC:\Windows\system32\DRIVERS\HDAudBus.sys
19
:52:31.0047 2976    HDAudBus ok
19
:52:31.0078 2976    HidBatt         (1d58a7f3e11a9731d0eaaaa8405acc36C:\Windows\system32\DRIVERS\HidBatt.sys
19
:52:31.0140 2976    HidBatt ok
19
:52:31.0187 2976    HidBth          (89448f40e6df260c206a193a4683ba78C:\Windows\system32\DRIVERS\hidbth.sys
19
:52:31.0281 2976    HidBth ok
19
:52:31.0312 2976    HidIr           (cf50b4cf4a4f229b9f3c08351f99ca5eC:\Windows\system32\DRIVERS\hidir.sys
19
:52:31.0374 2976    HidIr ok
19
:52:31.0437 2976    HidUsb          (25072fb35ac90b25f9e4e3bacf774102C:\Windows\system32\DRIVERS\hidusb.sys
19
:52:31.0515 2976    HidUsb ok
19
:52:31.0718 2976    HpqKbFiltr      (1210960ff8928950d2a786895b0c424aC:\Windows\system32\DRIVERS\HpqKbFiltr.sys
19
:52:31.0811 2976    HpqKbFiltr ok
19
:52:31.0889 2976    HpSAMD          (295fdc419039090eb8b49ffdbb374549C:\Windows\system32\DRIVERS\HpSAMD.sys
19
:52:31.0936 2976    HpSAMD ok
19
:52:32.0014 2976    HTTP            (c531c7fd9e8b62021112787c4e2c5a5aC:\Windows\system32\drivers\HTTP.sys
19
:52:32.0076 2976    HTTP ok
19
:52:32.0170 2976    hwpolicy        (8305f33cde89ad6c7a0763ed0b5a8d42C:\Windows\system32\drivers\hwpolicy.sys
19
:52:32.0217 2976    hwpolicy ok
19
:52:32.0279 2976    i8042prt        (f151f0bdc47f4a28b1b20a0818ea36d6C:\Windows\system32\DRIVERS\i8042prt.sys
19
:52:32.0310 2976    i8042prt ok
19
:52:32.0435 2976    iaStor          (d483687eace0c065ee772481a96e05f5C:\Windows\system32\DRIVERS\iaStor.sys
19
:52:32.0451 2976    iaStor ok
19
:52:32.0513 2976    iaStorV         (71f1a494fedf4b33c02c4a6a28d6d9e9C:\Windows\system32\drivers\iaStorV.sys
19
:52:32.0560 2976    iaStorV ok
19
:52:32.0888 2976    igfx            (81f7c715528ab621c6af58869d4b07b9C:\Windows\system32\DRIVERS\igdkmd32.sys
19
:52:57.0894 2976    igfx ok
19
:52:58.0066 2976    iirsp           (4173ff5708f3236cf25195fecd742915C:\Windows\system32\DRIVERS\iirsp.sys
19
:52:58.0113 2976    iirsp ok
19
:52:58.0206 2976    intelide        (a0f12f2c9ba6c72f3987ce780e77c130C:\Windows\system32\DRIVERS\intelide.sys
19
:52:58.0237 2976    intelide ok
19
:52:58.0300 2976    intelppm        (3b514d27bfc4accb4037bc6685f766e0C:\Windows\system32\DRIVERS\intelppm.sys
19
:52:58.0315 2976    intelppm ok
19
:52:58.0393 2976    IpFilterDriver  (709d1761d3b19a932ff0238ea6d50200C:\Windows\system32\DRIVERS\ipfltdrv.sys
19
:52:58.0456 2976    IpFilterDriver ok
19
:52:58.0503 2976    IPMIDRV         (e4454b6c37d7ffd5649611f6496308a7C:\Windows\system32\DRIVERS\IPMIDrv.sys
19
:52:58.0581 2976    IPMIDRV ok
19
:52:58.0659 2976    IPNAT           (a5fa468d67abcdaa36264e463a7bb0cdC:\Windows\system32\drivers\ipnat.sys
19
:52:58.0705 2976    IPNAT ok
19
:52:58.0768 2976    IRENUM          (42996cff20a3084a56017b7902307e9fC:\Windows\system32\drivers\irenum.sys
19
:52:58.0830 2976    IRENUM ok
19
:52:58.0924 2976    isapnp          (1f32bb6b38f62f7df1a7ab7292638a35C:\Windows\system32\DRIVERS\isapnp.sys
19
:52:59.0095 2976    isapnp ok
19
:52:59.0142 2976    iScsiPrt        (ed46c223ae46c6866ab77cdc41c404b7C:\Windows\system32\DRIVERS\msiscsi.sys
19
:52:59.0189 2976    iScsiPrt ok
19
:52:59.0267 2976    kbdclass        (adef52ca1aeae82b50df86b56413107eC:\Windows\system32\DRIVERS\kbdclass.sys
19
:52:59.0314 2976    kbdclass ok
19
:52:59.0376 2976    kbdhid          (3d9f0ebf350edcfd6498057301455964C:\Windows\system32\DRIVERS\kbdhid.sys
19
:52:59.0407 2976    kbdhid ok
19
:52:59.0532 2976    KSecDD          (e36a061ec11b373826905b21be10948fC:\Windows\system32\Drivers\ksecdd.sys
19
:52:59.0579 2976    KSecDD ok
19
:52:59.0626 2976    KSecPkg         (365c6154bbbc5377173f1ca7bfb6cc59C:\Windows\system32\Drivers\ksecpkg.sys
19
:52:59.0735 2976    KSecPkg ok
19
:52:59.0829 2976    lltdio          (f7611ec07349979da9b0ae1f18ccc7a6C:\Windows\system32\DRIVERS\lltdio.sys
19
:52:59.0860 2976    lltdio ok
19
:52:59.0922 2976    LSI_FC          (eb119a53ccf2acc000ac71b065b78fefC:\Windows\system32\DRIVERS\lsi_fc.sys
19
:52:59.0953 2976    LSI_FC ok
19
:52:59.0985 2976    LSI_SAS         (8ade1c877256a22e49b75d1cc9161f9cC:\Windows\system32\DRIVERS\lsi_sas.sys
19
:53:00.0016 2976    LSI_SAS ok
19
:53:00.0031 2976    LSI_SAS2        (dc9dc3d3daa0e276fd2ec262e38b11e9C:\Windows\system32\DRIVERS\lsi_sas2.sys
19
:53:00.0078 2976    LSI_SAS2 ok
19
:53:00.0109 2976    LSI_SCSI        (0a036c7d7cab643a7f07135ac47e0524C:\Windows\system32\DRIVERS\lsi_scsi.sys
19
:53:00.0141 2976    LSI_SCSI ok
19
:53:00.0172 2976    luafv           (6703e366cc18d3b6e534f5cf7df39ceeC:\Windows\system32\drivers\luafv.sys
19
:53:00.0203 2976    luafv ok
19
:53:00.0234 2976    megasas         (0fff5b045293002ab38eb1fd1fc2fb74C:\Windows\system32\DRIVERS\megasas.sys
19
:53:00.0250 2976    megasas ok
19
:53:00.0343 2976    MegaSR          (dcbab2920c75f390caf1d29f675d03d6C:\Windows\system32\DRIVERS\MegaSR.sys
19
:53:00.0375 2976    MegaSR ok
19
:53:00.0406 2976    Modem           (f001861e5700ee84e2d4e52c712f4964C:\Windows\system32\drivers\modem.sys
19
:53:00.0421 2976    Modem ok
19
:53:00.0453 2976    monitor         (79d10964de86b292320e9dfe02282a23C:\Windows\system32\DRIVERS\monitor.sys
19
:53:00.0453 2976    monitor ok
19
:53:00.0484 2976    mouclass        (fb18cc1d4c2e716b6b903b0ac0cc0609C:\Windows\system32\DRIVERS\mouclass.sys
19
:53:00.0499 2976    mouclass ok
19
:53:00.0546 2976    mouhid          (2c388d2cd01c9042596cf3c8f3c7b24dC:\Windows\system32\DRIVERS\mouhid.sys
19
:53:00.0577 2976    mouhid ok
19
:53:00.0624 2976    mountmgr        (921c18727c5920d6c0300736646931c2C:\Windows\system32\drivers\mountmgr.sys
19
:53:00.0655 2976    mountmgr ok
19
:53:00.0702 2976    mpio            (2af5997438c55fb79d33d015c30e1974C:\Windows\system32\DRIVERS\mpio.sys
19
:53:00.0749 2976    mpio ok
19
:53:00.0827 2976    mpsdrv          (ad2723a7b53dd1aacae6ad8c0bfbf4d0C:\Windows\system32\drivers\mpsdrv.sys
19
:53:00.0858 2976    mpsdrv ok
19
:53:00.0921 2976    MRxDAV          (b1be47008d20e43da3adc37c24cdb89dC:\Windows\system32\drivers\mrxdav.sys
19
:53:00.0967 2976    MRxDAV ok
19
:53:01.0014 2976    mrxsmb          (ca7570e42522e24324a12161db14ec02C:\Windows\system32\DRIVERS\mrxsmb.sys
19
:53:01.0045 2976    mrxsmb ok
19
:53:01.0108 2976    mrxsmb10        (f965c3ab2b2ae5c378f4562486e35051C:\Windows\system32\DRIVERS\mrxsmb10.sys
19
:53:01.0155 2976    mrxsmb10 ok
19
:53:01.0209 2976    mrxsmb20        (25c38264a3c72594dd21d355d70d7a5dC:\Windows\system32\DRIVERS\mrxsmb20.sys
19
:53:01.0293 2976    mrxsmb20 ok
19
:53:01.0410 2976    msahci          (4326d168944123f38dd3b2d9c37a0b12C:\Windows\system32\DRIVERS\msahci.sys
19
:53:01.0441 2976    msahci ok
19
:53:01.0560 2976    msdsm           (455029c7174a2dbb03dba8a0d8bddd9aC:\Windows\system32\DRIVERS\msdsm.sys
19
:53:01.0578 2976    msdsm ok
19
:53:01.0648 2976    Msfs            (daefb28e3af5a76abcc2c3078c07327fC:\Windows\system32\drivers\Msfs.sys
19
:53:01.0710 2976    Msfs ok
19
:53:01.0743 2976    mshidkmdf       (3e1e5767043c5af9367f0056295e9f84C:\Windows\System32\drivers\mshidkmdf.sys
19
:53:01.0761 2976    mshidkmdf ok
19
:53:01.0799 2976    msisadrv        (0a4e5757ae09fa9622e3158cc1aef114C:\Windows\system32\DRIVERS\msisadrv.sys
19
:53:01.0850 2976    msisadrv ok
19
:53:01.0907 2976    MSKSSRV         (8c0860d6366aaffb6c5bb9df9448e631C:\Windows\system32\drivers\MSKSSRV.sys
19
:53:01.0940 2976    MSKSSRV ok
19
:53:01.0960 2976    MSPCLOCK        (3ea8b949f963562cedbb549eac0c11ceC:\Windows\system32\drivers\MSPCLOCK.sys
19
:53:01.0994 2976    MSPCLOCK ok
19
:53:02.0054 2976    MSPQM           (f456e973590d663b1073e9c463b40932C:\Windows\system32\drivers\MSPQM.sys
19
:53:02.0135 2976    MSPQM ok
19
:53:02.0172 2976    MsRPC           (0e008fc4819d238c51d7c93e7b41e560C:\Windows\system32\drivers\MsRPC.sys
19
:53:02.0230 2976    MsRPC ok
19
:53:02.0270 2976    mssmbios        (fc6b9ff600cc585ea38b12589bd4e246C:\Windows\system32\DRIVERS\mssmbios.sys
19
:53:02.0274 2976    mssmbios ok
19
:53:02.0301 2976    MSTEE           (b42c6b921f61a6e55159b8be6cd54a36C:\Windows\system32\drivers\MSTEE.sys
19
:53:02.0314 2976    MSTEE ok
19
:53:02.0332 2976    MTConfig        (33599130f44e1f34631cea241de8ac84C:\Windows\system32\DRIVERS\MTConfig.sys
19
:53:02.0365 2976    MTConfig ok
19
:53:02.0394 2976    Mup             (159fad02f64e6381758c990f753bcc80C:\Windows\system32\Drivers\mup.sys
19
:53:02.0425 2976    Mup ok
19
:53:02.0488 2976    NativeWifiP     (26384429fcd85d83746f63e798ab1480C:\Windows\system32\DRIVERS\nwifi.sys
19
:53:02.0535 2976    NativeWifiP ok
19
:53:02.0581 2976    NDIS            (23759d175a0a9baaf04d05047bc135a8C:\Windows\system32\drivers\ndis.sys
19
:53:02.0597 2976    NDIS ok
19
:53:02.0644 2976    NdisCap         (0e1787aa6c9191d3d319e8bafe86f80cC:\Windows\system32\DRIVERS\ndiscap.sys
19
:53:02.0659 2976    NdisCap ok
19
:53:02.0722 2976    NdisTapi        (e4a8aec125a2e43a9e32afeea7c9c888C:\Windows\system32\DRIVERS\ndistapi.sys
19
:53:05.0436 2976    NdisTapi ok
19
:53:27.0270 2976    Ndisuio         (b30ae7f2b6d7e343b0df32e6c08fce75C:\Windows\system32\DRIVERS\ndisuio.sys
19
:53:27.0301 2976    Ndisuio ok
19
:53:27.0364 2976    NdisWan         (267c415eadcbe53c9ca873dee39cf3a4C:\Windows\system32\DRIVERS\ndiswan.sys
19
:53:27.0379 2976    NdisWan ok
19
:53:27.0426 2976    NDProxy         (af7e7c63dcef3f8772726f86039d6eb4C:\Windows\system32\drivers\NDProxy.sys
19
:53:27.0442 2976    NDProxy ok
19
:53:27.0489 2976    NetBIOS         (80b275b1ce3b0e79909db7b39af74d51C:\Windows\system32\DRIVERS\netbios.sys
19
:53:27.0504 2976    NetBIOS ok
19
:53:27.0535 2976    NetBT           (dd52a733bf4ca5af84562a5e2f963b91C:\Windows\system32\DRIVERS\netbt.sys
19
:53:27.0551 2976    NetBT ok
19
:53:27.0769 2976    netw5v32        (58218ec6b61b1169cf54aab0d00f5fe2C:\Windows\system32\DRIVERS\netw5v32.sys
19
:53:27.0894 2976    netw5v32 ok
19
:53:27.0957 2976    nfrd960         (1d85c4b390b0ee09c7a46b91efb2c097C:\Windows\system32\DRIVERS\nfrd960.sys
19
:53:27.0957 2976    nfrd960 ok
19
:53:28.0003 2976    Npfs            (1db262a9f8c087e8153d89bef3d2235fC:\Windows\system32\drivers\Npfs.sys
19
:53:28.0003 2976    Npfs ok
19
:53:28.0175 2976    nsiproxy        (e9a0a4d07e53d8fea2bb8387a3293c58C:\Windows\system32\drivers\nsiproxy.sys
19
:53:28.0191 2976    nsiproxy ok
19
:53:28.0362 2976    Ntfs            (187002ce05693c306f43c873f821381fC:\Windows\system32\drivers\Ntfs.sys
19
:53:28.0518 2976    Ntfs ok
19
:53:28.0549 2976    Null            (f9756a98d69098dca8945d62858a812cC:\Windows\system32\drivers\Null.sys
19
:53:28.0549 2976    Null ok
19
:53:28.0596 2976    nvraid          (f1b0bed906f97e16f6d0c3629d2f21c6C:\Windows\system32\drivers\nvraid.sys
19
:53:28.0612 2976    nvraid ok
19
:53:28.0643 2976    nvstor          (4520b63899e867f354ee012d34e11536C:\Windows\system32\drivers\nvstor.sys
19
:53:28.0690 2976    nvstor ok
19
:53:28.0721 2976    nv_agp          (5a0983915f02bae73267cc2a041f717dC:\Windows\system32\DRIVERS\nv_agp.sys
19
:53:28.0768 2976    nv_agp ok
19
:53:28.0799 2976    ohci1394        (08a70a1f2cdde9bb49b885cb817a66ebC:\Windows\system32\DRIVERS\ohci1394.sys
19
:53:28.0815 2976    ohci1394 ok
19
:53:28.0877 2976    Parport         (2ea877ed5dd9713c5ac74e8ea7348d14C:\Windows\system32\DRIVERS\parport.sys
19
:53:28.0893 2976    Parport ok
19
:53:28.0924 2976    partmgr         (ff4218952b51de44fe910953a3e686b9C:\Windows\system32\drivers\partmgr.sys
19
:53:28.0955 2976    partmgr ok
19
:53:28.0971 2976    Parvdm          (eb0a59f29c19b86479d36b35983daadcC:\Windows\system32\DRIVERS\parvdm.sys
19
:53:28.0986 2976    Parvdm ok
19
:53:29.0017 2976    pci             (c858cb77c577780ecc456a892e7e7d0fC:\Windows\system32\DRIVERS\pci.sys
19
:53:29.0064 2976    pci ok
19
:53:29.0111 2976    pciide          (afe86f419014db4e5593f69ffe26ce0aC:\Windows\system32\DRIVERS\pciide.sys
19
:53:29.0142 2976    pciide ok
19
:53:29.0205 2976    pcmcia          (f396431b31693e71e8a80687ef523506C:\Windows\system32\DRIVERS\pcmcia.sys
19
:53:29.0267 2976    pcmcia ok
19
:53:29.0314 2976    pcw             (250f6b43d2b613172035c6747aeeb19fC:\Windows\system32\drivers\pcw.sys
19
:53:29.0361 2976    pcw ok
19
:53:29.0454 2976    PEAUTH          (9e0104ba49f4e6973749a02bf41344edC:\Windows\system32\drivers\peauth.sys
19
:53:29.0673 2976    PEAUTH ok
19
:53:29.0813 2976    PptpMiniport    (631e3e205ad6d86f2aed6a4a8e69f2dbC:\Windows\system32\DRIVERS\raspptp.sys
19
:53:29.0844 2976    PptpMiniport ok
19
:53:29.0907 2976    Processor       (85b1e3a0c7585bc4aae6899ec6fcf011C:\Windows\system32\DRIVERS\processr.sys
19
:53:29.0953 2976    Processor ok
19
:53:30.0063 2976    Psched          (6270ccae2a86de6d146529fe55b3246aC:\Windows\system32\DRIVERS\pacer.sys
19
:53:30.0078 2976    Psched ok
19
:53:30.0187 2976    ql2300          (ab95ecf1f6659a60ddc166d8315b0751C:\Windows\system32\DRIVERS\ql2300.sys
19
:53:30.0312 2976    ql2300 ok
19
:53:30.0390 2976    ql40xx          (b4dd51dd25182244b86737dc51af2270C:\Windows\system32\DRIVERS\ql40xx.sys
19
:53:30.0421 2976    ql40xx ok
19
:53:30.0468 2976    QWAVEdrv        (584078ca1b95ca72df2a27c336f9719dC:\Windows\system32\drivers\qwavedrv.sys
19
:53:30.0531 2976    QWAVEdrv ok
19
:53:30.0577 2976    RasAcd          (30a81b53c766d0133bb86d234e5556abC:\Windows\system32\DRIVERS\rasacd.sys
19
:53:30.0640 2976    RasAcd ok
19
:53:30.0702 2976    RasAgileVpn     (57ec4aef73660166074d8f7f31c0d4fdC:\Windows\system32\DRIVERS\AgileVpn.sys
19
:53:30.0718 2976    RasAgileVpn ok
19
:53:30.0780 2976    Rasl2tp         (d9f91eafec2815365cbe6d167e4e332aC:\Windows\system32\DRIVERS\rasl2tp.sys
19
:53:30.0827 2976    Rasl2tp ok
19
:53:30.0889 2976    RasPppoe        (0fe8b15916307a6ac12bfb6a63e45507C:\Windows\system32\DRIVERS\raspppoe.sys
19
:53:30.0936 2976    RasPppoe ok
19
:53:30.0983 2976    RasSstp         (44101f495a83ea6401d886e7fd70096bC:\Windows\system32\DRIVERS\rassstp.sys
19
:53:31.0014 2976    RasSstp ok
19
:53:31.0061 2976    rdbss           (835d7e81bf517a3b72384bdcc85e1ce6C:\Windows\system32\DRIVERS\rdbss.sys
19
:53:31.0092 2976    rdbss ok
19
:53:31.0139 2976    rdpbus          (0d8f05481cb76e70e1da06ee9f0da9dfC:\Windows\system32\DRIVERS\rdpbus.sys
19
:53:31.0170 2976    rdpbus ok
19
:53:31.0279 2976    RDPCDD          (1e016846895b15a99f9a176a05029075C:\Windows\system32\DRIVERS\RDPCDD.sys
19
:53:31.0311 2976    RDPCDD ok
19
:53:31.0373 2976    RDPENCDD        (5a53ca1598dd4156d44196d200c94b8aC:\Windows\system32\drivers\rdpencdd.sys
19
:53:31.0389 2976    RDPENCDD ok
19
:53:31.0482 2976    RDPREFMP        (44b0a53cd4f27d50ed461dae0c0b4e1fC:\Windows\system32\drivers\rdprefmp.sys
19
:53:31.0513 2976    RDPREFMP ok
19
:53:31.0576 2976    RDPWD           (801371ba9782282892d00aadb08ee367C:\Windows\system32\drivers\RDPWD.sys
19
:53:31.0607 2976    RDPWD ok
19
:53:31.0685 2976    rdyboost        (4ea225bf1cf05e158853f30a99ca29a7C:\Windows\system32\drivers\rdyboost.sys
19
:53:31.0732 2976    rdyboost ok
19
:53:31.0825 2976    rspndr          (032b0d36ad92b582d869879f5af5b928C:\Windows\system32\DRIVERS\rspndr.sys
19
:53:31.0857 2976    rspndr ok
19
:53:31.0935 2976    RSUSBSTOR       (f9541f3b59da30423f2f76ef443c07fcC:\Windows\system32\Drivers\RtsUStor.sys
19
:53:31.0966 2976    RSUSBSTOR ok
19
:53:32.0028 2976    RTL8167         (c5a68c5ec01fd6f03396dd154b48db56C:\Windows\system32\DRIVERS\Rt86win7.sys
19
:53:32.0059 2976    RTL8167 ok
19
:53:32.0122 2976    sbp2port        (34ee0c44b724e3e4ce2eff29126de5b5C:\Windows\system32\DRIVERS\sbp2port.sys
19
:53:32.0153 2976    sbp2port ok
19
:53:32.0200 2976    scfilter        (a95c54b2ac3cc9c73fcdf9e51a1d6b51C:\Windows\system32\DRIVERS\scfilter.sys
19
:53:32.0231 2976    scfilter ok
19
:53:32.0293 2976    sdbus           (7b48cff3a475fe849dea65ec4d35c425C:\Windows\system32\DRIVERS\sdbus.sys
19
:53:32.0309 2976    sdbus ok
19
:53:32.0356 2976    secdrv          (90a3935d05b494a5a39d37e71f09a677C:\Windows\system32\drivers\secdrv.sys
19
:53:32.0371 2976    secdrv ok
19
:53:32.0418 2976    Serenum         (9ad8b8b515e3df6acd4212ef465de2d1C:\Windows\system32\DRIVERS\serenum.sys
19
:53:32.0449 2976    Serenum ok
19
:53:32.0512 2976    Serial          (5fb7fcea0490d821f26f39cc5ea3d1e2C:\Windows\system32\DRIVERS\serial.sys
19
:53:32.0559 2976    Serial ok
19
:53:40.0717 2976    sermouse        (79bffb520327ff916a582dfea17aa813C:\Windows\system32\DRIVERS\sermouse.sys
19
:53:46.0212 2976    sermouse ok
19
:53:57.0100 2976    sffdisk         (9f976e1eb233df46fce808d9dea3eb9cC:\Windows\system32\DRIVERS\sffdisk.sys
19
:53:57.0147 2976    sffdisk ok
19
:53:57.0163 2976    sffp_mmc        (932a68ee27833cfd57c1639d375f2731C:\Windows\system32\DRIVERS\sffp_mmc.sys
19
:53:57.0194 2976    sffp_mmc ok
19
:53:57.0241 2976    sffp_sd         (4f1e5b0fe7c8050668dbfade8999aefbC:\Windows\system32\DRIVERS\sffp_sd.sys
19
:53:57.0256 2976    sffp_sd ok
19
:53:57.0288 2976    sfloppy         (db96666cc8312ebc45032f30b007a547C:\Windows\system32\DRIVERS\sfloppy.sys
19
:53:57.0303 2976    sfloppy ok
19
:53:57.0459 2976    sisagp          (2565cac0dc9fe0371bdce60832582b2eC:\Windows\system32\DRIVERS\sisagp.sys
19
:53:57.0490 2976    sisagp ok
19
:53:57.0522 2976    SiSRaid2        (a9f0486851becb6dda1d89d381e71055C:\Windows\system32\DRIVERS\SiSRaid2.sys
19
:53:57.0568 2976    SiSRaid2 ok
19
:53:57.0600 2976    SiSRaid4        (3727097b55738e2f554972c3be5bc1aaC:\Windows\system32\DRIVERS\sisraid4.sys
19
:53:57.0631 2976    SiSRaid4 ok
19
:53:57.0662 2976    Smb             (3e21c083b8a01cb70ba1f09303010fceC:\Windows\system32\DRIVERS\smb.sys
19
:53:57.0693 2976    Smb ok
19
:53:57.0771 2976    spldr           (95cf1ae7527fb70f7816563cbc09d942C:\Windows\system32\drivers\spldr.sys
19
:53:57.0787 2976    spldr ok
19
:53:57.0865 2976    srv             (c4a027b8c0bd3fc0699f41fa5e9e0c87C:\Windows\system32\DRIVERS\srv.sys
19
:53:57.0958 2976    srv ok
19
:53:57.0990 2976    srv2            (414bb592cad8a79649d01f9d94318fb3C:\Windows\system32\DRIVERS\srv2.sys
19
:53:58.0036 2976    srv2 ok
19
:53:58.0068 2976    SrvHsfHDA       (e00fdfaff025e94f9821153750c35a6dC:\Windows\system32\DRIVERS\VSTAZL3.SYS
19
:53:58.0114 2976    SrvHsfHDA ok
19
:53:58.0161 2976    SrvHsfV92       (ceb4e3b6890e1e42dca6694d9e59e1a0C:\Windows\system32\DRIVERS\VSTDPV3.SYS
19
:53:58.0224 2976    SrvHsfV92 ok
19
:53:58.0286 2976    SrvHsfWinac     (bc0c7ea89194c299f051c24119000e17C:\Windows\system32\DRIVERS\VSTCNXT3.SYS
19
:53:58.0426 2976    SrvHsfWinac ok
19
:53:58.0489 2976    srvnet          (ff207d67700aa18242aaf985d3e7d8f4C:\Windows\system32\DRIVERS\srvnet.sys
19
:53:58.0551 2976    srvnet ok
19
:53:58.0660 2976    ssmdrv          (a36ee93698802cd899f98bfd553d8185C:\Windows\system32\DRIVERS\ssmdrv.sys
19
:53:58.0676 2976    ssmdrv ok
19
:53:58.0738 2976    stexstor        (db32d325c192b801df274bfd12a7e72bC:\Windows\system32\DRIVERS\stexstor.sys
19
:53:58.0770 2976    stexstor ok
19
:53:58.0832 2976    STHDA           (96cb9fd21207af4456d37957441f6001C:\Windows\system32\DRIVERS\stwrt.sys
19
:53:58.0910 2976    STHDA ok
19
:53:58.0957 2976    swenum          (e58c78a848add9610a4db6d214af5224C:\Windows\system32\DRIVERS\swenum.sys
19
:53:58.0988 2976    swenum ok
19
:53:59.0050 2976    SynTP           (c6e720d3f5fb8290d01acfb63e14b606C:\Windows\system32\DRIVERS\SynTP.sys
19
:53:59.0097 2976    SynTP ok
19
:53:59.0253 2976    Tcpip           (56c198ac82efa622dd93e9e43575f79cC:\Windows\system32\drivers\tcpip.sys
19
:53:59.0394 2976    Tcpip ok
19
:53:59.0487 2976    TCPIP6          (56c198ac82efa622dd93e9e43575f79cC:\Windows\system32\DRIVERS\tcpip.sys
19
:53:59.0518 2976    TCPIP6 ok
19
:54:24.0048 2976    tcpipreg        (e64444523add154f86567c469bc0b17fC:\Windows\system32\drivers\tcpipreg.sys
19
:54:24.0235 2976    tcpipreg ok
19
:54:24.0313 2976    TDPIPE          (1875c1490d99e70e449e3afae9fcbadfC:\Windows\system32\drivers\tdpipe.sys
19
:54:24.0329 2976    TDPIPE ok
19
:54:24.0391 2976    TDTCP           (7551e91ea999ee9a8e9c331d5a9c31f3C:\Windows\system32\drivers\tdtcp.sys
19
:54:24.0422 2976    TDTCP ok
19
:54:24.0485 2976    tdx             (cb39e896a2a83702d1737bfd402b3542C:\Windows\system32\DRIVERS\tdx.sys
19
:54:24.0516 2976    tdx ok
19
:54:24.0578 2976    TermDD          (c36f41ee20e6999dbf4b0425963268a5C:\Windows\system32\DRIVERS\termdd.sys
19
:54:24.0625 2976    TermDD ok
19
:54:24.0750 2976    tssecsrv        (98ae6fa07d12cb4ec5cf4a9bfa5f4242C:\Windows\system32\DRIVERS\tssecsrv.sys
19
:54:24.0766 2976    tssecsrv ok
19
:54:24.0812 2976    tunnel          (3e461d890a97f9d4c168f5fda36e1d00C:\Windows\system32\DRIVERS\tunnel.sys
19
:54:24.0812 2976    tunnel ok
19
:54:24.0875 2976    uagp35          (750fbcb269f4d7dd2e420c56b795db6dC:\Windows\system32\DRIVERS\uagp35.sys
19
:54:24.0922 2976    uagp35 ok
19
:54:25.0000 2976    udfs            (eb0a7bd4d471ac3ce55564a4c55b9d8eC:\Windows\system32\DRIVERS\udfs.sys
19
:54:25.0062 2976    udfs ok
19
:54:25.0124 2976    uliagpkx        (44e8048ace47befbfdc2e9be4cbc8880C:\Windows\system32\DRIVERS\uliagpkx.sys
19
:54:25.0140 2976    uliagpkx ok
19
:54:25.0218 2976    umbus           (049b3a50b3d646baeeee9eec9b0668dcC:\Windows\system32\DRIVERS\umbus.sys
19
:54:25.0234 2976    umbus ok
19
:54:25.0280 2976    UmPass          (7550ad0c6998ba1cb4843e920ee0feacC:\Windows\system32\DRIVERS\umpass.sys
19
:54:25.0296 2976    UmPass ok
19
:54:25.0405 2976    usbccgp         (5c233aefb566ee78c1efbc0493fb066aC:\Windows\system32\DRIVERS\usbccgp.sys
19
:54:25.0421 2976    usbccgp ok
19
:54:25.0483 2976    usbcir          (04ec7cec62ec3b6d9354eee93327fc82C:\Windows\system32\DRIVERS\usbcir.sys
19
:54:25.0546 2976    usbcir ok
19
:54:25.0639 2976    usbehci         (5b71019a6aca0116fd21b368f19c0b91C:\Windows\system32\drivers\usbehci.sys
19
:54:25.0670 2976    usbehci ok
19
:54:25.0748 2976    usbhub          (5823d3965c2a4f6f785ed1a3b403f3b8C:\Windows\system32\DRIVERS\usbhub.sys
19
:54:25.0795 2976    usbhub ok
19
:54:25.0904 2976    usbohci         (e753ed6c49da13967ebabf9ea616454aC:\Windows\system32\drivers\usbohci.sys
19
:54:25.0920 2976    usbohci ok
19
:54:25.0982 2976    usbprint        (797d862fe0875e75c7cc4c1ad7b30252C:\Windows\system32\DRIVERS\usbprint.sys
19
:54:26.0138 2976    usbprint ok
19
:54:26.0185 2976    USBSTOR         (1c4287739a93594e57e2a9e6a3ed7353C:\Windows\system32\DRIVERS\USBSTOR.SYS
19
:54:26.0232 2976    USBSTOR ok
19
:54:26.0279 2976    usbuhci         (6a30928a469ce802600e1ea8c0f2f53fC:\Windows\system32\drivers\usbuhci.sys
19
:54:26.0310 2976    usbuhci ok
19
:54:26.0388 2976    usbvideo        (b5f6a992d996282b7fae7048e50af83aC:\Windows\System32\Drivers\usbvideo.sys
19
:54:26.0435 2976    usbvideo ok
19
:54:26.0513 2976    vdrvroot        (a059c4c3edb09e07d21a8e5c0aabd3cbC:\Windows\system32\DRIVERS\vdrvroot.sys
19
:54:26.0560 2976    vdrvroot ok
19
:54:26.0591 2976    vga             (17c408214ea61696cec9c66e388b14f3C:\Windows\system32\DRIVERS\vgapnp.sys
19
:54:26.0622 2976    vga ok
19
:54:26.0653 2976    VgaSave         (8e38096ad5c8570a6f1570a61e251561C:\Windows\System32\drivers\vga.sys
19
:54:26.0684 2976    VgaSave ok
19
:54:26.0716 2976    vhdmp           (3be6e1f3a4f1afec8cee0d7883f93583C:\Windows\system32\DRIVERS\vhdmp.sys
19
:54:26.0747 2976    vhdmp ok
19
:54:26.0762 2976    viaagp          (c829317a37b4bea8f39735d4b076e923C:\Windows\system32\DRIVERS\viaagp.sys
19
:54:26.0794 2976    viaagp ok
19
:54:26.0809 2976    ViaC7           (e02f079a6aa107f06b16549c6e5c7b74C:\Windows\system32\DRIVERS\viac7.sys
19
:54:26.0825 2976    ViaC7 ok
19
:54:26.0856 2976    viaide          (e43574f6a56a0ee11809b48c09e4fd3cC:\Windows\system32\DRIVERS\viaide.sys
19
:54:26.0887 2976    viaide ok
19
:54:26.0918 2976    volmgr          (384e5a2aa49934295171e499f86ba6f3C:\Windows\system32\DRIVERS\volmgr.sys
19
:54:26.0950 2976    volmgr ok
19
:54:26.0996 2976    volmgrx         (b5bb72067ddddbbfb04b2f89ff8c3c87C:\Windows\system32\drivers\volmgrx.sys
19
:54:27.0074 2976    volmgrx ok
19
:54:27.0106 2976    volsnap         (58df9d2481a56edde167e51b334d44fdC:\Windows\system32\DRIVERS\volsnap.sys
19
:54:27.0152 2976    volsnap ok
19
:54:27.0184 2976    vsmraid         (9dfa0cc2f8855a04816729651175b631C:\Windows\system32\DRIVERS\vsmraid.sys
19
:54:27.0215 2976    vsmraid ok
19
:54:27.0262 2976    vwifibus        (90567b1e658001e79d7c8bbd3dde5aa6C:\Windows\system32\DRIVERS\vwifibus.sys
19
:54:27.0277 2976    vwifibus ok
19
:54:27.0324 2976    vwififlt        (7090d3436eeb4e7da3373090a23448f7C:\Windows\system32\DRIVERS\vwififlt.sys
19
:54:27.0340 2976    vwififlt ok
19
:54:27.0386 2976    WacomPen        (de3721e89c653aa281428c8a69745d90C:\Windows\system32\DRIVERS\wacompen.sys
19
:54:27.0402 2976    WacomPen ok
19
:54:27.0449 2976    WANARP          (692a712062146e96d28ba0b7d75de31bC:\Windows\system32\DRIVERS\wanarp.sys
19
:54:27.0480 2976    WANARP ok
19
:54:27.0496 2976    Wanarpv6        (692a712062146e96d28ba0b7d75de31bC:\Windows\system32\DRIVERS\wanarp.sys
19
:54:27.0496 2976    Wanarpv6 ok
19
:54:27.0558 2976    Wd              (1112a9badacb47b7c0bb0392e3158dffC:\Windows\system32\DRIVERS\wd.sys
19
:54:27.0589 2976    Wd ok
19
:54:27.0667 2976    Wdf01000        (9950e3d0f08141c7e89e64456ae7dc73C:\Windows\system32\drivers\Wdf01000.sys
19
:54:27.0745 2976    Wdf01000 ok
19
:54:27.0854 2976    WfpLwf          (8b9a943f3b53861f2bfaf6c186168f79C:\Windows\system32\DRIVERS\wfplwf.sys
19
:54:27.0870 2976    WfpLwf ok
19
:54:27.0901 2976    WIMMount        (5cf95b35e59e2a38023836fff31be64cC:\Windows\system32\drivers\wimmount.sys
19
:54:27.0917 2976    WIMMount ok
19
:54:28.0042 2976    WmiAcpi         (0217679b8fca58714c3bf2726d2ca84eC:\Windows\system32\DRIVERS\wmiacpi.sys
19
:54:28.0042 2976    WmiAcpi ok
19
:54:28.0135 2976    ws2ifsl         (6db3276587b853bf886b69528fdb048cC:\Windows\system32\drivers\ws2ifsl.sys
19
:54:28.0166 2976    ws2ifsl ok
19
:54:28.0229 2976    WudfPf          (6f9b6c0c93232cff47d0f72d6db1d21eC:\Windows\system32\drivers\WudfPf.sys
19
:54:28.0260 2976    WudfPf ok
19
:54:28.0322 2976    WUDFRd          (f91ff1e51fca30b3c3981db7d5924252C:\Windows\system32\DRIVERS\WUDFRd.sys
19
:54:28.0354 2976    WUDFRd ok
19
:54:28.0432 2976    yukonw7         (b07c5b7efdf936ff93d4f540938725beC:\Windows\system32\DRIVERS\yk62x86.sys
19
:54:28.0494 2976    yukonw7 ok
19
:54:28.0556 2976    MBR (0x1B8)     (f30e8d0899b102b0f06cff65a6829c31) \Device\Harddisk0\DR0
19
:54:28.0603 2976    \Device\Harddisk0\DR0 ok
19
:54:28.0619 2976    MBR (0x1B8)     (66d0b28c8b44e531d0c19f436252abaa) \Device\Harddisk1\DR1
19
:54:28.0634 2976    \Device\Harddisk1\DR1 ok
19
:54:28.0666 2976    Boot (0x1200)   (fe72c6848d12da35ef8986ad0456aa56) \Device\Harddisk0\DR0\Partition0
19
:54:28.0666 2976    \Device\Harddisk0\DR0\Partition0 ok
19
:54:28.0681 2976    Boot (0x1200)   (b8afc6f557557c1a23ff39a6a27ed448) \Device\Harddisk0\DR0\Partition1
19
:54:28.0681 2976    \Device\Harddisk0\DR0\Partition1 ok
19
:54:28.0712 2976    Boot (0x1200)   (44177d8621141e653d70c109427a10d8) \Device\Harddisk0\DR0\Partition2
19
:54:28.0728 2976    \Device\Harddisk0\DR0\Partition2 ok
19
:54:28.0744 2976    Boot (0x1200)   (d7bbbfd2c83cdb6b640ac40c5c6fcb0c) \Device\Harddisk0\DR0\Partition3
19
:54:28.0744 2976    \Device\Harddisk0\DR0\Partition3 ok
19
:54:28.0759 2976    Boot (0x1200)   (0386d5e53374f92f7b188cfbf6e5b036) \Device\Harddisk1\DR1\Partition0
19
:54:28.0759 2976    \Device\Harddisk1\DR1\Partition0 ok
19
:54:28.0759 2976    ============================================================
19:54:28.0759 2976    Scan finished
19
:54:28.0759 2976    ============================================================
19:54:28.0915 2296    Detected object count0
19
:54:28.0931 2296    Actual detected object count
OSAM:
OSAM Logfile:
Code:
ATTFilter
Report of OSAM: Autorun Manager v5.0.11926.0
hxxp://www.online-solutions.ru/en/
Saved at 21:13:25 on 24.01.2012

OS: Windows 7 Starter Edition (Build 7600), 32-bit
Default Browser: Mozilla Corporation Firefox 6.0

Scanner Settings
[x] Rootkits detection (hidden registry)
[x] Rootkits detection (hidden files)
[x] Retrieve files information
[x] Check Microsoft signatures

Filters
[ ] Trusted entries
[ ] Empty entries
[x] Hidden registry entries (rootkit activity)
[x] Exclusively opened files
[x] Not found files
[x] Files without detailed information
[x] Existing files
[ ] Non-startable services
[ ] Non-startable drivers
[x] Active entries
[x] Disabled entries


[Common]
-----( %SystemRoot%\Tasks )-----
"GoogleUpdateTaskMachineCore.job" - "Google Inc." - C:\Program Files\Google\Update\GoogleUpdate.exe
"GoogleUpdateTaskMachineUA.job" - "Google Inc." - C:\Program Files\Google\Update\GoogleUpdate.exe

[Control Panel Objects]
-----( %SystemRoot%\system32 )-----
"FlashPlayerCPLApp.cpl" - "Adobe Systems Incorporated" - C:\Windows\system32\FlashPlayerCPLApp.cpl
"QuickWebConfTool.cpl" - "DeviceVM, Inc." - C:\Windows\system32\QuickWebConfTool.cpl

[Drivers]
-----( HKLM\SYSTEM\CurrentControlSet\Services )-----
"avgntflt" (avgntflt) - "Avira GmbH" - C:\Windows\System32\DRIVERS\avgntflt.sys
"avipbb" (avipbb) - "Avira GmbH" - C:\Windows\System32\DRIVERS\avipbb.sys
"DVMIO" (DVMIO) - "DeviceVM, Inc." - C:\SPLASH.SYS\config\dvmio.sys
"ssmdrv" (ssmdrv) - "Avira GmbH" - C:\Windows\System32\DRIVERS\ssmdrv.sys

[Explorer]
-----( HKLM\Software\Classes\Folder\shellex\ColumnHandlers )-----
{F9DB5320-233E-11D1-9F84-707F02C10627} "PDF Shell Extension" - "Adobe Systems, Inc." - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll
{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396} "{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}" - ? - C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll
-----( HKLM\Software\Classes\Protocols\Filter )-----
{807563E5-5146-11D5-A672-00B0D022E945} "Microsoft Office InfoPath XML Mime Filter" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
-----( HKLM\Software\Classes\Protocols\Handler )-----
{314111c7-a502-11d2-bbca-00c04f8ec294} "HxProtocol Class" - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
{828030A1-22C1-4009-854F-8E305202313F} "livecall" - "Microsoft Corporation" - C:\PROGRA~1\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL
{0A9007C0-4076-11D3-8789-0000F8105754} "Microsoft Infotech Storage Protocol for IE 4.0" - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll
{828030A1-22C1-4009-854F-8E305202313F} "msnim" - "Microsoft Corporation" - C:\PROGRA~1\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL
{91774881-D725-4E58-B298-07617B9B86A8} "Skype IE add-on Pluggable Protocol" - "Skype Technologies S.A." - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
{03C514A3-1EFB-4856-9F99-10D7BE1653C0} "Windows Live Mail HTML Asynchronous Pluggable Protocol Handler" - "Microsoft Corporation" - C:\Program Files\Windows Live\Mail\mailcomm.dll
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )-----
{23170F69-40C1-278A-1000-000100020000} "7-Zip Shell Extension" - "Igor Pavlov" - C:\Program Files\7-Zip\7-zip.dll
{0563DB41-F538-4B37-A92D-4659049B7766} "CLSID_WLMCMimeFilter" - "Microsoft Corporation" - C:\Program Files\Windows Live\Mail\mailcomm.dll
{42042206-2D85-11D3-8CFF-005004838597} "Microsoft Office HTML Icon Handler" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\msohevi.dll
{993BE281-6695-4BA5-8A2A-7AACBFAAB69E} "Microsoft Office Metadata Handler" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll
{5858A72C-C2B4-4dd7-B2BF-B76DB1BD9F6C} "Microsoft Office OneNote Namespace Extension for Windows Desktop Search" - "Microsoft Corporation" - C:\PROGRA~1\MIF5BA~1\Office12\ONFILTER.DLL
{C41662BB-1FA0-4CE0-8DC5-9B7F8279FF97} "Microsoft Office Thumbnail Handler" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll
{5FCD4425-CA3A-48F4-A57C-B8A75C32ACB1} "NSE_WithSubFld" - ? - C:\Program Files\Hewlett-Packard\Recovery\Protect.dll
{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396} "OpenOffice.org Column Handler" - ? - C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll
{087B3AE3-E237-4467-B8DB-5A38AB959AC9} "OpenOffice.org Infotip Handler" - ? - C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll
{63542C48-9552-494A-84F7-73AA6A7C99C1} "OpenOffice.org Property Sheet Handler" - ? - C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll
{3B092F0C-7696-40E3-A80F-68D74DA84210} "OpenOffice.org Thumbnail Viewer" - ? - C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll
{45AC2688-0253-4ED8-97DE-B5370FA7D48A} "Shell Extension for Malware scanning" - "Avira GmbH" - C:\Program Files\Avira\AntiVir Desktop\shlext.dll
{2BE99FD4-A181-4996-BFA9-58C5FFD11F6C} "Windows Live Photo Gallery Autoplay Drop Target" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\WLXPhotoGallery.exe
{00F30F64-AC33-42F5-8FD1-5DC2D3FDE06C} "Windows Live Photo Gallery Editor Drop Target" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\WLXPhotoGallery.exe
{00F3712A-CA79-45B4-9E4D-D7891E7F8B9D} "Windows Live Photo Gallery Editor Shim" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll
{00F30F90-3E96-453B-AFCD-D71989ECC2C7} "Windows Live Photo Gallery Viewer Autoplay Shim" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll
{00F33137-EE26-412F-8D71-F84E4C2C6625} "Windows Live Photo Gallery Viewer Autoplay Shim" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll
{00F374B7-B390-4884-B372-2FC349F2172B} "Windows Live Photo Gallery Viewer Drop Target" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\WLXPhotoGallery.exe
{00F346CB-35A4-465B-8B8F-65A29DBAB1F6} "Windows Live Photo Gallery Viewer Shim" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll
{622AFE52-33F6-4D9F-9966-E0BC52D7D69D} "Zecter" - "Versionate Inc." - C:\Program Files\Hewlett-Packard\HP CloudDrive\ShellExt.dll
{855156F0-2A0F-11DE-8C30-0800200C9A66} "Zecter" - "Versionate Inc." - C:\Program Files\Hewlett-Packard\HP CloudDrive\ShellExt.dll
{B3C78E40-6B64-47C3-AE34-60B770881EB8} "Zecter" - "Versionate Inc." - C:\Program Files\Hewlett-Packard\HP CloudDrive\ShellExt.dll
{D25B32FE-CB96-491A-98FF-AD59DA382D69} "Zecter" - "Versionate Inc." - C:\Program Files\Hewlett-Packard\HP CloudDrive\ShellExt.dll
{E032716F-2E0A-4CCB-9FEB-BF2090B035DF} "Zecter" - "Versionate Inc." - C:\Program Files\Hewlett-Packard\HP CloudDrive\ShellExt.dll
{EB24CA6D-F315-4A81-AC1A-C79CFD77F3F5} "Zecter" - "Versionate Inc." - C:\Program Files\Hewlett-Packard\HP CloudDrive\ShellExt.dll
{06A2568A-CED6-4187-BB20-400B8C02BE5A} "{06A2568A-CED6-4187-BB20-400B8C02BE5A}" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\WLXPhotoAcquireWizard.exe
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad )-----
{E6FB5E20-DE35-11CF-9C87-00AA005127ED} "WebCheck" - ? -   (File not found | COM-object registry key not found)

[Internet Explorer]
-----( HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser )-----
<binary data> "Auslogics Toolbar" - "Ask" - C:\Program Files\Ask.com\GenericAskToolbar.dll
ITBar7Height "ITBar7Height" - ? -   (File not found | COM-object registry key not found)
<binary data> "ITBar7Layout" - ? -   (File not found | COM-object registry key not found)
<binary data> "{21FA44EF-376D-4D53-9B0F-8A89D3229068}" - ? -   (File not found | COM-object registry key not found)
-----( HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks )-----
{00000000-6E41-4FD3-8538-502F5495E5FC} "UrlSearchHook Class" - "Ask" - C:\Program Files\Ask.com\GenericAskToolbar.dll
-----( HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units )-----
{8AD9C840-044E-11D1-B3E9-00805F499D93} "Java Plug-in 1.6.0_29" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} "Java Plug-in 1.6.0_29" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} "Java Plug-in 1.6.0_29" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\npjpi160_29.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
{C345E174-3E87-4F41-A01C-B066A90A49B4} "WRC Class" - "Microsoft Corporation" - C:\Windows\Downloaded Program Files\wrc32.ocx / hxxp://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework/microsoft/wrc32.ocx
-----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions )-----
{48E73304-E1D6-4330-914C-F5F514E3486C} "An OneNote senden" - "Microsoft Corporation" - C:\PROGRA~1\MIF5BA~1\Office12\ONBttnIE.dll
{5F7B1267-94A9-47F5-98DB-E99415F33AEC} "In Blog veröffentlichen" - "Microsoft Corporation" - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
{FF059E31-CC5A-4E2E-BF3B-96E929D65503} "Research" - "Microsoft Corporation" - C:\PROGRA~1\MIF5BA~1\Office12\REFIEBAR.DLL
{898EA8C8-E7FF-479B-8935-AEC46303B9E5} "Skype Plug-In" - "Skype Technologies S.A." - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
-----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar )-----
<binary data> "Auslogics Toolbar" - "Ask" - C:\Program Files\Ask.com\GenericAskToolbar.dll
{8dcb7100-df86-4384-8842-8fa844297b3f} "Bing Bar" - "Microsoft Corporation." - C:\Program Files\Microsoft\BingBar\BingExt.dll
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects )-----
{18DF081C-E8AD-4283-A596-FA578C2EBDC3} "Adobe PDF Link Helper" - "Adobe Systems Incorporated" - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
{D4027C7F-154A-4066-A1AD-4243D8127440} "Auslogics Toolbar" - "Ask" - C:\Program Files\Ask.com\GenericAskToolbar.dll
{d2ce3e00-f94a-4740-988e-03dc2f38c34f} "Bing Bar Helper" - "Microsoft Corporation." - C:\Program Files\Microsoft\BingBar\BingExt.dll
{DBC80044-A445-435b-BC74-9C25C1C588A9} "Java(tm) Plug-In 2 SSV Helper" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2ssv.dll
{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} "Skype Plug-In" - "Skype Technologies S.A." - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
{D381FF29-7CFB-4D4E-B92A-C4EDDC696614} "Windows 7 Starter Helper" - "Oceanis" - C:\Program Files\Oceanis\SystemSetting\StarterHelper.dll
{9030D464-4C02-4ABF-8ECC-5164760863C6} "Windows Live Anmelde-Hilfsprogramm" - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
{5C255C8A-E604-49b4-9D64-90988571CECB} "{5C255C8A-E604-49b4-9D64-90988571CECB}" - ? -   (File not found | COM-object registry key not found)

[Logon]
-----( %APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup )-----
"desktop.ini" - ? - C:\Users\Mareike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
-----( %AllUsersProfile%\Microsoft\Windows\Start Menu\Programs\Startup )-----
"desktop.ini" - ? - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
-----( HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon )-----
"Shell" - ? - C:\Program  (File not found)
"Shell" - ? - Files\Oceanis\SystemSetting\WallPaperAgent.exe  (File not found)
-----( HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server\Wds\rdpwd )-----
"StartupPrograms" - ? - rdpclip  (File not found)
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Run )-----
"Adobe ARM" - "Adobe Systems Incorporated" - "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"avgnt" - "Avira GmbH" - "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
"HP" - "Hewlett-Packard" - C:\Program Files\Hewlett-Packard\HP QuickSync\QuickSync.exe
"HP Software Update" - "Hewlett-Packard" - C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
"IAAnotif" - "Intel Corporation" - C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
"QlbCtrl.exe" - " Hewlett-Packard Development Company, L.P." - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
"SunJavaUpdateSched" - "Sun Microsystems, Inc." - "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
"WirelessAssistant" - "Hewlett-Packard" - C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe

[Print Monitors]
-----( HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors )-----
"Send To Microsoft OneNote Monitor" - "Microsoft Corporation" - C:\Windows\system32\msonpmon.dll

[Services]
-----( HKLM\SYSTEM\CurrentControlSet\Services )-----
"Adobe Acrobat Update Service" (AdobeARMservice) - "Adobe Systems Incorporated" - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
"ArcSoft Connect Daemon" (ACDaemon) - "ArcSoft Inc." - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
"Avira AntiVir Guard" (AntiVirService) - "Avira GmbH" - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
"Avira AntiVir Planer" (AntiVirSchedulerService) - "Avira GmbH" - C:\Program Files\Avira\AntiVir Desktop\sched.exe
"BBUpdate" (BBUpdate) - "Microsoft Corporation" - C:\Program Files\Microsoft\BingBar\SeaPort.EXE
"Bing Bar Update Service" (BBSvc) - "Microsoft Corporation." - C:\Program Files\Microsoft\BingBar\BBSvc.EXE
"Com4QLBEx" (Com4QLBEx) - "Hewlett-Packard Development Company, L.P." - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
"DeviceVM Meta Data Export Service" (DvmMDES) - "DeviceVM, Inc." - C:\SPLASH.SYS\config\DVMExportService.exe
"GameConsoleService" (GameConsoleService) - "WildTangent, Inc." - C:\Program Files\HP Games\HP Game Console\GameConsoleService.exe
"Google Update Service (gupdate)" (gupdate) - "Google Inc." - C:\Program Files\Google\Update\GoogleUpdate.exe
"Google Update-Dienst (gupdatem)" (gupdatem) - "Google Inc." - C:\Program Files\Google\Update\GoogleUpdate.exe
"HP Health Check Service" (HP Health Check Service) - "Hewlett-Packard Company" - C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
"HP Quick Synchronization Service" (HPDrvMntSvc.exe) - "Hewlett-Packard Company" - C:\Program Files\Hewlett-Packard\Shared\HPDrvMntSvc.exe
"HP Software Framework Service" (hpqwmiex) - "Hewlett-Packard Company" - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
"Intel(R) Matrix Storage Event Monitor" (IAANTMON) - "Intel Corporation" - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
"Microsoft .NET Framework NGEN v4.0.30319_X86" (clr_optimization_v4.0.30319_32) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
"Microsoft Office Diagnostics Service" (odserv) - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
"Office Source Engine" (ose) - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE

===[ Logfile end ]=========================================[ Logfile end ]===
         
--- --- ---

If You have questions or want to get some help, You can visit hxxp://forum.online-solutions.ru[/PHP]

Malwarebytes 1:
PHP-Code:
Malwarebytes Anti-Malware (Test1.60.0.1800
www
.malwarebytes.org

Datenbank Version
v2012.01.25.06

Windows 7 x86 NTFS
Internet Explorer 8.0.7600.16385
Mareike 
:: MAREIKES [Administrator]

SchutzAktiviert

25.01.2012 23
:16:10
mbam
-log-2012-01-25 (23-16-10).txt

Art des Suchlaufs
Vollständiger Suchlauf
Aktivierte Suchlaufeinstellungen
Speicher Autostart Registrierung Dateisystem Heuristiks/Extra HeuristiKs/Shuriken PUP PUM
Deaktivierte Suchlaufeinstellungen
P2P
Durchsuchte Objekte
331724
Laufzeit
10 Stunde(n), 16 Minute(n), 52 Sekunde(n)

Infizierte Speicherprozesse0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien0
(Keine bösartigen Objekte gefunden)

(
Ende

Alt 06.02.2012, 11:40   #7
carsten87
 
Netbook seeehr langsam, Windows-Update funktioniert nicht - Standard

Netbook seeehr langsam, Windows-Update funktioniert nicht



....Teil 2:


Malwarebytes 2:
PHP-Code:
Malwarebytes Anti-Malware (Test1.60.1.1000
www
.malwarebytes.org

Datenbank Version
v2012.01.31.08

Windows 7 x86 NTFS
Internet Explorer 8.0.7600.16385
Mareike 
:: MAREIKES [Administrator]

SchutzDeaktiviert

31.01.2012 19
:57:10
mbam
-log-2012-01-31 (19-57-10).txt

Art des Suchlaufs
Vollständiger Suchlauf
Aktivierte Suchlaufeinstellungen
Speicher Autostart Registrierung Dateisystem Heuristiks/Extra HeuristiKs/Shuriken PUP PUM
Deaktivierte Suchlaufeinstellungen
P2P
Durchsuchte Objekte
333145
Laufzeit
19 Stunde(n), 15 Minute(n), 2 Sekunde(n)

Infizierte Speicherprozesse0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien0
(Keine bösartigen Objekte gefunden)

(
Ende
SUPERAntiSpyware 1:
PHP-Code:
SUPERAntiSpyware Scan Log
hxxp
://www.superantispyware.com

Generated 01/25/2012 at 05:33 AM

Application Version 
5.0.1142

Core Rules Database Version 
8162
Trace Rules Database Version
5974

Scan type       
Complete Scan
Total Scan Time 
07:30:15

Operating System Information
Windows 7 Starter 32
-bit (Build 6.01.7600)
UAC On Administrator

Memory items scanned      
656
Memory threats detected   
0
Registry items scanned    
23089
Registry threats detected 
1
File items scanned        
67799
File threats detected     
378

Malware
.Trace
    HKU
\S-1-5-21-2905822381-1113161902-4094295846-1000\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON#SHELL

Adware.Tracking Cookie
    C
:\Users\Mareike\AppData\Roaming\Microsoft\Windows\Cookies\mareike@adx.chip[1].txt [ /adx.chip ]
    
C:\Users\Mareike\AppData\Roaming\Microsoft\Windows\Cookies\mareike@doubleclick[2].txt [ /doubleclick ]
    
C:\Users\Mareike\AppData\Roaming\Microsoft\Windows\Cookies\PJ157R5Q.txt [ /c.atdmt.com ]
    
C:\Users\Mareike\AppData\Roaming\Microsoft\Windows\Cookies\TL1TJZFR.txt [ /smartadserver.com ]
    
C:\Users\Mareike\AppData\Roaming\Microsoft\Windows\Cookies\EPDBAC3W.txt [ /atdmt.com ]
    
C:\Users\Mareike\AppData\Roaming\Microsoft\Windows\Cookies\AR6O47G3.txt [ /mediaplex.com ]
    
C:\Users\Mareike\AppData\Roaming\Microsoft\Windows\Cookies\454ALUZU.txt [ /apmebf.com ]
    
C:\USERS\MAREIKE\AppData\Roaming\Microsoft\Windows\Cookies\Low\mareike@doubleclick[2].txt Cookie:mareike@doubleclick.net/ ]
    
C:\USERS\MAREIKE\AppData\Roaming\Microsoft\Windows\Cookies\Low\mareike@studivz.adfarm1.adition[2].txt Cookie:mareike@studivz.adfarm1.adition.com/ ]
    
C:\USERS\MAREIKE\Cookies\mareike@doubleclick[2].txt Cookie:mareike@doubleclick.net/ ]
    
C:\USERS\MAREIKE\Cookies\TL1TJZFR.txt Cookie:mareike@smartadserver.com/ ]
    
C:\USERS\MAREIKE\Cookies\mareike@adx.chip[1].txt Cookie:mareike@adx.chip.de/ ]
    
C:\USERS\MAREIKE\Cookies\454ALUZU.txt Cookie:mareike@apmebf.com/ ]
    .
doubleclick.net C:\PROGRAMDATA\MOZILLA\FIREFOX\PROFILES\OB752NPI.DEFAULT\COOKIES.SQLITE ]
    .
countomat.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    
adserver2.clipkit.de C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
overture.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    
adsrv1.admediate.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    
stats.o2more.de C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
adviva.net C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
im.banner.t-online.de C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
sexvideoshub.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    
eas.apm.emediate.eu C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    
eas.apm.emediate.eu C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    
eas4.emediate.eu C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    
eas.apm.emediate.eu C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
indoormedia.co.uk C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
sexgeschichten.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    
www.etracker.de C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
kontera.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
traffictrack.de C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
invitemedia.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
apmebf.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
apmebf.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    
zbox.zanox.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    
adserv-new.20six.net C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
pornhub.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
pornhub.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
statcounter.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
statcounter.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    
gotacha.rotator.hadj7.adjuggler.net C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    
gotacha.rotator.hadj7.adjuggler.net C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
porntubemate.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    
adserver.ep-solutions.org C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
questionmarket.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
questionmarket.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
mediaplex.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
mediaplex.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    
tracking.gameforge.de C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    
tracking.gameforge.de C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    
porndad.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    
clicks.maximumspeedfind.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
adinterax.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
adserver.gs C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
zedo.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    
de.sitestat.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    
de.sitestat.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    
adserver.mitfahrzentrale.de C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
ad-emea.doubleclick.net C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
ad.adnet.de C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    
beacons.hottraffic.nl C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
traffichaus.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    
ads.mikinimedia.de C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    
ads.247activemedia.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
mm.chitika.net C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
imrworldwide.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
imrworldwide.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
xiti.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
insightexpressai.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
insightexpressai.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
atdmt.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
adcentriconline.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
revsci.net C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    
www.zanox-affiliate.de C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
adbrite.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
adbrite.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
adbrite.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
advertising.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
femalefirst.co.uk C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    
advertising.superweb.de C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
alphaporno.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
adtech.de C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
yieldmanager.net C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    
tracker.roitesting.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    
erotikcounter.net C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
pornologo.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    
www.pornologo.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    
www.pornologo.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    
www.pornologo.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    
www.pornologo.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    
www.pornologo.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    
www.pornologo.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    
www.pornologo.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    
www.pornologo.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
collective-media.net C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
hardsextube.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
virginmedia.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
media.photobucket.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
adxpose.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    
fl01.ct2.comclick.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    
adserver.fachschriften.de C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
porntube.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
clicksor.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
clicksor.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
clicksor.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
clicksor.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
smartadserver.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
eyewonder.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
mofosex.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
adultadworld.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
adultadworld.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
komtrack.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
komtrack.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
komtrack.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
specificclick.net C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
specificclick.net C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
specificclick.net C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
specificclick.net C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
specificclick.net C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
specificclick.net C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
tracking.quisma.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    
tracking.quisma.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    
tracking.quisma.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
server.cpmstar.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
ads.quartermedia.de C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
hornyandhappy.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    
www.bannerreport.org C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
pornymph.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
a.revenuemax.de C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
revenuemax.de C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
interclick.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
interclick.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
ru4.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
ru4.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
ru4.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
ru4.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
ru4.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
adserver.adtechus.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
partypoker.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    
de.partypoker.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
serving-sys.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
guj.122.2o7.net C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    
.2o7.net C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
msnportal.112.2o7.net C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
sevenoneintermedia.112.2o7.net C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
vodafonegroup.122.2o7.net C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    
.2o7.net C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
audiag.112.2o7.net C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
ice.112.2o7.net C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
giftscom.122.2o7.net C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    
tracking.bmbfcluster.de C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
mediabiz.de C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
mediabiz.de C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
pornjunkies.nl C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
adinterax.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    
in.getclicky.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    
fl01.ct2.comclick.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    
fl01.ct2.comclick.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
at.atwola.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
tacoda.at.atwola.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
tacoda.at.atwola.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
at.atwola.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
invitemedia.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
invitemedia.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
invitemedia.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
invitemedia.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
invitemedia.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
insightexpressai.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
insightexpressai.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
tns-counter.ru C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
yadro.ru C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
rainbowmedia.122.2o7.net C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
ads.pointroll.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
pointroll.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
ads.pointroll.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
pointroll.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
ads.pointroll.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
ads.pointroll.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
ads.pointroll.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
ads.pointroll.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
ads.pointroll.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
ads.pointroll.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
invitemedia.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    
fr.sitestat.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    
fr.sitestat.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
libri.112.2o7.net C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
zieltrack.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    
.2o7.net C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
stepstone.112.2o7.net C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    
ads1.moonchildmedia.de C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    
e2.emediate.se C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
doubleclick.net C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
getclicky.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .static.
getclicky.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
nextag.de C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
nextag.de C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
atdmt.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
atdmt.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    
ads.crakmedia.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
secmedia.de C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
casalemedia.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
casalemedia.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    
.3pagen.112.2o7.net C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    
tracking.quisma.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    
ad.adition.net C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    
ad.adition.net C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
ad.adnet.de C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
freeporn.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
freeporn.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
track.gridlockparadise.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
track.gridlockparadise.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    
www.dirtyxxxtube.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
dirtyxxxtube.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
dirtyxxxtube.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
homemadesextube.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
homemadesextube.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
overture.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
eyewonder.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
revsci.net C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
revsci.net C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
revsci.net C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
fastclick.net C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
hansenet.122.2o7.net C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
advertising.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
de.at.atwola.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
advertising.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
advertising.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
fastclick.net C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    
tracking.klicktel.de C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    
tracking.klicktel.de C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    
eas.apm.emediate.eu C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
hardsextube.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
hardsextube.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    
adserver.hardsextube.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    
s08.flagcounter.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
mediabrandsww.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    
ads1.jurawelt.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
adultfriendfinder.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
adultfriendfinder.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
pornbanana.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
pornbanana.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
adxpansion.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
trafficmp.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
estat.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
de.partypoker.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
de.partypoker.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
de.partypoker.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
paypal.112.2o7.net C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    
www.track306.info C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    
www.track306.info C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    
www.track306.info C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    
www.track306.info C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    
www.track306.info C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    
www.track306.info C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    
www.track306.info C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    
adx.chip.de C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    
www.mediamarkt.de C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
mediamarkt.de C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
bs.serving-sys.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
trafficmp.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
trafficmp.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    
auslieferung.commindo-media-ressourcen.de C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
ads.quartermedia.de C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
ads.quartermedia.de C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
ads.quartermedia.de C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
ads.quartermedia.de C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    
ad.adserver01.de C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
ads.quartermedia.de C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    
ad.zanox.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
revsci.net C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
revsci.net C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
revsci.net C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
apmebf.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
tradedoubler.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    
adserver.mvg-werbung.de C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    
.2o7.net C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    
statse.webtrendslive.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
webmasterplan.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    
adserver1.mokono.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
insightexpressai.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
insightexpressai.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
insightexpressai.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
insightexpressai.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
ad.adnet.de C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
ad.adnet.de C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
partypoker.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
partypoker.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
azjmp.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
mediaplex.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    
.2o7.net C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
fastclick.net C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
tradedoubler.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    
ad.yieldmanager.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
statcounter.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    
adfarm1.adition.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
adviva.net C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    
ad1.adfarm1.adition.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
serving-sys.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
microsoftsto.112.2o7.net C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
serving-sys.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
bs.serving-sys.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    
dc.tremormedia.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
amazon-adsystem.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
amazon-adsystem.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    
track.effiliation.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    
track.effiliation.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
adfarm1.adition.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
adfarm1.adition.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
tracking.quisma.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    
ad.yieldmanager.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    
ad.yieldmanager.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
adfarm1.adition.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
adfarm1.adition.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
atdmt.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
media6degrees.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
media6degrees.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
media6degrees.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
media6degrees.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
adfarm1.adition.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
adfarm1.adition.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
webmasterplan.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
adfarm1.adition.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
adfarm1.adition.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
lucidmedia.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    
ad.yieldmanager.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
tradedoubler.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
tradedoubler.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
invitemedia.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    
ad4.adfarm1.adition.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
adfarm1.adition.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
adfarm1.adition.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
webmasterplan.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
adfarm1.adition.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    
track.adform.net C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
adbrite.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
zedo.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
zedo.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
zedo.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
zedo.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
zanox-affiliate.de C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    
tracking.mlsat02.de C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
ru4.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    
www.googleadservices.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
mediaplex.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
adfarm1.adition.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
smartadserver.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
smartadserver.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
smartadserver.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    
ad.zanox.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
zanox.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
adfarm1.adition.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
adfarm1.adition.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    
studivz.adfarm1.adition.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    
studivz.adfarm1.adition.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
serving-sys.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
serving-sys.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
webmasterplan.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
webmasterplan.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
tradedoubler.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
tradedoubler.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
traffictrack.de C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    
ad.yieldmanager.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    
ad.yieldmanager.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    
ad.yieldmanager.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    
ad.yieldmanager.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
adfarm1.adition.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    
ad3.adfarm1.adition.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    
track.adform.net C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
adform.net C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
adfarm1.adition.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    
ad2.adfarm1.adition.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
adfarm1.adition.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
smartadserver.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
smartadserver.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
smartadserver.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    
ww251.smartadserver.com C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
eset.122.2o7.net C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE ]
    .
doubleclick.net C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\COOKIES.SQLITE 
SUPERAntiSpyware 2:
PHP-Code:
SUPERAntiSpyware Scann-Protokoll
hxxp
://www.superantispyware.com

Generiert 01/27/2012 bei 00:09 AM

Version der Applikation 
5.0.1142

Version der Kern
-Datenbank 8169
Version der Spur
-Datenbank 5981

Scan Art       
kompletter Scann
Totale Scann
-Zeit 05:04:36

Operating System Information
Windows 7 Starter 32
-bit (Build 6.01.7600)
UAC On Limited User

Gescannte Speicherelemente  
598
Erfasste Speicher
-Bedrohungen  0
Gescannte Register
-Elemente  23024
Erfasste Register
-Bedrohungen  0
Gescannte Datei
-Elemente     66952
Erfasste Datei
-Elemente   

2.
Hab die Programme deinstalliert. Außer "Auslogics Toolbar Updater Ask.com 23.01.2012 1.2.0.20007". Da fehlten immer die Admin-Rechte, obwohl ich als Admin angemeldet bin.


3.
Hier der neue Scan mit OTL:
OTL EXTRAS Logfile:
Code:
ATTFilter
OTL Extras logfile created on: 05.02.2012 23:10:57 - Run 1
OTL by OldTimer - Version 3.2.31.0     Folder = C:\Users\Mareike\Downloads
 Starter Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
987,48 Mb Total Physical Memory | 182,91 Mb Available Physical Memory | 18,52% Memory free
1,96 Gb Paging File | 0,95 Gb Available in Paging File | 48,61% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 220,97 Gb Total Space | 193,49 Gb Free Space | 87,57% Space Free | Partition Type: NTFS
Drive D: | 11,62 Gb Total Space | 1,94 Gb Free Space | 16,68% Space Free | Partition Type: NTFS
Drive E: | 99,18 Mb Total Space | 95,09 Mb Free Space | 95,88% Space Free | Partition Type: FAT32
 
Computer Name: MAREIKES | User Name: Mareike | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
http [open] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MIF5BA~1\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements
"{1061DF04-CF33-40B0-8360-D07C9BBEB122}" = HP Wireless Assistant
"{17B4760F-334B-475D-829F-1A3E94A6A4E6}" = HP Setup
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{21FFAF37-E51A-41AB-8749-ACD1F9CF8E37}" = HP QuickWeb
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{254C37AA-6B72-4300-84F6-98A82419187E}" = ActiveCheck component for HP Active Support Library
"{26A24AE4-039D-4CA4-87B4-2F83217002FF}" = Java(TM) 7 Update 2
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{2BA722D1-48D1-406E-9123-8AE5431D63EF}" = Windows Live Fotogalerie
"{32364CEA-7855-4A3C-B674-53D8E9B97936}" = TuneUp Utilities 2012
"{34985F59-8F6F-46F4-9AD5-53E2714294D2}" = ArcSoft WebCam Companion 3
"{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons
"{3877C901-7B90-4727-A639-B6ED2DD59D43}" = ESU for Microsoft Windows 7
"{39D0E034-1042-4905-BECB-5502909FCB7C}" = Microsoft Works
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{41E654A9-26D0-4EAC-854B-0FA824FFFABB}" = Windows Live Messenger
"{4414C431-245A-4AF7-8FE0-3ED2333FD8D2}" = HP MediaStream
"{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}" = Recovery Manager
"{491ADA37-04EE-2ECE-9F86-DDC0106047AC}" = Times Reader
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4B7057D5-6D5D-4088-8217-48EA20C44373}" = HP User Guides 0169
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{5FC68772-6D56-41C6-9DF1-24E868198AE6}" = Windows Live Call
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = HPAsset component for HP Active Support Library
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{76618402-179D-4699-A66B-D351C59436BC}" = Windows Live Sync
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver For Windows Vista and Later
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8D1E61D1-1395-4E97-997F-D002DB3A5074}" = OpenOffice.org 3.2
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_HOMESTUDENTR_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_HOMESTUDENTR_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel(R) Matrix Storage Manager
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.5
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.2) - Deutsch
"{AD72CFB4-C2BF-424E-9DF0-C7BAD1F30A11}" = Adobe Shockwave Player
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail
"{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}" = Skype Toolbars
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{CE026CFE-73FE-4FED-9D5F-2C8D4DB512B0}" = TuneUp Utilities Language Pack (de-DE)
"{D46D081B-F60E-467E-A7C4-117B70D76731}" = HP Update
"{E0A4805D-280A-4DD7-9E74-3A5F85E302A1}" = Windows Live Writer
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{E92D47A1-D27D-430A-8368-0BAFD956507D}" = HP Support Assistant
"{EEA95E6C-6847-49BE-83C9-ED92D8E18983}" = HP QuickSync
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F1D7AC58-554A-4A58-B784-B61558B1449A}" = QLBCASL
"{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}" = Windows Live Essentials
"7-Zip" = 7-Zip 9.20
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"Broadcom 802.11 Wireless LAN Adapter" = Broadcom 802.11 Wireless LAN Adapter
"CCleaner" = CCleaner
"Diablo II" = Diablo II
"ESET Online Scanner" = ESET Online Scanner v3
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.60.1.1000
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Mozilla Firefox 10.0 (x86 de)" = Mozilla Firefox 10.0 (x86 de)
"Oceanis Change Background Windows 7_is1" = Oceanis Change Background Windows 7
"SecureW2 EAP Suite" = SecureW2 EAP Suite 1.1.3 for Windows
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"TuneUp Utilities 2012" = TuneUp Utilities 2012
"WildTangent hp Master Uninstall" = HP Games
"WinLiveSuite_Wave3" = Windows Live Essentials
"ZumoDrive" = HP CloudDrive
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{79A765E1-C399-405B-85AF-466F52E918B0}" = Auslogics Toolbar Updater
"Diablo II" = Diablo II
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 11.01.2012 11:03:24 | Computer Name = Mareikes | Source = WinMgmt | ID = 10
Description = 
 
Error - 15.01.2012 01:54:24 | Computer Name = Mareikes | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files\Common
 Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Fehler in Manifest- oder Richtliniendatei
 "C:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll" in Zeile 3.
Der
 Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" des "version"-Attributs
 im assemblyIdentity-Element ist ungültig.
 
Error - 24.01.2012 14:48:11 | Computer Name = Mareikes | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: tdsskiller.exe, Version: 2.7.6.0,
 Zeitstempel: 0x4f17ddc0  Name des fehlerhaften Moduls: tdsskiller.exe, Version: 2.7.6.0,
 Zeitstempel: 0x4f17ddc0  Ausnahmecode: 0xc0000005  Fehleroffset: 0x00033d28  ID des fehlerhaften
 Prozesses: 0x17c  Startzeit der fehlerhaften Anwendung: 0x01ccdac8779417cc  Pfad der
 fehlerhaften Anwendung: G:\Trojaner-Behebung\tdsskiller.exe  Pfad des fehlerhaften
 Moduls: G:\Trojaner-Behebung\tdsskiller.exe  Berichtskennung: f677c5ac-46bb-11e1-a06e-e620906ea152
 
Error - 25.01.2012 16:45:07 | Computer Name = Mareikes | Source = MsiInstaller | ID = 10005
Description = 
 
Error - 25.01.2012 16:45:27 | Computer Name = Mareikes | Source = MsiInstaller | ID = 10005
Description = 
 
Error - 25.01.2012 17:00:49 | Computer Name = Mareikes | Source = MsiInstaller | ID = 10005
Description = 
 
Error - 25.01.2012 17:11:14 | Computer Name = Mareikes | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: iexplore.exe, Version: 8.0.7600.16912,
 Zeitstempel: 0x4eb4a5ea  Name des fehlerhaften Moduls: mshtml.dll, Version: 8.0.7600.16912,
 Zeitstempel: 0x4eb4bb58  Ausnahmecode: 0xc0000005  Fehleroffset: 0x001bb05f  ID des fehlerhaften
 Prozesses: 0xbac  Startzeit der fehlerhaften Anwendung: 0x01ccdba345f66718  Pfad der
 fehlerhaften Anwendung: C:\Program Files\Internet Explorer\iexplore.exe  Pfad des
 fehlerhaften Moduls: C:\Windows\System32\mshtml.dll  Berichtskennung: 1cdaa147-4799-11e1-a001-ef2e918d304e
 
Error - 31.01.2012 08:48:05 | Computer Name = Mareikes | Source = System Restore | ID = 8193
Description = 
 
Error - 31.01.2012 12:23:43 | Computer Name = Mareikes | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: OneClick.exe, Version: 12.0.2160.11,
 Zeitstempel: 0x4ee886e5  Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7600.16695,
 Zeitstempel: 0x4cc7ab44  Ausnahmecode: 0xc0000005  Fehleroffset: 0x00051f88  ID des fehlerhaften
 Prozesses: 0xfb8  Startzeit der fehlerhaften Anwendung: 0x01ccdf9a57c9d5e1  Pfad der
 fehlerhaften Anwendung: C:\Program Files\TuneUp Utilities 2012\OneClick.exe  Pfad
 des fehlerhaften Moduls: C:\Windows\SYSTEM32\ntdll.dll  Berichtskennung: f0f8947e-4c27-11e1-a65e-aa5ff17cfd66
 
Error - 31.01.2012 12:56:16 | Computer Name = Mareikes | Source = Application Hang | ID = 1002
Description = Programm firefox.exe, Version 6.0.0.4240 kann nicht mehr unter Windows
 ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
 um nach weiteren Informationen zum Problem zu suchen.    Prozess-ID: b3c    Startzeit: 
01ccdf6f8bfa4376    Endzeit: 1875    Anwendungspfad: C:\Program Files\Mozilla Firefox\firefox.exe

Berichts-ID:
 fc7d41d4-4c2b-11e1-a65e-aa5ff17cfd66  
 
[ Hewlett-Packard Events ]
Error - 11.02.2011 05:02:02 | Computer Name = Mareikes | Source = Hewlett-Packard | ID = 0
Description = de-DE Die Datei "C:\Program Files\Hewlett-Packard\HP Support Framework\Logs\SystemInfoAA.xml"
 konnte nicht gefunden werden. mscorlib    bei System.IO.__Error.WinIOError(Int32 
errorCode, String maybeFullPath)     bei System.IO.FileStream.Init(String path, FileMode
 mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32
 bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath, 
Boolean bFromProxy)     bei System.IO.FileStream..ctor(String path, FileMode mode,
 FileAccess access, FileShare share, Int32 bufferSize, FileOptions options)     bei
 System.IO.StreamReader..ctor(String path, Encoding encoding, Boolean detectEncodingFromByteOrderMarks,
 Int32 bufferSize)     bei System.IO.StreamReader..ctor(String path, Encoding encoding)

   bei System.IO.File.ReadAllText(String path, Encoding encoding)     bei n.a(Object
 A_0, EventArgs A_1) 
 
Error - 11.02.2011 05:22:11 | Computer Name = Mareikes | Source = Hewlett-Packard | ID = 0
Description = de-DE Die Datei "C:\Program Files\Hewlett-Packard\HP Support Framework\Logs\SystemInfoAA.xml"
 konnte nicht gefunden werden. mscorlib    bei System.IO.__Error.WinIOError(Int32 
errorCode, String maybeFullPath)     bei System.IO.FileStream.Init(String path, FileMode
 mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32
 bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath, 
Boolean bFromProxy)     bei System.IO.FileStream..ctor(String path, FileMode mode,
 FileAccess access, FileShare share, Int32 bufferSize, FileOptions options)     bei
 System.IO.StreamReader..ctor(String path, Encoding encoding, Boolean detectEncodingFromByteOrderMarks,
 Int32 bufferSize)     bei System.IO.StreamReader..ctor(String path, Encoding encoding)

   bei System.IO.File.ReadAllText(String path, Encoding encoding)     bei n.a(Object
 A_0, EventArgs A_1) 
 
Error - 11.02.2011 05:22:11 | Computer Name = Mareikes | Source = Hewlett-Packard | ID = 0
Description = de-DE Die Datei "C:\Program Files\Hewlett-Packard\HP Support Framework\Logs\SystemInfoAA.xml"
 konnte nicht gefunden werden. mscorlib    bei System.IO.__Error.WinIOError(Int32 
errorCode, String maybeFullPath)     bei System.IO.FileStream.Init(String path, FileMode
 mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32
 bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath, 
Boolean bFromProxy)     bei System.IO.FileStream..ctor(String path, FileMode mode,
 FileAccess access, FileShare share, Int32 bufferSize, FileOptions options)     bei
 System.IO.StreamReader..ctor(String path, Encoding encoding, Boolean detectEncodingFromByteOrderMarks,
 Int32 bufferSize)     bei System.IO.StreamReader..ctor(String path, Encoding encoding)

   bei System.IO.File.ReadAllText(String path, Encoding encoding)     bei n.a(Object
 A_0, EventArgs A_1) 
 
Error - 02.04.2011 06:55:13 | Computer Name = Mareikes | Source = Hewlett-Packard | ID = 0
Description = AAProcessExited() C:\ProgramData\Hewlett-Packard\HP Support Framework\Telemetry\041102125508.xml
 File not created by asset agent
 
Error - 13.04.2011 14:05:38 | Computer Name = Mareikes | Source = Hewlett-Packard | ID = 0
Description = AAProcessExited() C:\ProgramData\Hewlett-Packard\HP Support Framework\Telemetry\041113080534.xml
 File not created by asset agent
 
Error - 13.04.2011 14:05:42 | Computer Name = Mareikes | Source = Hewlett-Packard | ID = 0
Description = AAProcessExited() C:\ProgramData\Hewlett-Packard\HP Support Framework\Telemetry\041113080539.xml
 File not created by asset agent
 
Error - 20.04.2011 03:40:00 | Computer Name = Mareikes | Source = Hewlett-Packard | ID = 0
Description = AAProcessExited() C:\ProgramData\Hewlett-Packard\HP Support Framework\Telemetry\041120093936.xml
 File not created by asset agent
 
Error - 04.05.2011 04:31:20 | Computer Name = Mareikes | Source = Hewlett-Packard | ID = 0
Description = AAProcessExited() C:\ProgramData\Hewlett-Packard\HP Support Framework\Telemetry\051104103115.xml
 File not created by asset agent
 
Error - 18.05.2011 05:15:48 | Computer Name = Mareikes | Source = Hewlett-Packard | ID = 0
Description = AAProcessExited() C:\ProgramData\Hewlett-Packard\HP Support Framework\Telemetry\051118111545.xml
 File not created by asset agent
 
Error - 01.06.2011 04:46:11 | Computer Name = Mareikes | Source = Hewlett-Packard | ID = 0
Description = AAProcessExited() C:\ProgramData\Hewlett-Packard\HP Support Framework\Telemetry\061101104605.xml
 File not created by asset agent
 
[ System Events ]
Error - 03.02.2012 01:51:12 | Computer Name = Mareikes | Source = DCOM | ID = 10010
Description = 
 
Error - 03.02.2012 02:16:27 | Computer Name = Mareikes | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
   cdrom
 
Error - 03.02.2012 02:19:06 | Computer Name = Mareikes | Source = Service Control Manager | ID = 7000
Description = Der Dienst "MBAMProtector" wurde aufgrund folgenden Fehlers nicht 
gestartet:   %%193
 
Error - 03.02.2012 02:19:06 | Computer Name = Mareikes | Source = Service Control Manager | ID = 7001
Description = Der Dienst "MBAMService" ist vom Dienst "MBAMProtector" abhängig, 
der aufgrund folgenden Fehlers nicht gestartet wurde:   %%193
 
Error - 03.02.2012 02:20:16 | Computer Name = Mareikes | Source = volsnap | ID = 393230
Description = Die Schattenkopien von Volume "C:" wurden aufgrund eines E/A-Fehlers
 auf Volume "C:" abgebrochen.
 
Error - 03.02.2012 02:23:17 | Computer Name = Mareikes | Source = DCOM | ID = 10010
Description = 
 
Error - 03.02.2012 11:16:50 | Computer Name = Mareikes | Source = DCOM | ID = 10010
Description = 
 
Error - 05.02.2012 17:49:41 | Computer Name = Mareikes | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
   cdrom
 
Error - 05.02.2012 17:52:01 | Computer Name = Mareikes | Source = Service Control Manager | ID = 7000
Description = Der Dienst "MBAMProtector" wurde aufgrund folgenden Fehlers nicht 
gestartet:   %%193
 
Error - 05.02.2012 17:52:01 | Computer Name = Mareikes | Source = Service Control Manager | ID = 7001
Description = Der Dienst "MBAMService" ist vom Dienst "MBAMProtector" abhängig, 
der aufgrund folgenden Fehlers nicht gestartet wurde:   %%193
 
 
< End of report >
         
--- --- ---


Gruß,
Carsten

Alt 06.02.2012, 16:49   #8
kira
/// Helfer-Team
 
Netbook seeehr langsam, Windows-Update funktioniert nicht - Standard

Netbook seeehr langsam, Windows-Update funktioniert nicht



Zitat:
Zitat von carsten87 Beitrag anzeigen
2.
Hab die Programme deinstalliert. Außer "Auslogics Toolbar Updater Ask.com 23.01.2012 1.2.0.20007". Da fehlten immer die Admin-Rechte, obwohl ich als Admin angemeldet bin.
versuche entweder im abgesicherten Modus:

1.
Gehe in den abgesicherten Modus:
Drücke beim Hochfahren des rechners [F8] solange, bis du eine auswahlmöglichkeit hast:

- Abgesicherter Modus

oder:

2.
Software mit Revo Uninstaller deinstallieren

Downloade von Revo Group die Freeware-Version des Revo Uninstallers
  • Doppelklick auf die revosetup.exe.
  • Installiere das Tool in den vorgegebenen Pfad.
  • Doppelklick auf das Icon Revo Uninstaller.
  • Doppelklicke nacheinander folgende Software aus der Code-Box:
    Code:
    ATTFilter
             
  • Bestätige die Deinstallation mit Ja.
  • Belasse die Einstellung der Deinstallationsroutine auf Moderat und klicke auf weiter.
  • Das Tool wird nun nach übrig gebliebenen Registry-Einträgen auf dem Rechner suchen. Klicke auf weiter.
  • Klicke auf den Button Markiere alle, klicke auf löschen und weiter und bestätige mit Ja.
  • Zum Schluss sucht das Tool evtl. noch nach übrig geblieben Dateien und Ordnern.
  • Prüfe die Ordner und Dateien und klicke ggfs. auf den Button Markiere alle, klicke auf weiter und bestätige mit Ja.

Starte den Rechner neu.
__________________

Warnung!:
Vorsicht beim Rechnungen per Email mit ZIP-Datei als Anhang! Kann mit einen Verschlüsselungs-Trojaner infiziert sein!
Anhang nicht öffnen, in unserem Forum erst nachfragen!

Sichere regelmäßig deine Daten, auf CD/DVD, USB-Sticks oder externe Festplatten, am besten 2x an verschiedenen Orten!
Bitte diese Warnung weitergeben, wo Du nur kannst!

Alt 07.02.2012, 17:46   #9
carsten87
 
Netbook seeehr langsam, Windows-Update funktioniert nicht - Standard

Netbook seeehr langsam, Windows-Update funktioniert nicht



Hallo,

die Deinstallation mit dem Revo Uninstaller hat geklappt.

Was soll ich als nächstes tun?


Gruß

Alt 07.02.2012, 18:07   #10
kira
/// Helfer-Team
 
Netbook seeehr langsam, Windows-Update funktioniert nicht - Standard

Netbook seeehr langsam, Windows-Update funktioniert nicht



kein PHP-Code bitte, sondern nur "normaltext" mit einem BB-Code Tag eingefügt!

erneut einen Scan mit OTL:
  • Doppelklick auf die OTL.exe
  • Vista und Windows 7 User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen.
  • Oben findest Du ein Kästchen mit Ausgabe.
    Wähle bitte Standard-Ausgabe
  • Unter Extra-Registrierung wähle bitte Benutze SafeList.
  • Mache Häckchen bei LOP- und Purity-Prüfung.
  • Klicke nun auf Scan links oben.
  • Wenn der Scan beendet wurde werden zwei Logfiles erstellt.
    Du findest die Logfiles auf Deinem Desktop => OTL.txt und Extras.txt
  • Poste die Logfiles in Code-Tags hier in den Thread.
__________________

Warnung!:
Vorsicht beim Rechnungen per Email mit ZIP-Datei als Anhang! Kann mit einen Verschlüsselungs-Trojaner infiziert sein!
Anhang nicht öffnen, in unserem Forum erst nachfragen!

Sichere regelmäßig deine Daten, auf CD/DVD, USB-Sticks oder externe Festplatten, am besten 2x an verschiedenen Orten!
Bitte diese Warnung weitergeben, wo Du nur kannst!

Alt 08.02.2012, 18:25   #11
carsten87
 
Netbook seeehr langsam, Windows-Update funktioniert nicht - Standard

Netbook seeehr langsam, Windows-Update funktioniert nicht



Die OTL-Datei habe ich gefunden. Die Extras-Datei nicht.

Hier der Code:
OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 07.02.2012 19:49:45 - Run 2
OTL by OldTimer - Version 3.2.31.0     Folder = C:\Users\Mareike\Downloads
 Starter Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
987,48 Mb Total Physical Memory | 286,70 Mb Available Physical Memory | 29,03% Memory free
1,96 Gb Paging File | 1,10 Gb Available in Paging File | 56,21% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 220,97 Gb Total Space | 193,12 Gb Free Space | 87,40% Space Free | Partition Type: NTFS
Drive D: | 11,62 Gb Total Space | 1,94 Gb Free Space | 16,68% Space Free | Partition Type: NTFS
Drive E: | 99,18 Mb Total Space | 95,09 Mb Free Space | 95,88% Space Free | Partition Type: FAT32
 
Computer Name: MAREIKES | User Name: Mareike | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012.02.05 23:09:57 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Mareike\Downloads\24960-OTL.exe
PRC - [2012.01.03 14:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011.08.12 00:38:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) -- C:\Programme\SUPERAntiSpyware\SASCore.exe
PRC - [2011.07.25 09:26:13 | 000,269,480 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe
PRC - [2011.06.24 05:22:20 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
PRC - [2011.06.17 11:35:37 | 000,581,288 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\update.exe
PRC - [2011.04.21 06:53:10 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avshadow.exe
PRC - [2011.04.21 06:52:51 | 000,136,360 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\sched.exe
PRC - [2011.04.21 06:52:36 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avgnt.exe
PRC - [2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2011.01.25 16:40:22 | 000,092,216 | ---- | M] (Hewlett-Packard Company) -- C:\Programme\Hewlett-Packard\Shared\HPDrvMntSvc.exe
PRC - [2011.01.25 16:38:44 | 000,311,352 | ---- | M] (Hewlett-Packard Development Company L.P.) -- C:\Programme\Hewlett-Packard\Shared\hpCaslNotification.exe
PRC - [2010.11.20 13:17:56 | 001,121,792 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnetwk.exe
PRC - [2010.11.20 13:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2009.10.12 07:51:52 | 000,495,708 | ---- | M] (IDT, Inc.) -- C:\Programme\IDT\WDM\sttray.exe
PRC - [2009.10.12 07:51:52 | 000,221,266 | ---- | M] (IDT, Inc.) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_5576240ee6baaa25\stacsv.exe
PRC - [2009.07.14 03:54:00 | 000,589,104 | ---- | M] (Hewlett-Packard) -- C:\Programme\Hewlett-Packard\HP QuickSync\QuickSync.exe
PRC - [2009.07.14 03:54:00 | 000,135,168 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Hewlett-Packard\HP QuickSync\jre\bin\javaw.exe
PRC - [2009.07.08 19:55:26 | 000,323,584 | -H-- | M] (DeviceVM, Inc.) -- C:\SPLASH.SYS\config\DVMExportService.exe
PRC - [2009.06.04 19:03:32 | 000,186,904 | ---- | M] (Intel Corporation) -- C:\Programme\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2009.06.04 19:03:06 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2009.03.02 06:43:08 | 000,081,920 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_5576240ee6baaa25\AEstSrv.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2012.02.06 03:29:56 | 001,051,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\1049a76b3de293df726d380932215c91\System.Management.ni.dll
MOD - [2012.02.06 03:22:16 | 012,433,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\6e592e424a204aafeadbe22b6b31b9db\System.Windows.Forms.ni.dll
MOD - [2012.02.06 03:21:54 | 001,587,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\3b2cfd85528a27eb71dc41d8067359a1\System.Drawing.ni.dll
MOD - [2012.02.06 03:20:51 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\130ad4d9719e566ca933ac7158a04203\System.Xml.ni.dll
MOD - [2012.02.06 03:20:39 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\2d5bcbeb9475ef62189f605bcca1cec6\System.Configuration.ni.dll
MOD - [2012.02.06 03:20:36 | 007,963,648 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\abab08afa60a6f06bdde0fcc9649c379\System.ni.dll
MOD - [2012.02.06 03:20:11 | 011,490,304 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\a1a82db68b3badc7c27ea1f6579d22c5\mscorlib.ni.dll
MOD - [2010.11.13 00:19:04 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV - [2012.01.13 14:53:18 | 000,652,360 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012.01.03 14:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011.08.12 00:38:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCORE.EXE -- (!SASCORE)
SRV - [2011.07.25 09:26:13 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011.04.21 06:52:51 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2011.01.25 16:40:22 | 000,092,216 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files\Hewlett-Packard\Shared\HPDrvMntSvc.exe -- (HPDrvMntSvc.exe)
SRV - [2009.10.12 07:51:52 | 000,221,266 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_5576240ee6baaa25\stacsv.exe -- (STacSV)
SRV - [2009.07.14 02:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009.07.08 19:55:26 | 000,323,584 | -H-- | M] (DeviceVM, Inc.) [Auto | Running] -- C:\SPLASH.SYS\config\DVMExportService.exe -- (DvmMDES)
SRV - [2009.06.06 01:07:28 | 000,250,616 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files\HP Games\HP Game Console\GameConsoleService.exe -- (GameConsoleService)
SRV - [2009.06.04 19:03:06 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel(R)
SRV - [2009.03.02 06:43:08 | 000,081,920 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_5576240ee6baaa25\AEstSrv.exe -- (AESTFilters)
SRV - [2009.02.06 17:02:14 | 000,109,056 | ---- | M] (ArcSoft Inc.) [On_Demand | Stopped] -- C:\Programme\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
 
 
========== Driver Services (SafeList) ==========
 
DRV - [2011.12.10 15:24:06 | 000,000,000 | ---- | M] () [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2011.07.25 09:26:16 | 000,138,192 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2011.07.25 09:26:16 | 000,066,616 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2011.07.22 17:27:02 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Programme\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2011.07.12 22:55:22 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Programme\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2010.11.20 11:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2009.10.12 07:51:52 | 000,420,864 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA)
DRV - [2009.10.08 16:55:33 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009.09.29 18:25:26 | 000,017,624 | -H-- | M] (DeviceVM, Inc.) [Kernel | System | Running] -- C:\SPLASH.SYS\config\dvmio.sys -- (DVMIO)
DRV - [2009.09.02 02:59:42 | 000,174,592 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV - [2009.07.13 23:02:53 | 000,311,296 | ---- | M] (Marvell) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\yk62x86.sys -- (yukonw7)
DRV - [2009.07.13 23:02:51 | 004,231,168 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\netw5v32.sys -- (netw5v32) Intel(R)
DRV - [2009.07.13 23:02:46 | 001,096,704 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2009.04.29 08:46:54 | 000,015,872 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\system32\DRIVERS\HpqKbFiltr.sys -- (HpqKbFiltr)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = 
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = 
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "www.google.de"
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:5.0.0.6483
FF - prefs.js..extensions.enabledItems: toolbar@ask.com:3.9.1.14019
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..keyword.URL: "hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=ALSV5&o=1665&locale=de_DE&apn_uid=D0A8B27F-A462-47D7-A71F-8766C13F1844&apn_ptnrs=AU&apn_sauid=44F7C7E8-FAB7-4C3F-BF95-3FBF64138B09&apn_dtid=YYYYYYYYDE&q="
FF - prefs.js..network.proxy.type: 0
 
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.02.02 20:42:12 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.02.03 06:46:26 | 000,000,000 | ---D | M]
 
[2010.09.30 12:55:52 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mareike\AppData\Roaming\mozilla\Extensions
[2012.02.02 21:11:02 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mareike\AppData\Roaming\mozilla\Firefox\Profiles\bqgdgght.default\extensions
[2012.01.26 18:59:09 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\Mareike\AppData\Roaming\mozilla\Firefox\Profiles\bqgdgght.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2012.02.06 06:30:03 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
() (No name found) -- C:\USERS\MAREIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BQGDGGHT.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
[2012.02.02 20:42:06 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012.02.02 17:54:08 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2011.06.09 21:15:35 | 000,002,191 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml
[2012.02.02 17:54:08 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012.02.02 17:54:08 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2012.02.02 17:54:08 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.02.02 17:54:08 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.02.02 17:54:08 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2012.01.24 19:16:55 | 000,000,098 | ---- | M]) - C:\Windows\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1       localhost
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Windows 7 Starter Helper) - {D381FF29-7CFB-4D4E-B92A-C4EDDC696614} - C:\Programme\Oceanis\SystemSetting\StarterHelper.dll (Oceanis)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [HP] C:\Programme\Hewlett-Packard\HP QuickSync\QuickSync.exe (Hewlett-Packard)
O4 - HKLM..\Run: [IAAnotif] C:\Programme\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [SysTrayApp] C:\Programme\IDT\WDM\sttray.exe (IDT, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_02-windows-i586.cab (Java Plug-in 1.7.0_02)
O16 - DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} hxxp://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework/microsoft/wrc32.ocx (WRC Class)
O16 - DPF: {CAFEEFAC-0017-0000-0002-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_02-windows-i586.cab (Java Plug-in 1.7.0_02)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_02-windows-i586.cab (Java Plug-in 1.7.0_02)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8F11C8BB-71C2-44B7-BC6F-D474F27A1500}: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) -C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKCU Winlogon: Shell - (EXPLORER.EXE) -C:\Windows\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL) - C:\Programme\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Programme\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{51ef28be-61bd-11e0-bd0f-8b77559d3e1f}\Shell - "" = AutoRun
O33 - MountPoints2\{51ef28be-61bd-11e0-bd0f-8b77559d3e1f}\Shell\AutoRun\command - "" = F:\SETUP.EXE
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.02.06 18:19:09 | 000,000,000 | ---D | C] -- C:\Program Files\VS Revo Group
[2012.02.06 18:19:09 | 000,000,000 | ---D | C] -- C:\Users\Mareike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
[2012.02.06 06:29:21 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe
[2012.02.06 06:29:20 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat
[2012.02.06 06:29:20 | 000,434,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2012.02.06 06:29:20 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2012.02.06 06:29:20 | 000,353,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2012.02.06 06:29:20 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2012.02.06 06:29:20 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2012.02.06 06:29:20 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2012.02.06 06:29:20 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2012.02.06 06:29:20 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll
[2012.02.06 06:29:20 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll
[2012.02.06 06:29:20 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IEAdvpack.dll
[2012.02.06 06:29:20 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2012.02.06 06:29:20 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe
[2012.02.06 06:29:20 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2012.02.06 06:29:20 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2012.02.06 06:29:20 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2012.02.06 06:29:20 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll
[2012.02.06 06:29:20 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2012.02.06 06:29:20 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2012.02.06 06:29:20 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2012.02.06 06:29:19 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2012.02.06 06:29:19 | 001,798,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2012.02.06 06:29:19 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2012.02.06 06:29:19 | 000,580,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2012.02.06 06:29:19 | 000,353,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2012.02.06 06:29:19 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll
[2012.02.06 06:29:19 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll
[2012.02.06 06:29:19 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe
[2012.02.06 06:29:19 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe
[2012.02.06 06:29:19 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2012.02.06 06:29:19 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2012.02.06 06:29:19 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll
[2012.02.06 06:29:19 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll
[2012.02.06 06:29:19 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll
[2012.02.06 06:29:19 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll
[2012.02.06 06:29:19 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2012.02.05 22:58:51 | 000,000,000 | ---D | C] -- C:\Users\Mareike\Desktop\Trojaner-Bekämpfung
[2012.02.03 06:47:28 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2012.02.03 06:46:26 | 000,637,848 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\npdeployJava1.dll
[2012.02.03 06:46:26 | 000,223,112 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaws.exe
[2012.02.03 06:46:26 | 000,173,960 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaw.exe
[2012.02.03 06:46:25 | 000,173,960 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\java.exe
[2012.02.03 06:19:59 | 000,000,000 | ---D | C] -- C:\Windows\System32\SPReview
[2012.02.03 06:17:46 | 000,000,000 | ---D | C] -- C:\Windows\System32\EventProviders
[2012.02.03 04:13:43 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\TsUsbFlt.sys
[2012.02.03 04:13:43 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TsUsbRedirectionGroupPolicyExtension.dll
[2012.02.03 04:13:36 | 001,171,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10warp.dll
[2012.02.03 04:13:35 | 000,954,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc40.dll
[2012.02.03 04:13:35 | 000,954,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc40u.dll
[2012.02.03 04:13:31 | 000,423,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_isv.dll
[2012.02.03 04:13:28 | 000,327,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_isv.exe
[2012.02.03 04:13:27 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc.dll
[2012.02.03 04:13:26 | 000,322,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate.exe
[2012.02.03 04:13:23 | 000,253,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwizui.dll
[2012.02.03 04:13:21 | 003,207,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mf.dll
[2012.02.03 04:13:19 | 001,334,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CertEnroll.dll
[2012.02.03 04:13:19 | 000,520,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mcupdate_GenuineIntel.dll
[2012.02.03 04:13:16 | 000,295,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHost.exe
[2012.02.03 04:13:16 | 000,099,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHostProxy.dll
[2012.02.03 04:13:13 | 001,115,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RacEngn.dll
[2012.02.03 04:13:11 | 005,066,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AuthFWSnapin.dll
[2012.02.03 04:13:07 | 001,493,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ExplorerFrame.dll
[2012.02.03 04:13:02 | 001,828,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d9.dll
[2012.02.03 04:13:00 | 000,505,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskschd.dll
[2012.02.03 04:12:58 | 000,456,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spinstall.exe
[2012.02.03 04:12:58 | 000,280,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spreview.exe
[2012.02.03 04:12:57 | 000,381,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wer.dll
[2012.02.03 04:12:55 | 001,371,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dwmcore.dll
[2012.02.03 04:12:54 | 000,863,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\diagperf.dll
[2012.02.03 04:12:53 | 003,367,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WinSAT.exe
[2012.02.03 04:12:53 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scavengeui.dll
[2012.02.03 04:12:52 | 000,597,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TSWorkspace.dll
[2012.02.03 04:12:52 | 000,270,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tsmf.dll
[2012.02.03 04:12:49 | 002,522,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dbgeng.dll
[2012.02.03 04:12:48 | 000,522,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d11.dll
[2012.02.03 04:12:46 | 001,619,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVDECOD.DLL
[2012.02.03 04:12:44 | 000,252,928 | ---- | C] (Microsoft) -- C:\Windows\System32\DShowRdpFilter.dll
[2012.02.03 04:12:43 | 002,151,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mmcndmgr.dll
[2012.02.03 04:12:43 | 000,049,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netfxperf.dll
[2012.02.03 04:12:42 | 000,732,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imapi2fs.dll
[2012.02.03 04:12:42 | 000,341,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdrm.dll
[2012.02.03 04:12:41 | 001,792,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\authui.dll
[2012.02.03 04:12:41 | 000,974,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sppobjs.dll
[2012.02.03 04:12:40 | 000,547,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceApi.dll
[2012.02.03 04:12:40 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mcbuilder.exe
[2012.02.03 04:12:38 | 001,555,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\certmgr.dll
[2012.02.03 04:12:38 | 000,508,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winload.exe
[2012.02.03 04:12:37 | 001,712,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xpsservices.dll
[2012.02.03 04:12:36 | 000,412,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sppwinob.dll
[2012.02.03 04:12:35 | 000,302,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmd.exe
[2012.02.03 04:12:33 | 000,206,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\framedynos.dll
[2012.02.03 04:12:32 | 000,296,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfds.dll
[2012.02.03 04:12:31 | 000,240,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\netio.sys
[2012.02.03 04:12:30 | 002,414,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wucltux.dll
[2012.02.03 04:12:30 | 000,762,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\azroles.dll
[2012.02.03 04:12:30 | 000,442,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winresume.exe
[2012.02.03 04:12:30 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncsi.dll
[2012.02.03 04:12:29 | 001,063,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\werconcpl.dll
[2012.02.03 04:12:26 | 000,801,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NaturalLanguage6.dll
[2012.02.03 04:12:26 | 000,508,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxgi.dll
[2012.02.03 04:12:26 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfreadwrite.dll
[2012.02.03 04:12:26 | 000,144,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\basecsp.dll
[2012.02.03 04:12:25 | 000,488,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\evr.dll
[2012.02.03 04:12:25 | 000,305,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskcomp.dll
[2012.02.03 04:12:24 | 000,776,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\calc.exe
[2012.02.03 04:12:24 | 000,335,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WinSATAPI.dll
[2012.02.03 04:12:23 | 000,778,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sqlsrv32.dll
[2012.02.03 04:12:22 | 002,983,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIRibbon.dll
[2012.02.03 04:12:22 | 000,242,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vpnike.dll
[2012.02.03 04:12:21 | 000,477,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lpksetup.exe
[2012.02.03 04:12:21 | 000,271,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fveapi.dll
[2012.02.03 04:12:19 | 000,155,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\hgprint.dll
[2012.02.03 04:12:17 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\prncache.dll
[2012.02.03 04:12:16 | 000,458,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSDApi.dll
[2012.02.03 04:12:16 | 000,352,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpeffects.dll
[2012.02.03 04:12:16 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\net1.exe
[2012.02.03 04:12:16 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rpchttp.dll
[2012.02.03 04:12:15 | 000,690,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ci.dll
[2012.02.03 04:12:15 | 000,321,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aepdu.dll
[2012.02.03 04:12:15 | 000,119,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aitagent.exe
[2012.02.03 04:12:13 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scansetting.dll
[2012.02.03 04:12:12 | 002,504,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVCORE.DLL
[2012.02.03 04:12:12 | 000,411,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlangpui.dll
[2012.02.03 04:12:12 | 000,213,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MMDevAPI.dll
[2012.02.03 04:12:12 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aaclient.dll
[2012.02.03 04:12:11 | 000,167,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\QSHVHOST.DLL
[2012.02.03 04:12:11 | 000,101,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\consent.exe
[2012.02.03 04:12:10 | 001,750,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pnidui.dll
[2012.02.03 04:12:10 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\t2embed.dll
[2012.02.03 04:12:09 | 000,782,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\webservices.dll
[2012.02.03 04:12:09 | 000,124,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fde.dll
[2012.02.03 04:12:08 | 002,146,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SyncCenter.dll
[2012.02.03 04:12:08 | 000,225,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netdiagfx.dll
[2012.02.03 04:12:08 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TsUsbGDCoInstaller.dll
[2012.02.03 04:12:07 | 000,907,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdengin2.dll
[2012.02.03 04:12:07 | 000,560,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapi.dll
[2012.02.03 04:12:07 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wscapi.dll
[2012.02.03 04:12:04 | 000,830,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSMPEG2ENC.DLL
[2012.02.03 04:12:04 | 000,826,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpcore.dll
[2012.02.03 04:12:03 | 000,392,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imapi2.dll
[2012.02.03 04:12:03 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\setupcl.exe
[2012.02.03 04:12:02 | 000,630,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DXPTaskRingtone.dll
[2012.02.03 04:12:02 | 000,302,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aeinv.dll
[2012.02.03 04:12:01 | 002,576,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gameux.dll
[2012.02.03 04:12:00 | 001,624,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMPEncEn.dll
[2012.02.03 04:12:00 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dwmredir.dll
[2012.02.03 04:11:58 | 000,658,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\autofmt.exe
[2012.02.03 04:11:58 | 000,196,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vaultsvc.dll
[2012.02.03 04:11:58 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\hbaapi.dll
[2012.02.03 04:11:57 | 002,217,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bootres.dll
[2012.02.03 04:11:57 | 001,077,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Narrator.exe
[2012.02.03 04:11:57 | 000,166,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netiohlp.dll
[2012.02.03 04:11:57 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\audiodg.exe
[2012.02.03 04:11:56 | 000,679,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\autoconv.exe
[2012.02.03 04:11:56 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AudioSes.dll
[2012.02.03 04:11:56 | 000,194,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\halmacpi.dll
[2012.02.03 04:11:56 | 000,194,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\hal.dll
[2012.02.03 04:11:56 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\proquota.exe
[2012.02.03 04:11:55 | 000,400,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ipsmsnap.dll
[2012.02.03 04:11:55 | 000,303,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msinfo32.exe
[2012.02.03 04:11:55 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mimefilt.dll
[2012.02.03 04:11:54 | 000,441,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\powercpl.dll
[2012.02.03 04:11:54 | 000,301,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srchadmin.dll
[2012.02.03 04:11:54 | 000,222,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eapphost.dll
[2012.02.03 04:11:54 | 000,202,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\framedyn.dll
[2012.02.03 04:11:54 | 000,181,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tcpipcfg.dll
[2012.02.03 04:11:54 | 000,179,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\schtasks.exe
[2012.02.03 04:11:53 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msihnd.dll
[2012.02.03 04:11:52 | 000,155,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscorier.dll
[2012.02.03 04:11:51 | 000,478,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\timedate.cpl
[2012.02.03 04:11:51 | 000,399,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DXP.dll
[2012.02.03 04:11:51 | 000,171,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\QAGENT.DLL
[2012.02.03 04:11:51 | 000,117,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netid.dll
[2012.02.03 04:11:49 | 001,227,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wdc.dll
[2012.02.03 04:11:48 | 000,346,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\untfs.dll
[2012.02.03 04:11:47 | 001,131,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdclt.exe
[2012.02.03 04:11:47 | 000,933,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Vault.dll
[2012.02.03 04:11:47 | 000,132,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ataport.sys
[2012.02.03 04:11:47 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nci.dll
[2012.02.03 04:11:46 | 001,326,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanpref.dll
[2012.02.03 04:11:46 | 001,003,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMNetMgr.dll
[2012.02.03 04:11:45 | 000,098,816 | ---- | C] (Microsoft) -- C:\Windows\System32\Robocopy.exe
[2012.02.03 04:11:44 | 001,400,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DxpTaskSync.dll
[2012.02.03 04:11:43 | 001,040,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Display.dll
[2012.02.03 04:11:42 | 000,316,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sharemediacpl.dll
[2012.02.03 04:11:42 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsRasterService.dll
[2012.02.03 04:11:42 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\userinit.exe
[2012.02.03 04:11:41 | 000,352,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\termmgr.dll
[2012.02.03 04:11:41 | 000,324,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\puiobj.dll
[2012.02.03 04:11:40 | 001,188,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DiagCpl.dll
[2012.02.03 04:11:40 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eudcedit.exe
[2012.02.03 04:11:40 | 000,140,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\scsiport.sys
[2012.02.03 04:11:39 | 001,066,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdtctm.dll
[2012.02.03 04:11:39 | 000,127,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\logoncli.dll
[2012.02.03 04:11:38 | 000,856,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FirewallControlPanel.dll
[2012.02.03 04:11:38 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\biocpl.dll
[2012.02.03 04:11:38 | 000,416,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wiadefui.dll
[2012.02.03 04:11:38 | 000,233,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msconfig.exe
[2012.02.03 04:11:38 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sppcomapi.dll
[2012.02.03 04:11:38 | 000,111,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shsetup.dll
[2012.02.03 04:11:36 | 002,157,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\themecpl.dll
[2012.02.03 04:11:36 | 000,766,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpccpl.dll
[2012.02.03 04:11:36 | 000,216,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FWPUCLNT.DLL
[2012.02.03 04:11:35 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dnscmmc.dll
[2012.02.03 04:11:34 | 000,413,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PhotoScreensaver.scr
[2012.02.03 04:11:34 | 000,312,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\hgcpl.dll
[2012.02.03 04:11:32 | 000,481,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscms.dll
[2012.02.03 04:11:32 | 000,429,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\localsec.dll
[2012.02.03 04:11:32 | 000,268,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mprddm.dll
[2012.02.03 04:11:32 | 000,080,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscories.dll
[2012.02.03 04:11:31 | 000,600,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\usercpl.dll
[2012.02.03 04:11:31 | 000,400,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srcore.dll
[2012.02.03 04:11:31 | 000,220,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SndVolSSO.dll
[2012.02.03 04:11:31 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bcdsrv.dll
[2012.02.03 04:11:31 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasacct.dll
[2012.02.03 04:11:30 | 000,638,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\VAN.dll
[2012.02.03 04:11:30 | 000,600,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PerfCenterCPL.dll
[2012.02.03 04:11:30 | 000,509,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qedit.dll
[2012.02.03 04:11:30 | 000,410,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanui.dll
[2012.02.03 04:11:30 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\prntvpt.dll
[2012.02.03 04:11:29 | 001,644,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netcenter.dll
[2012.02.03 04:11:29 | 000,314,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SndVol.exe
[2012.02.03 04:11:29 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\w32tm.exe
[2012.02.03 04:11:28 | 003,727,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\accessibilitycpl.dll
[2012.02.03 04:11:28 | 000,352,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwizeng.dll
[2012.02.03 04:11:28 | 000,314,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\azroleui.dll
[2012.02.03 04:11:28 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wksprt.exe
[2012.02.03 04:11:27 | 000,190,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ks.sys
[2012.02.03 04:11:27 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdeploy.dll
[2012.02.03 04:11:26 | 000,516,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\main.cpl
[2012.02.03 04:11:26 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSAC3ENC.DLL
[2012.02.03 04:11:26 | 000,186,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\adsldp.dll
[2012.02.03 04:11:26 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netjoin.dll
[2012.02.03 04:11:25 | 002,130,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\networkmap.dll
[2012.02.03 04:11:25 | 000,320,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Faultrep.dll
[2012.02.03 04:11:25 | 000,314,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wusa.exe
[2012.02.03 04:11:25 | 000,312,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MCEWMDRMNDBootstrap.dll
[2012.02.03 04:11:24 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ActionCenter.dll
[2012.02.03 04:11:24 | 000,395,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\prnfldr.dll
[2012.02.03 04:11:24 | 000,218,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\OnLineIDCpl.dll
[2012.02.03 04:11:23 | 000,755,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sud.dll
[2012.02.03 04:11:23 | 000,266,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MediaMetadataHandler.dll
[2012.02.03 04:11:23 | 000,233,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskbarcpl.dll
[2012.02.03 04:11:22 | 000,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sysmon.ocx
[2012.02.03 04:11:22 | 000,325,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\slui.exe
[2012.02.03 04:11:22 | 000,271,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iprtrmgr.dll
[2012.02.03 04:11:22 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\defaultlocationcpl.dll
[2012.02.03 04:11:22 | 000,172,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasrad.dll
[2012.02.03 04:11:22 | 000,129,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpcorekmts.dll
[2012.02.03 04:11:22 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\hidclass.sys
[2012.02.03 04:11:22 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
[2012.02.03 04:11:21 | 000,692,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bthprops.cpl
[2012.02.03 04:11:21 | 000,137,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\halacpi.dll
[2012.02.03 04:11:21 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dot3cfg.dll
[2012.02.03 04:11:21 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ftp.exe
[2012.02.03 04:11:20 | 000,577,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpd_ci.dll
[2012.02.03 04:11:20 | 000,428,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shwebsvc.dll
[2012.02.03 04:11:20 | 000,345,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\intl.cpl
[2012.02.03 04:11:20 | 000,205,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\efscore.dll
[2012.02.03 04:11:20 | 000,148,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ifsutil.dll
[2012.02.03 04:11:20 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sisbkup.dll
[2012.02.03 04:11:19 | 000,750,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdcpl.dll
[2012.02.03 04:11:19 | 000,537,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ActionCenterCPL.dll
[2012.02.03 04:11:19 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\recovery.dll
[2012.02.03 04:11:18 | 000,600,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TabletPC.cpl
[2012.02.03 04:11:18 | 000,484,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DeviceCenter.dll
[2012.02.03 04:11:18 | 000,295,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bcdedit.exe
[2012.02.03 04:11:18 | 000,146,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\autoplay.dll
[2012.02.03 04:11:18 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpwsx.dll
[2012.02.03 04:11:17 | 000,738,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpmde.dll
[2012.02.03 04:11:17 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sppnp.dll
[2012.02.03 04:11:16 | 000,859,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\OobeFldr.dll
[2012.02.03 04:11:16 | 000,410,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\systemcpl.dll
[2012.02.03 04:11:16 | 000,210,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\recdisc.exe
[2012.02.03 04:11:16 | 000,151,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vdsutil.dll
[2012.02.03 04:11:16 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSTPager.ax
[2012.02.03 04:11:15 | 000,656,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nshwfp.dll
[2012.02.03 04:11:15 | 000,297,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntprint.dll
[2012.02.03 04:11:15 | 000,270,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sethc.exe
[2012.02.03 04:11:15 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SmartcardCredentialProvider.dll
[2012.02.03 04:11:15 | 000,146,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bcdboot.exe
[2012.02.03 04:11:14 | 000,743,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\blackbox.dll
[2012.02.03 04:11:14 | 000,262,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rstrui.exe
[2012.02.03 04:11:13 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ksproxy.ax
[2012.02.03 04:11:13 | 000,182,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpsrcwp.dll
[2012.02.03 04:11:13 | 000,107,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NAPHLPR.DLL
[2012.02.03 04:11:13 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\migisol.dll
[2012.02.03 04:11:13 | 000,093,696 | ---- | C] (Windows (R) Codename Longhorn DDK provider) -- C:\Windows\System32\fms.dll
[2012.02.03 04:11:12 | 000,805,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cdosys.dll
[2012.02.03 04:11:11 | 000,592,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msftedit.dll
[2012.02.03 04:11:11 | 000,346,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nshipsec.dll
[2012.02.03 04:11:11 | 000,254,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsqmcons.exe
[2012.02.03 04:11:11 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\isoburn.exe
[2012.02.03 04:11:11 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\asycfilt.dll
[2012.02.03 04:11:10 | 000,586,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dfrgui.exe
[2012.02.03 04:11:10 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanmsm.dll
[2012.02.03 04:11:10 | 000,333,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dot3ui.dll
[2012.02.03 04:11:10 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ReAgent.dll
[2012.02.03 04:11:10 | 000,222,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wavemsp.dll
[2012.02.03 04:11:10 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuwebv.dll
[2012.02.03 04:11:09 | 000,198,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sysclass.dll
[2012.02.03 04:11:09 | 000,197,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ocsetup.exe
[2012.02.03 04:11:09 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzutil.exe
[2012.02.03 04:11:08 | 000,444,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wvc.dll
[2012.02.03 04:11:08 | 000,406,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wimgapi.dll
[2012.02.03 04:11:06 | 000,206,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qasf.dll
[2012.02.03 04:11:06 | 000,190,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qcap.dll
[2012.02.03 04:11:06 | 000,113,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\setupugc.exe
[2012.02.03 04:11:06 | 000,051,200 | ---- | C] (Twain Working Group) -- C:\Windows\twain_32.dll
[2012.02.03 04:11:05 | 000,293,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ssText3d.scr
[2012.02.03 04:11:05 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srrstr.dll
[2012.02.03 04:11:05 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\uxlib.dll
[2012.02.03 04:11:05 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\slwga.dll
[2012.02.03 04:11:04 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wwanconn.dll
[2012.02.03 04:11:04 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mciavi32.dll
[2012.02.03 04:11:03 | 000,616,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmdrmsdk.dll
[2012.02.03 04:11:03 | 000,211,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DevicePairingFolder.dll
[2012.02.03 04:11:03 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nslookup.exe
[2012.02.03 04:11:02 | 000,504,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msscp.dll
[2012.02.03 04:11:02 | 000,327,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wimserv.exe
[2012.02.03 04:11:02 | 000,276,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\diskraid.exe
[2012.02.03 04:11:01 | 000,402,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drmmgrtn.dll
[2012.02.03 04:11:01 | 000,202,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\input.dll
[2012.02.03 04:11:01 | 000,186,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpencom.dll
[2012.02.03 04:11:01 | 000,157,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\perfmon.exe
[2012.02.03 04:11:01 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\acppage.dll
[2012.02.03 04:11:00 | 000,292,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WindowsAnytimeUpgradeResults.exe
[2012.02.03 04:11:00 | 000,174,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ocsetapi.dll
[2012.02.03 04:11:00 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UserAccountControlSettings.dll
[2012.02.03 04:11:00 | 000,046,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NAPCRYPT.DLL
[2012.02.03 04:10:59 | 001,111,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\onexui.dll
[2012.02.03 04:10:59 | 000,327,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nltest.exe
[2012.02.03 04:10:59 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vpnikeapi.dll
[2012.02.03 04:10:58 | 000,198,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpdwcn.dll
[2012.02.03 04:10:58 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vdsbas.dll
[2012.02.03 04:10:58 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\bfsvc.exe
[2012.02.03 04:10:58 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\runonce.exe
[2012.02.03 04:10:57 | 000,210,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxdiagn.dll
[2012.02.03 04:10:57 | 000,095,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\logagent.exe
[2012.02.03 04:10:52 | 000,242,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eapp3hst.dll
[2012.02.03 04:10:52 | 000,176,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MFPlay.dll
[2012.02.03 04:10:51 | 000,507,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmdrmdev.dll
[2012.02.03 04:10:51 | 000,489,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10level9.dll
[2012.02.03 04:10:51 | 000,117,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\rmcast.sys
[2012.02.03 04:10:51 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PnPUnattend.exe
[2012.02.03 04:10:50 | 000,186,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bitsadmin.exe
[2012.02.03 04:10:50 | 000,108,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shacct.dll
[2012.02.03 04:10:50 | 000,087,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wudriver.dll
[2012.02.03 04:10:50 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\unimdmat.dll
[2012.02.03 04:10:50 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iscsium.dll
[2012.02.03 04:10:50 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lsmproxy.dll
[2012.02.03 04:10:49 | 000,878,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Bubbles.scr
[2012.02.03 04:10:49 | 000,309,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sqlcese30.dll
[2012.02.03 04:10:49 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tabcal.exe
[2012.02.03 04:10:49 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpd3d.dll
[2012.02.03 04:10:48 | 001,160,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\OpcServices.dll
[2012.02.03 04:10:48 | 000,350,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WPDSp.dll
[2012.02.03 04:10:48 | 000,183,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceSyncProvider.dll
[2012.02.03 04:10:48 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kstvtune.ax
[2012.02.03 04:10:48 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\logman.exe
[2012.02.03 04:10:48 | 000,060,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncryptui.dll
[2012.02.03 04:10:47 | 000,427,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceStatus.dll
[2012.02.03 04:10:47 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Ribbons.scr
[2012.02.03 04:10:47 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFPlatform.dll
[2012.02.03 04:10:47 | 000,132,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MdSched.exe
[2012.02.03 04:10:47 | 000,099,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\QSVRMGMT.DLL
[2012.02.03 04:10:47 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\olethk32.dll
[2012.02.03 04:10:47 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lpremove.exe
[2012.02.03 04:10:47 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\djoin.exe
[2012.02.03 04:10:47 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wwanprotdim.dll
[2012.02.03 04:10:46 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Mystify.scr
[2012.02.03 04:10:46 | 000,179,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ActionQueue.dll
[2012.02.03 04:10:46 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\powercfg.cpl
[2012.02.03 04:10:46 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mapistub.dll
[2012.02.03 04:10:46 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mapi32.dll
[2012.02.03 04:10:46 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tsgqec.dll
[2012.02.03 04:10:45 | 000,902,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMADMOD.DLL
[2012.02.03 04:10:45 | 000,318,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMPhoto.dll
[2012.02.03 04:10:45 | 000,115,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dot3msm.dll
[2012.02.03 04:10:45 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fphc.dll
[2012.02.03 04:10:45 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\utildll.dll
[2012.02.03 04:10:44 | 000,541,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVSDECD.DLL
[2012.02.03 04:10:44 | 000,257,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WindowsAnytimeUpgrade.exe
[2012.02.03 04:10:44 | 000,189,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sqmapi.dll
[2012.02.03 04:10:44 | 000,153,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\VBICodec.ax
[2012.02.03 04:10:44 | 000,109,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wiavideo.dll
[2012.02.03 04:10:44 | 000,107,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Kswdmcap.ax
[2012.02.03 04:10:44 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\takeown.exe
[2012.02.03 04:10:44 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TsUsbRedirectionGroupPolicyControl.exe
[2012.02.03 04:10:43 | 000,436,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmdrmnet.dll
[2012.02.03 04:10:43 | 000,283,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qdv.dll
[2012.02.03 04:10:43 | 000,265,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msnetobj.dll
[2012.02.03 04:10:43 | 000,128,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EhStorAPI.dll
[2012.02.03 04:10:42 | 000,202,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\unattend.dll
[2012.02.03 04:10:42 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sppinst.dll
[2012.02.03 04:10:42 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\QCLIPROV.DLL
[2012.02.03 04:10:42 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cca.dll
[2012.02.03 04:10:41 | 000,567,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFx.dll
[2012.02.03 04:10:41 | 000,182,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RelPost.exe
[2012.02.03 04:10:41 | 000,084,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmstp.exe
[2012.02.03 04:10:41 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MuiUnattend.exe
[2012.02.03 04:10:41 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vfwwdm32.dll
[2012.02.03 04:10:41 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pdhui.dll
[2012.02.03 04:10:40 | 000,739,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMSPDMOD.DLL
[2012.02.03 04:10:40 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\setupcln.dll
[2012.02.03 04:10:40 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsnmp32.dll
[2012.02.03 04:10:40 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\umb.dll
[2012.02.03 04:10:40 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\basesrv.dll
[2012.02.03 04:10:40 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AzSqlExt.dll
[2012.02.03 04:10:39 | 000,176,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msorcl32.dll
[2012.02.03 04:10:39 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasrecst.dll
[2012.02.03 04:10:38 | 000,144,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iscsicli.exe
[2012.02.03 04:10:38 | 000,128,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\desk.cpl
[2012.02.03 04:10:38 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wkscli.dll
[2012.02.03 04:10:38 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WavDest.dll
[2012.02.03 04:10:38 | 000,037,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\relog.exe
[2012.02.03 04:10:38 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PrintIsolationProxy.dll
[2012.02.03 04:10:38 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netiougc.exe
[2012.02.03 04:10:37 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\diskpart.exe
[2012.02.03 04:10:37 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\amstream.dll
[2012.02.03 04:10:37 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spbcd.dll
[2012.02.03 04:10:36 | 000,158,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\itircl.dll
[2012.02.03 04:10:36 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp_isv.dll
[2012.02.03 04:10:36 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp.dll
[2012.02.03 04:10:36 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MultiDigiMon.exe
[2012.02.03 04:10:36 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netbtugc.exe
[2012.02.03 04:10:36 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nrpsrv.dll
[2012.02.03 04:10:35 | 001,027,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IMJP10.IME
[2012.02.03 04:10:35 | 000,430,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FXSTIFF.dll
[2012.02.03 04:10:35 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpps.dll
[2012.02.03 04:10:35 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CertPolEng.dll
[2012.02.03 04:10:35 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\setbcdlocale.dll
[2012.02.03 04:10:35 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ksxbar.ax
[2012.02.03 04:10:35 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\syssetup.dll
[2012.02.03 04:10:34 | 000,278,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp_isv.exe
[2012.02.03 04:10:34 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapp.exe
[2012.02.03 04:10:34 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WerFaultSecure.exe
[2012.02.03 04:10:34 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ReAgentc.exe
[2012.02.03 04:10:33 | 000,280,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp.exe
[2012.02.03 04:10:33 | 000,094,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eappgnui.dll
[2012.02.03 04:10:33 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tlscsp.dll
[2012.02.03 04:10:33 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\findstr.exe
[2012.02.03 04:10:33 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wiarpc.dll
[2012.02.03 04:10:32 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mciqtz32.dll
[2012.02.03 04:10:32 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\muifontsetup.dll
[2012.02.03 04:10:31 | 000,121,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sppc.dll
[2012.02.03 04:10:31 | 000,082,944 | ---- | C] (Radius Inc.) -- C:\Windows\System32\iccvid.dll
[2012.02.03 04:10:30 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\luainstall.dll
[2012.02.03 04:10:30 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\tdi.sys
[2012.02.03 04:10:30 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spopk.dll
[2012.02.03 04:10:29 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\manage-bde.exe
[2012.02.03 04:10:29 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\repair-bde.exe
[2012.02.03 04:10:29 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\unlodctr.exe
[2012.02.03 04:10:29 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wdiasqmmodule.dll
[2012.02.03 04:10:29 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdmo.dll
[2012.02.03 04:10:29 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbrpm.sys
[2012.02.03 04:10:29 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netcfg.exe
[2012.02.03 04:10:28 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetmib1.dll
[2012.02.03 04:10:28 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\g711codc.ax
[2012.02.03 04:10:28 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbisurf.ax
[2012.02.03 04:10:28 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdprefdrvapi.dll
[2012.02.03 04:10:27 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFCoinstaller.dll
[2012.02.03 04:10:26 | 001,164,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIRibbonRes.dll
[2012.02.03 04:10:26 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\browcli.dll
[2012.02.03 04:10:26 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbcconf.dll
[2012.02.03 04:10:26 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\profprov.dll
[2012.02.03 04:10:26 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups.dll
[2012.02.03 04:10:25 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\perfts.dll
[2012.02.03 04:10:23 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FXSMON.dll
[2012.02.03 04:10:23 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\elsTrans.dll
[2012.02.03 04:10:22 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RDPENCDD.dll
[2012.02.03 04:10:22 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TRAPI.dll
[2012.02.03 04:10:22 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bitsperf.dll
[2012.02.03 04:10:21 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\napdsnap.dll
[2012.02.03 04:10:21 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dsauth.dll
[2012.02.03 04:10:21 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\schedcli.dll
[2012.02.03 04:10:19 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sscore.dll
[2012.02.03 04:10:18 | 000,430,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imkr80.ime
[2012.02.03 04:10:18 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups2.dll
[2012.02.03 04:10:18 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsdchngr.dll
[2012.02.03 04:10:18 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\riched32.dll
[2012.02.03 04:10:16 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpcfgex.dll
[2012.02.03 04:10:14 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wshirda.dll
[2012.02.03 04:10:12 | 000,025,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\USBCAMD2.sys
[2012.02.03 04:10:12 | 000,025,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\USBCAMD.sys
[2012.02.03 04:10:11 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwmp.dll
[2012.02.03 04:10:10 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RDPREFDD.dll
[2012.02.03 04:10:10 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\C_ISCII.DLL
[2012.02.03 04:10:09 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shunimpl.dll
[2012.02.03 04:10:09 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdxm.ocx
[2012.02.03 04:10:09 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxmasf.dll
[2012.02.03 04:10:06 | 012,625,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmploc.DLL
[2012.02.03 04:10:03 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDUS.DLL
[2012.02.03 04:10:03 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDUGHR1.DLL
[2012.02.03 04:10:03 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDTURME.DLL
[2012.02.03 04:10:03 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDTAJIK.DLL
[2012.02.03 04:10:03 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDMON.DLL
[2012.02.03 04:10:03 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDMAORI.DLL
[2012.02.03 04:10:03 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDLT1.DLL
[2012.02.03 04:10:03 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDINTEL.DLL
[2012.02.03 04:10:03 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDINORI.DLL
[2012.02.03 04:10:03 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDINKAN.DLL
[2012.02.03 04:10:03 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDBULG.DLL
[2012.02.03 04:10:03 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDGEO.DLL
[2012.02.03 04:10:02 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDSG.DLL
[2012.02.03 04:10:02 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kbdlk41a.dll
[2012.02.03 04:10:02 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDTUQ.DLL
[2012.02.03 04:10:02 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDTUF.DLL
[2012.02.03 04:10:02 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDSF.DLL
[2012.02.03 04:10:02 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDPO.DLL
[2012.02.03 04:10:02 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDNEPR.DLL
[2012.02.03 04:10:02 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDINBEN.DLL
[2012.02.03 04:10:02 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDGR1.DLL
[2012.02.03 04:10:02 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDGKL.DLL
[2012.02.03 04:10:02 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDINTAM.DLL
[2012.02.03 04:10:02 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDINMAR.DLL
[2012.02.03 04:10:02 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDINHIN.DLL
[2012.02.03 04:10:02 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDBLR.DLL
[2012.02.03 04:10:02 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDBASH.DLL
[2012.02.03 04:10:01 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nlsbres.dll
[2012.02.03 04:10:01 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\BlbEvents.dll
[2012.02.03 04:10:01 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pifmgr.dll
[2012.02.03 04:10:01 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwizres.dll
[2012.02.03 04:10:01 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDCZ1.DLL
[2012.02.03 04:10:01 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dpnaddr.dll
[2012.02.03 04:09:11 | 000,363,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wbemcomn.dll
[2012.02.03 04:09:10 | 000,351,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmicmiplugin.dll
[2012.02.03 04:08:55 | 000,697,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SmiEngine.dll
[2012.02.03 04:08:46 | 000,209,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PkgMgr.exe
[2012.02.03 04:08:46 | 000,189,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wdscore.dll
[2012.02.03 04:07:54 | 000,323,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drvstore.dll
[2012.02.03 04:07:53 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dpx.dll
[2012.02.02 20:03:59 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2012.01.30 21:08:31 | 000,000,000 | ---D | C] -- C:\Users\Mareike\AppData\Roaming\TuneUp Software
[2012.01.30 20:57:23 | 000,000,000 | ---D | C] -- C:\ProgramData\TuneUp Software
[2012.01.30 20:55:52 | 000,000,000 | -HSD | C] -- C:\ProgramData\{32364CEA-7855-4A3C-B674-53D8E9B97936}
[2012.01.25 23:12:33 | 000,000,000 | ---D | C] -- C:\Users\Mareike\AppData\Roaming\Malwarebytes
[2012.01.25 23:12:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.01.25 23:11:50 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012.01.24 21:56:32 | 000,000,000 | ---D | C] -- C:\Users\Mareike\AppData\Roaming\SUPERAntiSpyware.com
[2012.01.24 21:55:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
[2012.01.24 21:54:27 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2012.01.24 21:54:18 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2012.01.24 20:40:06 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2012.01.24 19:02:32 | 000,000,000 | ---D | C] -- C:\_OTL
[2012.01.23 18:54:52 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2012.01.23 18:29:45 | 001,328,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quartz.dll
[2012.01.23 18:29:45 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qdvd.dll
[2012.01.23 18:29:14 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\packager.dll
[2012.01.23 18:16:11 | 000,314,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\webio.dll
[2012.01.23 18:15:54 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sspisrv.dll
 
========== Files - Modified Within 30 Days ==========
 
[2012.02.07 19:49:19 | 000,000,177 | -H-- | M] () -- C:\dvmexp.idx
[2012.02.07 19:46:33 | 000,014,128 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.02.07 19:46:33 | 000,014,128 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.02.07 19:39:01 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.02.07 19:38:52 | 776,581,120 | -HS- | M] () -- C:\hiberfil.sys
[2012.02.06 18:19:10 | 000,001,226 | ---- | M] () -- C:\Users\Mareike\Desktop\Revo Uninstaller.lnk
[2012.02.06 06:29:21 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe
[2012.02.06 06:29:20 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat
[2012.02.06 06:29:20 | 000,434,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2012.02.06 06:29:20 | 000,367,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2012.02.06 06:29:20 | 000,353,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2012.02.06 06:29:20 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2012.02.06 06:29:20 | 000,223,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2012.02.06 06:29:20 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2012.02.06 06:29:20 | 000,162,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2012.02.06 06:29:20 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll
[2012.02.06 06:29:20 | 000,130,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll
[2012.02.06 06:29:20 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\IEAdvpack.dll
[2012.02.06 06:29:20 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2012.02.06 06:29:20 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe
[2012.02.06 06:29:20 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2012.02.06 06:29:20 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2012.02.06 06:29:20 | 000,072,822 | ---- | M] () -- C:\Windows\System32\ieuinit.inf
[2012.02.06 06:29:20 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2012.02.06 06:29:20 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll
[2012.02.06 06:29:20 | 000,041,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2012.02.06 06:29:20 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2012.02.06 06:29:20 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2012.02.06 06:29:19 | 002,382,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2012.02.06 06:29:19 | 001,798,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2012.02.06 06:29:19 | 001,427,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2012.02.06 06:29:19 | 000,580,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2012.02.06 06:29:19 | 000,353,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2012.02.06 06:29:19 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll
[2012.02.06 06:29:19 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll
[2012.02.06 06:29:19 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe
[2012.02.06 06:29:19 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe
[2012.02.06 06:29:19 | 000,142,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2012.02.06 06:29:19 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2012.02.06 06:29:19 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll
[2012.02.06 06:29:19 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll
[2012.02.06 06:29:19 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll
[2012.02.06 06:29:19 | 000,035,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll
[2012.02.06 06:29:19 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2012.02.05 22:55:59 | 000,659,004 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012.02.05 22:55:59 | 000,620,150 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.02.05 22:55:59 | 000,132,542 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012.02.05 22:55:59 | 000,108,332 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.02.05 22:49:26 | 000,362,728 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012.02.03 06:45:56 | 000,223,112 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\javaws.exe
[2012.02.03 06:45:56 | 000,173,960 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\javaw.exe
[2012.02.03 06:45:56 | 000,173,960 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\java.exe
[2012.02.03 06:45:55 | 000,637,848 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\npdeployJava1.dll
[2012.02.03 06:45:55 | 000,567,184 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\deployJava1.dll
[2012.02.03 06:43:57 | 000,152,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msclmd.dll
[2012.02.03 06:16:20 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2012.01.27 00:21:24 | 000,237,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[2012.01.24 21:36:06 | 197,769,965 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2012.01.24 19:16:55 | 000,000,098 | ---- | M] () -- C:\Windows\System32\drivers\etc\Hosts
[2012.01.14 13:14:24 | 000,007,597 | ---- | M] () -- C:\Users\Mareike\AppData\Local\Resmon.ResmonCfg
 
========== Files Created - No Company Name ==========
 
[2012.02.06 18:19:10 | 000,001,226 | ---- | C] () -- C:\Users\Mareike\Desktop\Revo Uninstaller.lnk
[2012.02.06 06:29:20 | 000,072,822 | ---- | C] () -- C:\Windows\System32\ieuinit.inf
[2012.02.03 04:13:08 | 000,146,852 | ---- | C] () -- C:\Windows\System32\systemsf.ebd
[2012.02.03 04:10:24 | 000,010,429 | ---- | C] () -- C:\Windows\System32\ScavengeSpace.xml
[2012.02.03 04:09:59 | 000,105,559 | ---- | C] () -- C:\Windows\System32\RacRules.xml
[2012.01.25 23:11:58 | 000,000,000 | ---- | C] () -- C:\Windows\System32\drivers\mbam.sys
[2012.01.24 20:39:39 | 197,769,965 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2012.01.14 13:14:24 | 000,007,597 | ---- | C] () -- C:\Users\Mareike\AppData\Local\Resmon.ResmonCfg
[2011.08.18 15:39:29 | 000,001,025 | ---- | C] () -- C:\Windows\System32\sysprs7.dll
[2011.08.18 15:39:29 | 000,000,205 | ---- | C] () -- C:\Windows\System32\lsprst7.dll
[2011.04.08 12:03:31 | 000,021,840 | ---- | C] () -- C:\Windows\System32\SIntfNT.dll
[2011.04.08 12:03:31 | 000,017,212 | ---- | C] () -- C:\Windows\System32\SIntf32.dll
[2011.04.08 12:03:31 | 000,012,067 | ---- | C] () -- C:\Windows\System32\SIntf16.dll
[2011.04.08 12:01:58 | 000,017,047 | ---- | C] () -- C:\Windows\DIIUnin.dat
[2011.04.02 11:55:22 | 000,001,849 | ---- | C] () -- C:\Users\Mareike\AppData\Roaming\GhostObjGAFix.xml
[2010.10.15 11:03:49 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010.09.30 12:55:24 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2009.12.24 02:05:09 | 000,006,656 | ---- | C] () -- C:\Windows\System32\bcmwlrc.dll
[2009.12.24 01:59:25 | 000,073,728 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll
[2009.12.24 01:57:33 | 000,000,276 | ---- | C] () -- C:\Windows\System32\RStoneLog2.ini
[2009.12.24 01:57:33 | 000,000,217 | ---- | C] () -- C:\Windows\System32\RStoneLog.ini
[2009.11.21 05:48:09 | 000,659,004 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2009.11.21 05:48:09 | 000,295,922 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2009.11.21 05:48:09 | 000,132,542 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2009.11.21 05:48:09 | 000,038,104 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2009.09.27 13:49:50 | 000,362,029 | ---- | C] () -- C:\Windows\System32\sqlite3.dll
[2009.07.14 05:57:37 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009.07.14 05:33:53 | 000,362,728 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2009.07.14 03:05:48 | 000,620,150 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2009.07.14 03:05:48 | 000,291,294 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2009.07.14 03:05:48 | 000,108,332 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2009.07.14 03:05:48 | 000,031,548 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2009.07.14 03:05:05 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2009.07.14 03:04:11 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2009.07.14 00:55:01 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009.07.14 00:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2009.07.13 23:09:19 | 001,498,564 | ---- | C] () -- C:\Windows\System32\igkrng400.bin
[2009.06.10 22:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
 
========== LOP Check ==========
 
[2010.11.14 17:16:01 | 000,000,000 | ---D | M] -- C:\Users\Mareike\AppData\Roaming\Auslogics
[2010.11.13 20:22:05 | 000,000,000 | ---D | M] -- C:\Users\Mareike\AppData\Roaming\OpenOffice.org
[2012.01.30 21:08:31 | 000,000,000 | ---D | M] -- C:\Users\Mareike\AppData\Roaming\TuneUp Software
[2010.11.18 21:43:53 | 000,000,000 | ---D | M] -- C:\Users\Mareike\AppData\Roaming\WildTangent
[2011.07.16 10:12:04 | 000,000,000 | ---D | M] -- C:\Users\Mareike\AppData\Roaming\ZumoDrive
[2011.10.31 14:12:02 | 000,032,640 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 112 bytes -> C:\ProgramData\Temp:F8435088

< End of report >
         
--- --- ---

[/CODE]

Alt 09.02.2012, 08:27   #12
kira
/// Helfer-Team
 
Netbook seeehr langsam, Windows-Update funktioniert nicht - Standard

Netbook seeehr langsam, Windows-Update funktioniert nicht



1.
Lösche:
Zitat:
Softonic Downloader
Anleitung für FF:-> Add-ons deinstallieren
-> Firefox mit Add-ons anpassen
-> Löschen: Firefox Add-Ons endgültig löschen | PcBeirat.de

im Internet Explorer Add-ons bzw. Erweiterungen deaktivieren/löschen ::
Verwalten von Add-Ons in Internet Explorer 9
Internet Explorer 9 Addons – installieren, deaktivieren, löschen und optimieren

2.
Zitat:
Achtung wichtig!:
Falls Du selber im Logfile Änderungen vorgenommen hast, musst Du durch die Originalbezeichnung ersetzen und so in Script einfügen! sonst funktioniert nicht!
(Benutzerordner, dein Name oder sonstige Änderungen durch X, Stern oder andere Namen ersetzt)
Fixen mit OTL
  • Starte die OTL.exe.
  • Vista und Windows 7 User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen.
  • Kopiere folgendes Skript:
Code:
ATTFilter
:OTL
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..extensions.enabledItems: toolbar@ask.com:3.9.1.14019
FF - prefs.js..keyword.URL: "http://websearch.ask.com/redirect?client=ff&src=kw&tb=ALSV5&o=1665&locale=de_DE&apn_uid=D0A8B27F-A462-47D7-A71F-8766C13F1844&apn_ptnrs=AU&apn_sauid=44F7C7E8-FAB7-4C3F-BF95-3FBF64138B09&apn_dtid=YYYYYYYYDE&q="
[2011.06.09 21:15:35 | 000,002,191 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml
[2012.02.02 17:54:08 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012.02.02 17:54:08 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
O3 - HKCU\..\Toolbar\WebBrowser: (no na