Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Verschlüsselungstrojaner

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 12.06.2012, 19:33   #1
anne1282
 
Verschlüsselungstrojaner - Standard

Verschlüsselungstrojaner



Hallo, habe heute eine E-Mail geöffnet die an mich adressiert war mit meinem vollständigen Namen in der Anrede. Der Absender war smilinchefjohnny@rogers.com. Der Text lautete:

"Hallo ***,

Sicher ist es Ihnen entgangen, dass die Zahlungsfrist der nachfolgenden Rechnung abgelaufen ist. Auf unsere Erinnerungen haben Sie ebenso nicht reagiert.

Artikel: Leica Mega HF
Artikelnummer: 9112261777835
Stück: 1
Summe: 754,40 Euro

Aufgrund zusätzlicher Kosten anlässlich des Ausgleichs von Gebührenforderungen erheben wir Mahngebühren und Einschreibegebühren in der Höhe von 10.- Euro inkl. MwSt.

Wir bitten Sie, den ausstehenden Rechnungsbetrag in den nächsten 7 Tagen zu überweisen. Ansonsten sehen wir uns leider gezwungen, ein Betreibungsverfahren in die Wege zu leiten und ein Inkasso Unternehmen für die weiteren Massnahmen zu beauftragen.

Sollte sich dieses Schreiben mit der Bezahlung des ausstehenden Betrags gekreuzt haben, so betrachten Sie dieses Schreiben bitte als gegenstandslos.

Anlagen:
- Rechnung
- Lieferschein

Mit besten Grüßen

FOTO THUN GMBH"

im Anhang war eine ZIP Datei, nach dem Öffnen kam zuerst eine Fehlermeldung, dass es keine Worddatei wäre und kurz darauf war ein schwarzer Bildschirm mit einem Text 'Willkommen bei Windows Update ... sie haben sich mit einem Windows-Verschlüsselungstrojaner infiziert. Aus Sicherheitsgründen wurde Ihr Windowssystem blockiert [...]
Man soll einen Paysafecard Code für 100 Eur erwerben.

Der Task-Manager funktioniert nicht. Im Abgesicherten Modus kommt man dann wieder an seinen normalen Desktop und kann arbeiten.

Es gibt eine neue Datei mit dem Titel ACHTUNG LESEN.txt mit folgendem Inhalt: "Sehr geehrte Damen und Herren,
anscheinend wurde das Update Programm vollständig unterbrochen. Jetzt kann das Virus nur manuell beseitigt werden. Dies brauchen Sie um Ihre Dateien benutzen zu können. Falls Sie also die gesperrten Daten brauchen, senden Sie uns bitte 200 Euro Ukash Code an die Email: software-update@inbox.lt, so bald dieser Code geprüft wurde, erhalten Sie ein Update Programm. Falls Sie Ihre Daten nicht brauchen raten wir Ihnen dringend Ihren Computer zu formatieren um den Virus vollständig zu entfernen. Ukash können Sie an einer beliebigen Tankstelle erwerben und auch in mehreren Internetcafes in Ihrer Nähe.
mfG Ihr Security Team"

alle alten Dateien sind umbenannt worden (z. B. in dDpesVtOJrAGrQgvLye) und nicht mehr lesbar. Die Ordner haben ihren alten Namen behalten. Die Programme funktionieren und neu erstellte Dateien scheinen nicht umbenannt zu werden.

Avira Antivir hat keine Viren und Trojaner gefunden.

Über Hilfe meinen PC zu retten und ggf die wenigen Daten die ich die letzten 7 Tage neu generiert habe würde ich mich sehr freuen!! Ein herzliches Dankeschön im Vorraus!

Alt 14.06.2012, 14:30   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Verschlüsselungstrojaner - Standard

Verschlüsselungstrojaner



Bitte erstmal routinemäßig einen Vollscan mit Malwarebytes machen und Log posten. =>ALLE lokalen Datenträger (außer CD/DVD) überprüfen lassen!
Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss!

Die Funde mit Malwarebytes bitte alle entfernen, sodass sie in der Quarantäne von Malwarebytes aufgehoben werden! NICHTS voreilig aus der Quarantäne entfernen!

Falls Logs aus älteren Scans mit Malwarebytes vorhanden sind, bitte auch davon alle posten!




ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset





Bitte alles nach Möglichkeit hier in CODE-Tags posten.

Wird so gemacht:

[code] hier steht das Log [/code]

Und das ganze sieht dann so aus:

Code:
ATTFilter
 hier steht das Log
         


Hinweise bzgl. der verschlüsselten Dateien:
Wann genau deine Daten entschlüsselt werden können wird dir niemand genau sagen können außer vllt einer es kann sein, dass du eine neuere Variante hast, deren Verschlüsselungsalgorithmus noch unbekannt ist. Sowas kann man (noch) nicht entschlüsseln und ohne Schlüssel schon garnicht - ist ja auch logisch, sonst wär es ja keine vernünftige Verschlüsselung
Einfach hier nochmal reinsehen in regelmäßigen Abständen, obige Hinweise beachten. 8 Tools mitsamt hunderten Diskussionsbeiträgen stehen da schon

Eine Notlösung für Vista und Win7-User => http://www.trojaner-board.de/115496-...erstellen.html

Entschlüsselungsversuche der verschlüsselten Dateien sind nur auf zusätzliche Kopien der verschlüsselten Dateien anzuwenden, sonst zerhackt man sich die noch weiter ohne die "original" verschlüsselte Datei mehr zu haben. Das willst du sicher nicht!

Man darf sich aber keine falschen Hoffnungen machen. Mittlerweile sieht es finster aus => Delphi-PRAXiS - Einzelnen Beitrag anzeigen - Verschlüsselungs-Trojaner, Hilfe benötigt


Und in Zukunft willst du sicher mal an ein besseres Backupkonzept denken. Hier ein Denkanstoß => http://www.trojaner-board.de/115678-...r-backups.html
__________________

__________________

Alt 15.06.2012, 22:06   #3
anne1282
 
Verschlüsselungstrojaner - Unglücklich

Verschlüsselungstrojaner



Lieber Arne, danke dass du dir Zeit für mein Problem nimmst!

Habe nochmals einen Scan mit Malwarebytes durchlaufen lassen: hier das Logfile:

Code:
ATTFilter
 Malwarebytes Anti-Malware  (Test) 1.61.0.1400
www.malwarebytes.org

Datenbank Version: v2012.06.12.02

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Judith :: JUDITH-PC [Administrator]

Schutz: Aktiviert

15.06.2012 19:26:55
mbam-log-2012-06-15 (19-26-55).txt

Art des Suchlaufs: Vollständiger Suchlauf
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 334069
Laufzeit: 1 Stunde(n), 13 Minute(n), 4 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)
         
Der ESET Online Scanner hat 3 Funde aufgezeigt: Win32/trustezeb.C trojan (dreimal)
hier das logfile dazu:

Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=defebaaf99174d4287e83ab0ec8774a2
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2012-06-15 08:54:29
# local_time=2012-06-15 10:54:29 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=1792 16777215 100 0 16864780 16864780 0 0
# compatibility_mode=5893 16776573 100 94 4190 91416614 0 0
# compatibility_mode=8192 67108863 100 0 208 208 0 0
# scanned=138341
# found=3
# cleaned=0
# scan_time=6906
C:\Users\Judith\AppData\Local\Temp\Beilagen-1.zip	Win32/Trustezeb.C trojan (unable to clean)	00000000000000000000000000000000	I
C:\Users\Judith\AppData\Local\Temp\Beilagen.zip	Win32/Trustezeb.C trojan (unable to clean)	00000000000000000000000000000000	I
C:\Users\Judith\Szsrxdtff\eaepsycjj.exe	Win32/Trustezeb.C trojan (unable to clean)	00000000000000000000000000000000	I
         
Vielen herzlichen Dank! Judith
__________________

Alt 15.06.2012, 23:27   #4
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Verschlüsselungstrojaner - Standard

Verschlüsselungstrojaner



Hätte da mal zwei Fragen bevor es weiter geht

1.) Geht der normale Modus von Windows (wieder) uneingeschränkt?
2.) Vermisst du irgendwas im Startmenü? Sind da leere Ordner unter alle Programme oder ist alles vorhanden?
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 16.06.2012, 14:15   #5
anne1282
 
Verschlüsselungstrojaner - Standard

Verschlüsselungstrojaner



Lieber Arne,
habe den PC nochmal neu gestartet. Ich konnte im normalen Modus starten

Zuerst kam ein Pop-Up von Malwarebytes mit folgendem Text:

Malewarebytes Anti-Malware hate den Ausführungsversuch eines bösartigen Prozesses festgestellt und dessen Ausführung unterbunden. Bitte wählen sie eine der folgenden Optionen aus.

C:\USERS\JUDITH\SZSRXDTFF\EAEPSYCCJJ.EXE
TROJAN.AGENT.SZ

ich habe Quarantäne ausgewählt

kurz darauf kam ein ein Pop-UP mit folgendem Text:
mbampt.exe-Anwendungsfehler

Die Andwendung konnte nicht korrekt gestartet werden (0xc0000005). Klicken sie auf "OK", um die Anwendung zu schließen.

habe dann nochmal einen QuickScan mit Malwarebytes durchgeführt:
hier die Logdatei
Code:
ATTFilter
 Malwarebytes Anti-Malware  (Test) 1.61.0.1400
www.malwarebytes.org

Datenbank Version: v2012.06.15.07

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Judith :: JUDITH-PC [Administrator]

Schutz: Aktiviert

16.06.2012 13:52:55
mbam-log-2012-06-16 (15-12-15).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 206818
Laufzeit: 6 Minute(n), 41 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 1
C:\Users\Judith\Szsrxdtff\eaepsycjj.exe (Trojan.Agent.SZ) -> Keine Aktion durchgeführt.

(Ende)
         
zur zweiten Frage: Mir ist kein Programm aufgefallen, welches ich im Startmenü vermisse (was aber nicht bedeutet dass nicht auch welche fehlen können - habe noch nie so genau geschaut - aber alles was ich anwende ist drin); und ich habe keine leeren Ordner im Ordner Programme gefunden.

liebe Grüße


Alt 17.06.2012, 21:01   #6
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Verschlüsselungstrojaner - Standard

Verschlüsselungstrojaner



Mach bitte ein neues OTL-Log. Bitte alles nach Möglichkeit hier in CODE-Tags posten.

Wird so gemacht:

[code] hier steht das Log [/code]

Und das ganze sieht dann so aus:

Code:
ATTFilter
 hier steht das Log
         
CustomScan mit OTL

Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
  • Starte bitte die OTL.exe.
    Vista und Win7 User mit Rechtsklick "als Administrator starten"
  • Setze oben mittig den Haken bei Scanne alle Benutzer
  • Kopiere nun den kompletten Inhalt aus der untenstehenden Codebox in die Textbox von OTL - wenn OTL auf deutsch ist wird sie mit beschriftet
Code:
ATTFilter
netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.exe
/md5start
wininit.exe
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
CREATERESTOREPOINT
         
  • Schliesse bitte nun alle Programme. (Wichtig)
  • Klicke nun bitte auf den Quick Scan Button.
  • Klick auf .
  • Kopiere nun den Inhalt aus OTL.txt hier in Deinen Thread
__________________
--> Verschlüsselungstrojaner

Alt 18.06.2012, 12:24   #7
anne1282
 
Verschlüsselungstrojaner - Standard

Verschlüsselungstrojaner



Lieber Arne,
hier die OTL:

Code:
ATTFilter
OTL logfile created on: 18.06.2012 12:48:28 - Run 2
OTL by OldTimer - Version 3.2.49.0     Folder = C:\Users\Judith\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
1,73 Gb Total Physical Memory | 0,92 Gb Available Physical Memory | 53,36% Memory free
3,46 Gb Paging File | 2,28 Gb Available in Paging File | 65,78% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 283,99 Gb Total Space | 194,44 Gb Free Space | 68,47% Space Free | Partition Type: NTFS
 
Computer Name: JUDITH-PC | User Name: Judith | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012.06.18 12:45:46 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\Judith\Downloads\OTL(1).exe
PRC - [2012.05.09 17:43:03 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
PRC - [2012.05.09 17:42:58 | 000,348,624 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
PRC - [2012.05.09 17:42:58 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
PRC - [2012.04.04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012.04.04 15:56:38 | 000,462,408 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2012.02.13 15:15:26 | 002,641,920 | ---- | M] (pdfforge  hxxp://www.pdfforge.org/) -- C:\Program Files (x86)\PDFCreator\PDFCreator.exe
PRC - [2012.01.03 15:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011.06.17 19:33:04 | 000,272,528 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee Security Scan\3.0.207\SSScheduler.exe
PRC - [2011.03.14 13:44:37 | 000,414,800 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LMutilps32.exe
PRC - [2011.03.14 13:44:36 | 000,334,416 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LMworker.exe
PRC - [2011.03.14 13:44:35 | 000,352,336 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe
PRC - [2011.03.14 13:44:34 | 001,081,424 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LManager.exe
PRC - [2011.02.25 10:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
PRC - [2011.01.31 22:55:14 | 000,244,624 | ---- | M] (Acer Incorporated) -- C:\Programme\Acer\Acer Updater\UpdaterService.exe
PRC - [2010.10.05 23:46:10 | 000,704,104 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe
PRC - [2010.09.28 04:00:56 | 000,340,336 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe
PRC - [2010.09.18 01:10:16 | 000,407,920 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
PRC - [2010.09.18 01:10:02 | 000,201,584 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
PRC - [2010.01.30 01:52:58 | 000,260,640 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe
PRC - [2010.01.08 15:21:22 | 000,023,584 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2007.11.28 19:59:42 | 003,702,784 | ---- | M] () -- C:\Program Files (x86)\PDFCreator\GS8.61\gs8.61\Bin\gsdll32.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - [2011.01.11 07:49:46 | 000,203,776 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2010.12.17 01:18:08 | 000,198,784 | ---- | M] (Conexant Systems Inc.) [Auto | Running] -- C:\Windows\SysNative\CxAudMsg64.exe -- (CxAudMsg)
SRV - [2012.05.09 17:43:03 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2012.05.09 17:42:58 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2012.05.08 19:05:03 | 000,257,696 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.04.27 15:55:19 | 000,129,976 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.04.04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012.01.03 15:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011.06.17 19:33:04 | 000,237,008 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\McAfee Security Scan\3.0.207\McCHSvc.exe -- (McComponentHostService)
SRV - [2011.03.14 13:44:35 | 000,352,336 | ---- | M] (Dritek System Inc.) [Auto | Running] -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe -- (DsiWMIService)
SRV - [2011.03.01 21:23:36 | 000,183,560 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011.02.25 10:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE -- (SeaPort)
SRV - [2011.01.31 22:55:14 | 000,244,624 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Programme\Acer\Acer Updater\UpdaterService.exe -- (Live Updater Service)
SRV - [2011.01.28 08:44:08 | 000,868,224 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Programme\Acer\Acer ePower Management\ePowerSvc.exe -- (ePowerSvc)
SRV - [2011.01.02 21:29:50 | 000,009,216 | ---- | M] (www.shadowexplorer.com) [Auto | Running] -- C:\Program Files (x86)\ShadowExplorer\sesvc.exe -- (sesvc)
SRV - [2010.09.28 03:09:54 | 000,172,912 | ---- | M] (Egis Technology Inc. ) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe -- (EgisTec Ticket Service)
SRV - [2010.09.23 03:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Programme\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV - [2010.09.21 23:49:00 | 002,286,976 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.01.30 01:52:58 | 000,260,640 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe -- (RS_Service)
SRV - [2010.01.08 15:21:22 | 000,023,584 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files (x86)\Acer\Registration\GREGsvc.exe -- (GREGService)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2012.05.09 17:43:04 | 000,132,832 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2012.05.09 17:43:04 | 000,098,848 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2012.04.04 15:56:40 | 000,024,904 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011.10.19 17:56:15 | 000,027,760 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr)
DRV:64bit: - [2011.04.15 10:28:13 | 000,062,584 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDVDisk.sys -- (mwlPSDVDisk)
DRV:64bit: - [2011.04.15 10:28:13 | 000,022,912 | ---- | M] (Egis Technology Inc.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDFilter.sys -- (mwlPSDFilter)
DRV:64bit: - [2011.04.15 10:28:13 | 000,020,328 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDNserv.sys -- (mwlPSDNServ)
DRV:64bit: - [2011.03.17 09:10:48 | 001,584,256 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CHDRT64.sys -- (CnxtHdAudService)
DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011.03.01 16:33:16 | 004,720,704 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2011.01.25 05:48:03 | 000,077,424 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C)
DRV:64bit: - [2011.01.13 13:46:18 | 001,412,144 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2011.01.11 08:23:38 | 008,122,368 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2011.01.11 07:13:52 | 000,290,816 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2010.12.01 10:12:06 | 000,250,984 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2010.11.28 21:50:38 | 000,044,672 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter)
DRV:64bit: - [2010.11.21 05:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.21 05:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010.11.17 01:04:32 | 000,115,216 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer.msn.com
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer.msn.com
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer.msn.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer.msn.com
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-1829406969-1796033248-114794001-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer.msn.com
IE - HKU\S-1-5-21-1829406969-1796033248-114794001-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
IE - HKU\S-1-5-21-1829406969-1796033248-114794001-1001\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-1829406969-1796033248-114794001-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_2_202_235.dll File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.04.27 15:55:19 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.05.27 16:58:38 | 000,000,000 | ---D | M]
 
[2011.12.13 23:01:49 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Judith\AppData\Roaming\mozilla\Extensions
[2012.05.02 18:12:05 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Judith\AppData\Roaming\mozilla\Firefox\Profiles\2fbozq77.default\extensions
[2012.04.28 11:07:29 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2012.04.27 15:55:18 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012.01.12 11:13:20 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.01.12 11:13:20 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012.01.12 11:13:20 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012.01.12 11:13:19 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.01.12 11:13:19 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.01.12 11:13:19 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\PROGRA~1\mcafee\msk\MSKAPB~1.DLL File not found
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2 - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\progra~1\mcafee\msk\mskapbho.dll File not found
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [Acer ePower Management] C:\Programme\Acer\Acer ePower Management\ePowerTray.exe (Acer Incorporated)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [EgisTecPMMUpdate] C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe (Egis Technology Inc.)
O4 - HKLM..\Run: [EgisUpdate] C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe (Egis Technology Inc.)
O4 - HKLM..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SuiteTray] C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe (Egis Technology Inc.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1829406969-1796033248-114794001-1001..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized File not found
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\S-1-5-21-1829406969-1796033248-114794001-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:64bit: - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~4\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~4\Office12\EXCEL.EXE/3000 File not found
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~4\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{308F94D1-A347-441F-8242-2B2929DD94F0}: DhcpNameServer = 82.144.41.8 82.145.9.8
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{494E9012-B9A2-499D-BE46-AA9226ACB9C4}: DhcpNameServer = 192.168.2.1
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Acer\Acer VCM\Skype4COM.dll (Skype Technologies)
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
 
 
SafeBootMin:64bit: AppMgmt - Service
SafeBootMin:64bit: Base - Driver Group
SafeBootMin:64bit: Boot Bus Extender - Driver Group
SafeBootMin:64bit: Boot file system - Driver Group
SafeBootMin:64bit: File system - Driver Group
SafeBootMin:64bit: Filter - Driver Group
SafeBootMin:64bit: HelpSvc - Service
SafeBootMin:64bit: MCODS - Reg Error: Value error.
SafeBootMin:64bit: PCI Configuration - Driver Group
SafeBootMin:64bit: PNP Filter - Driver Group
SafeBootMin:64bit: Primary disk - Driver Group
SafeBootMin:64bit: sacsvr - Service
SafeBootMin:64bit: SCSI Class - Driver Group
SafeBootMin:64bit: System Bus Extender - Driver Group
SafeBootMin:64bit: vmms - Service
SafeBootMin:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: MCODS - Reg Error: Value error.
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
SafeBootNet:64bit: AppMgmt - Service
SafeBootNet:64bit: Base - Driver Group
SafeBootNet:64bit: Boot Bus Extender - Driver Group
SafeBootNet:64bit: Boot file system - Driver Group
SafeBootNet:64bit: File system - Driver Group
SafeBootNet:64bit: Filter - Driver Group
SafeBootNet:64bit: HelpSvc - Service
SafeBootNet:64bit: MCODS - Reg Error: Value error.
SafeBootNet:64bit: Messenger - Service
SafeBootNet:64bit: NDIS Wrapper - Driver Group
SafeBootNet:64bit: NetBIOSGroup - Driver Group
SafeBootNet:64bit: NetDDEGroup - Driver Group
SafeBootNet:64bit: Network - Driver Group
SafeBootNet:64bit: NetworkProvider - Driver Group
SafeBootNet:64bit: PCI Configuration - Driver Group
SafeBootNet:64bit: PNP Filter - Driver Group
SafeBootNet:64bit: PNP_TDI - Driver Group
SafeBootNet:64bit: Primary disk - Driver Group
SafeBootNet:64bit: rdsessmgr - Service
SafeBootNet:64bit: sacsvr - Service
SafeBootNet:64bit: SCSI Class - Driver Group
SafeBootNet:64bit: Streams Drivers - Driver Group
SafeBootNet:64bit: System Bus Extender - Driver Group
SafeBootNet:64bit: TDI - Driver Group
SafeBootNet:64bit: vmms - Service
SafeBootNet:64bit: WudfUsbccidDriver - Driver
SafeBootNet:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet:64bit: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet:64bit: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet:64bit: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet:64bit: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet:64bit: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: MCODS - Reg Error: Value error.
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vmms - Service
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP
 
Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.06.17 13:34:51 | 000,000,000 | ---D | C] -- C:\Users\Judith\Desktop\100612 - Kopie
[2012.06.17 13:30:35 | 000,000,000 | ---D | C] -- C:\Users\Judith\Desktop\verschluesselte Dateien
[2012.06.16 22:57:14 | 000,000,000 | ---D | C] -- C:\Users\Judith\Desktop\100612
[2012.06.15 22:16:48 | 000,000,000 | ---D | C] -- C:\Users\Judith\Desktop\shadow
[2012.06.15 22:15:15 | 000,000,000 | ---D | C] -- C:\Users\Judith\AppData\Roaming\www.shadowexplorer.com
[2012.06.15 22:14:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ShadowExplorer
[2012.06.15 22:14:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ShadowExplorer
[2012.06.15 20:55:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET
[2012.06.13 17:06:07 | 000,000,000 | ---D | C] -- C:\Users\Judith\Desktop\für tb
[2012.06.12 20:30:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip
[2012.06.12 20:30:18 | 000,000,000 | ---D | C] -- C:\ProgramData\WinZip
[2012.06.12 20:30:14 | 000,000,000 | ---D | C] -- C:\Program Files\WinZip
[2012.06.12 12:39:29 | 000,000,000 | ---D | C] -- C:\Users\Judith\AppData\Roaming\Malwarebytes
[2012.06.12 12:39:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.06.12 12:39:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.06.12 12:39:12 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012.06.12 12:39:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012.06.12 10:33:15 | 000,000,000 | ---D | C] -- C:\Users\Judith\Szsrxdtff
[2012.05.26 20:44:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
 
========== Files - Modified Within 30 Days ==========
 
[2012.06.18 12:53:45 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.06.18 12:52:01 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.06.18 12:44:16 | 001,498,506 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.06.18 12:44:16 | 000,654,166 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.06.18 12:44:16 | 000,616,008 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.06.18 12:44:16 | 000,130,006 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.06.18 12:44:16 | 000,106,388 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.06.18 12:41:59 | 000,001,110 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.06.18 12:41:28 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.06.17 19:22:25 | 000,016,752 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.06.17 19:22:25 | 000,016,752 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.06.17 19:14:16 | 1392,693,248 | -HS- | M] () -- C:\hiberfil.sys
[2012.06.16 13:30:59 | 000,303,904 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012.06.15 22:14:55 | 000,001,889 | ---- | M] () -- C:\Users\Judith\Desktop\ShadowExplorer.lnk
[2012.06.12 20:30:39 | 000,002,193 | ---- | M] () -- C:\Users\Public\Desktop\WinZip.lnk
[2012.06.12 19:41:10 | 000,000,000 | ---- | M] () -- C:\Users\Judith\defogger_reenable
[2012.06.12 12:39:15 | 000,001,113 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.06.12 11:17:28 | 000,002,705 | ---- | M] () -- C:\Users\Public\Desktop\Microsoft Office PowerPoint 2007.lnk
[2012.05.26 20:44:00 | 000,002,098 | ---- | M] () -- C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
[2012.05.26 20:44:00 | 000,002,098 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
 
========== Files Created - No Company Name ==========
 
[2012.06.15 22:14:55 | 000,001,889 | ---- | C] () -- C:\Users\Judith\Desktop\ShadowExplorer.lnk
[2012.06.12 20:30:39 | 000,002,193 | ---- | C] () -- C:\Users\Public\Desktop\WinZip.lnk
[2012.06.12 19:41:10 | 000,000,000 | ---- | C] () -- C:\Users\Judith\defogger_reenable
[2012.06.12 12:39:15 | 000,001,113 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.06.12 11:17:28 | 000,002,705 | ---- | C] () -- C:\Users\Public\Desktop\Microsoft Office PowerPoint 2007.lnk
[2012.02.16 22:53:43 | 000,006,656 | ---- | C] () -- C:\Users\Judith\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.07.25 00:09:01 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2011.04.15 09:46:50 | 000,066,856 | ---- | C] () -- C:\Windows\SysWow64\SynTPEnhPS.dll
[2011.04.15 09:46:02 | 000,002,888 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2011.04.15 09:25:13 | 000,131,984 | ---- | C] () -- C:\ProgramData\FullRemove.exe
 
========== LOP Check ==========
 
[2011.11.19 14:51:45 | 000,000,000 | ---D | M] -- C:\Users\Judith\AppData\Roaming\Windows Live Writer
[2012.06.15 22:15:15 | 000,000,000 | ---D | M] -- C:\Users\Judith\AppData\Roaming\www.shadowexplorer.com
[2012.02.09 13:59:22 | 000,032,632 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
< %ALLUSERSPROFILE%\Application Data\*. >
 
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
 
< %APPDATA%\*. >
[2012.01.05 14:17:45 | 000,000,000 | ---D | M] -- C:\Users\Judith\AppData\Roaming\Adobe
[2011.12.03 17:25:47 | 000,000,000 | ---D | M] -- C:\Users\Judith\AppData\Roaming\Avira
[2010.11.21 04:51:08 | 000,000,000 | ---D | M] -- C:\Users\Judith\AppData\Roaming\Identities
[2011.04.15 10:33:18 | 000,000,000 | ---D | M] -- C:\Users\Judith\AppData\Roaming\Macromedia
[2012.06.12 12:39:29 | 000,000,000 | ---D | M] -- C:\Users\Judith\AppData\Roaming\Malwarebytes
[2012.06.15 22:31:15 | 000,000,000 | --SD | M] -- C:\Users\Judith\AppData\Roaming\Microsoft
[2011.12.13 23:01:49 | 000,000,000 | ---D | M] -- C:\Users\Judith\AppData\Roaming\Mozilla
[2011.11.19 14:51:45 | 000,000,000 | ---D | M] -- C:\Users\Judith\AppData\Roaming\Windows Live Writer
[2012.06.15 22:15:15 | 000,000,000 | ---D | M] -- C:\Users\Judith\AppData\Roaming\www.shadowexplorer.com
 
< %APPDATA%\*.exe /s >
 
< %SYSTEMDRIVE%\*.exe >
 
< MD5 for: AGP440.SYS  >
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys
 
< MD5 for: ATAPI.SYS  >
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
 
< MD5 for: CNGAUDIT.DLL  >
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\SysNative\cngaudit.dll
[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll
 
< MD5 for: IASTORV.SYS  >
[2010.11.21 05:23:47 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_668286aa35d55928\iaStorV.sys
[2010.11.21 05:23:47 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_0d3757e79e6784d0\iaStorV.sys
[2011.03.11 08:19:16 | 000,410,496 | ---- | M] (Intel Corporation) MD5=5B3DE7208E5000D5B451B9D290D2579C -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_0d714416b7c182d5\iaStorV.sys
[2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\drivers\iaStorV.sys
[2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0bcee2057afcc090\iaStorV.sys
[2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_0cf9793d9e95787b\iaStorV.sys
 
< MD5 for: NETLOGON.DLL  >
[2010.11.21 05:24:01 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\SysNative\netlogon.dll
[2010.11.21 05:24:01 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll
[2010.11.21 05:24:09 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SysWOW64\netlogon.dll
[2010.11.21 05:24:09 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll
 
< MD5 for: NVSTOR.SYS  >
[2011.03.11 08:19:21 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys
[2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\drivers\nvstor.sys
[2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvstor.sys
[2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys
[2010.11.21 05:23:47 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvstor.sys
[2010.11.21 05:23:47 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvstor.sys
 
< MD5 for: SCECLI.DLL  >
[2010.11.21 05:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010.11.21 05:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010.11.21 05:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010.11.21 05:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll
 
< MD5 for: USER32.DLL  >
[2010.11.21 05:24:20 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\SysWOW64\user32.dll
[2010.11.21 05:24:20 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_35b31c02b85ccb6e\user32.dll
[2010.11.21 05:24:09 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\SysNative\user32.dll
[2010.11.21 05:24:09 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_2b5e71b083fc0973\user32.dll
 
< MD5 for: USERINIT.EXE  >
[2010.11.21 05:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.21 05:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2010.11.21 05:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010.11.21 05:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe
 
< MD5 for: WININIT.EXE  >
[2009.07.14 03:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\SysNative\wininit.exe
[2009.07.14 03:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\winsxs\amd64_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_8ce7aa761e01ad49\wininit.exe
[2009.07.14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\SysWOW64\wininit.exe
[2009.07.14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe
 
< MD5 for: WINLOGON.EXE  >
[2012.04.04 15:56:38 | 000,199,240 | ---- | M] () MD5=097D0E812D7A9A3101CE46CB2BE0474D -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2010.11.21 05:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010.11.21 05:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
 
< MD5 for: WS2IFSL.SYS  >
[2009.07.14 02:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\SysNative\drivers\ws2ifsl.sys
[2009.07.14 02:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\winsxs\amd64_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_ab7b927be17eace8\ws2ifsl.sys
 
< %systemroot%\system32\drivers\*.sys /lockedfiles >
 
< %systemroot%\System32\config\*.sav >
 
< %systemroot%\*. /mp /s >
 
< %systemroot%\system32\*.dll /lockedfiles >
 
<           >

< End of report >
         
Merci!
Judith

Alt 18.06.2012, 14:16   #8
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Verschlüsselungstrojaner - Standard

Verschlüsselungstrojaner



Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten Anleitung und Downloadlink hier => http://www.trojaner-board.de/82358-t...entfernen.html

Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm!

Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet,
Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten.
Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition (meistens Laufwerk C nach, da speichert der TDSS-Killer seine Logs.

Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten!

__________________
Logfiles bitte immer in CODE-Tags posten

Alt 18.06.2012, 22:44   #9
anne1282
 
Verschlüsselungstrojaner - Standard

Verschlüsselungstrojaner



Code:
ATTFilter
23:38:34.0314 4864	TDSS rootkit removing tool 2.7.40.0 Jun 15 2012 15:13:31
23:38:34.0728 4864	============================================================
23:38:34.0728 4864	Current date / time: 2012/06/18 23:38:34.0728
23:38:34.0728 4864	SystemInfo:
23:38:34.0728 4864	
23:38:34.0728 4864	OS Version: 6.1.7601 ServicePack: 1.0
23:38:34.0728 4864	Product type: Workstation
23:38:34.0729 4864	ComputerName: JUDITH-PC
23:38:34.0729 4864	UserName: Judith
23:38:34.0729 4864	Windows directory: C:\Windows
23:38:34.0729 4864	System windows directory: C:\Windows
23:38:34.0729 4864	Running under WOW64
23:38:34.0729 4864	Processor architecture: Intel x64
23:38:34.0729 4864	Number of processors: 2
23:38:34.0729 4864	Page size: 0x1000
23:38:34.0729 4864	Boot type: Normal boot
23:38:34.0729 4864	============================================================
23:38:37.0329 4864	Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
23:38:37.0352 4864	============================================================
23:38:37.0352 4864	\Device\Harddisk0\DR0:
23:38:37.0353 4864	MBR partitions:
23:38:37.0353 4864	\Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x1C00800, BlocksNum 0x32000
23:38:37.0353 4864	\Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1C32800, BlocksNum 0x237FB800
23:38:37.0353 4864	============================================================
23:38:37.0381 4864	C: <-> \Device\Harddisk0\DR0\Partition1
23:38:37.0391 4864	============================================================
23:38:37.0392 4864	Initialize success
23:38:37.0392 4864	============================================================
23:39:22.0966 3868	============================================================
23:39:22.0966 3868	Scan started
23:39:22.0966 3868	Mode: Manual; SigCheck; TDLFS; 
23:39:22.0966 3868	============================================================
23:39:23.0977 3868	1394ohci        (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
23:39:24.0452 3868	1394ohci - ok
23:39:24.0513 3868	ACPI            (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
23:39:24.0572 3868	ACPI - ok
23:39:24.0608 3868	AcpiPmi         (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
23:39:24.0715 3868	AcpiPmi - ok
23:39:24.0819 3868	AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
23:39:24.0905 3868	AdobeARMservice - ok
23:39:25.0048 3868	AdobeFlashPlayerUpdateSvc (76d5a3d2a50402a0b9b6ed13c4371e79) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
23:39:25.0093 3868	AdobeFlashPlayerUpdateSvc - ok
23:39:25.0165 3868	adp94xx         (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
23:39:25.0231 3868	adp94xx - ok
23:39:25.0303 3868	adpahci         (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
23:39:25.0403 3868	adpahci - ok
23:39:25.0435 3868	adpu320         (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
23:39:25.0475 3868	adpu320 - ok
23:39:25.0513 3868	AeLookupSvc     (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
23:39:25.0773 3868	AeLookupSvc - ok
23:39:25.0862 3868	AFD             (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
23:39:25.0970 3868	AFD - ok
23:39:26.0020 3868	agp440          (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
23:39:26.0064 3868	agp440 - ok
23:39:26.0090 3868	ALG             (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
23:39:26.0188 3868	ALG - ok
23:39:26.0212 3868	aliide          (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
23:39:26.0245 3868	aliide - ok
23:39:26.0297 3868	AMD External Events Utility (0497e13936e43065c85be3c9cdc0258b) C:\Windows\system32\atiesrxx.exe
23:39:26.0426 3868	AMD External Events Utility - ok
23:39:26.0440 3868	amdide          (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
23:39:26.0474 3868	amdide - ok
23:39:26.0499 3868	AmdK8           (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
23:39:26.0579 3868	AmdK8 - ok
23:39:27.0212 3868	amdkmdag        (679999d8808c1784dcb9bd59c19ae32f) C:\Windows\system32\DRIVERS\atikmdag.sys
23:39:27.0638 3868	amdkmdag - ok
23:39:27.0797 3868	amdkmdap        (a4769eaf3936da861b9b1c9e5bd2fc52) C:\Windows\system32\DRIVERS\atikmpag.sys
23:39:27.0892 3868	amdkmdap - ok
23:39:27.0935 3868	AmdPPM          (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
23:39:28.0011 3868	AmdPPM - ok
23:39:28.0055 3868	amdsata         (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
23:39:28.0093 3868	amdsata - ok
23:39:28.0126 3868	amdsbs          (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
23:39:28.0174 3868	amdsbs - ok
23:39:28.0195 3868	amdxata         (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
23:39:28.0229 3868	amdxata - ok
23:39:28.0328 3868	AntiVirSchedulerService (466a0d95960dad3222c896d2cea99993) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
23:39:28.0379 3868	AntiVirSchedulerService - ok
23:39:28.0414 3868	AntiVirService  (a489be6bb0aa1ff406b488b60542314b) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
23:39:28.0453 3868	AntiVirService - ok
23:39:28.0477 3868	AppID           (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
23:39:28.0698 3868	AppID - ok
23:39:28.0729 3868	AppIDSvc        (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
23:39:28.0849 3868	AppIDSvc - ok
23:39:28.0886 3868	Appinfo         (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
23:39:29.0012 3868	Appinfo - ok
23:39:29.0033 3868	arc             (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
23:39:29.0069 3868	arc - ok
23:39:29.0090 3868	arcsas          (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
23:39:29.0127 3868	arcsas - ok
23:39:29.0143 3868	AsyncMac        (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
23:39:29.0267 3868	AsyncMac - ok
23:39:29.0286 3868	atapi           (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
23:39:29.0319 3868	atapi - ok
23:39:29.0382 3868	AtiHDAudioService (4bf5bca6e2608cd8a00bc4a6673a9f47) C:\Windows\system32\drivers\AtihdW76.sys
23:39:29.0524 3868	AtiHDAudioService - ok
23:39:29.0633 3868	AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
23:39:29.0801 3868	AudioEndpointBuilder - ok
23:39:29.0821 3868	AudioSrv        (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
23:39:29.0940 3868	AudioSrv - ok
23:39:29.0985 3868	avgntflt        (26e38b5a58c6c55fafbc563eeddb0867) C:\Windows\system32\DRIVERS\avgntflt.sys
23:39:30.0018 3868	avgntflt - ok
23:39:30.0049 3868	avipbb          (9d1f00beff84cbbf46d7f052bc7e0565) C:\Windows\system32\DRIVERS\avipbb.sys
23:39:30.0096 3868	avipbb - ok
23:39:30.0113 3868	avkmgr          (248db59fc86de44d2779f4c7fb1a567d) C:\Windows\system32\DRIVERS\avkmgr.sys
23:39:30.0144 3868	avkmgr - ok
23:39:30.0188 3868	AxInstSV        (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
23:39:30.0341 3868	AxInstSV - ok
23:39:30.0417 3868	b06bdrv         (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
23:39:30.0525 3868	b06bdrv - ok
23:39:30.0590 3868	b57nd60a        (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
23:39:30.0682 3868	b57nd60a - ok
23:39:30.0802 3868	BBSvc           (93ee7d9c35ae7e9ffda148d7805f1421) C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
23:39:30.0867 3868	BBSvc - ok
23:39:31.0290 3868	BCM43XX         (85111026f1c5a1c4cce3697f0da7bc1a) C:\Windows\system32\DRIVERS\bcmwl664.sys
23:39:31.0589 3868	BCM43XX - ok
23:39:31.0740 3868	BDESVC          (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
23:39:31.0832 3868	BDESVC - ok
23:39:31.0879 3868	Beep            (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
23:39:32.0025 3868	Beep - ok
23:39:32.0113 3868	BFE             (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
23:39:32.0267 3868	BFE - ok
23:39:32.0354 3868	BITS            (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
23:39:32.0588 3868	BITS - ok
23:39:32.0660 3868	blbdrive        (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\drivers\blbdrive.sys
23:39:32.0714 3868	blbdrive - ok
23:39:32.0757 3868	bowser          (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
23:39:32.0842 3868	bowser - ok
23:39:32.0872 3868	BrFiltLo        (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
23:39:32.0940 3868	BrFiltLo - ok
23:39:32.0954 3868	BrFiltUp        (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
23:39:33.0001 3868	BrFiltUp - ok
23:39:33.0037 3868	Browser         (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
23:39:33.0181 3868	Browser - ok
23:39:33.0238 3868	Brserid         (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\system32\DRIVERS\BrSerId.sys
23:39:33.0325 3868	Brserid - ok
23:39:33.0342 3868	BrSerWdm        (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
23:39:33.0396 3868	BrSerWdm - ok
23:39:33.0407 3868	BrUsbMdm        (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
23:39:33.0457 3868	BrUsbMdm - ok
23:39:33.0468 3868	BrUsbSer        (a87528880231c54e75ea7a44943b38bf) C:\Windows\system32\DRIVERS\BrUsbSer.sys
23:39:33.0513 3868	BrUsbSer - ok
23:39:33.0546 3868	BTHMODEM        (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys
23:39:33.0621 3868	BTHMODEM - ok
23:39:33.0697 3868	bthserv         (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
23:39:33.0817 3868	bthserv - ok
23:39:33.0849 3868	cdfs            (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
23:39:33.0998 3868	cdfs - ok
23:39:34.0038 3868	cdrom           (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys
23:39:34.0088 3868	cdrom - ok
23:39:34.0120 3868	CertPropSvc     (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
23:39:34.0287 3868	CertPropSvc - ok
23:39:34.0304 3868	circlass        (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
23:39:34.0371 3868	circlass - ok
23:39:34.0415 3868	CLFS            (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
23:39:34.0478 3868	CLFS - ok
23:39:34.0574 3868	clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
23:39:34.0615 3868	clr_optimization_v2.0.50727_32 - ok
23:39:34.0655 3868	clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
23:39:34.0688 3868	clr_optimization_v2.0.50727_64 - ok
23:39:34.0781 3868	clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
23:39:34.0826 3868	clr_optimization_v4.0.30319_32 - ok
23:39:34.0867 3868	clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
23:39:34.0909 3868	clr_optimization_v4.0.30319_64 - ok
23:39:34.0952 3868	CmBatt          (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys
23:39:34.0999 3868	CmBatt - ok
23:39:35.0023 3868	cmdide          (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
23:39:35.0058 3868	cmdide - ok
23:39:35.0133 3868	CNG             (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
23:39:35.0245 3868	CNG - ok
23:39:35.0422 3868	CnxtHdAudService (64ee11cbf385ca6f170fbe93b329b4e0) C:\Windows\system32\drivers\CHDRT64.sys
23:39:35.0554 3868	CnxtHdAudService - ok
23:39:35.0705 3868	Compbatt        (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys
23:39:35.0748 3868	Compbatt - ok
23:39:35.0771 3868	CompositeBus    (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
23:39:35.0831 3868	CompositeBus - ok
23:39:35.0845 3868	COMSysApp - ok
23:39:35.0871 3868	crcdisk         (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
23:39:35.0905 3868	crcdisk - ok
23:39:35.0979 3868	CryptSvc        (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll
23:39:36.0059 3868	CryptSvc - ok
23:39:36.0118 3868	CxAudMsg        (9d0d050170d47e778b624a28c90f23de) C:\Windows\system32\CxAudMsg64.exe
23:39:36.0167 3868	CxAudMsg - ok
23:39:36.0233 3868	DcomLaunch      (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
23:39:36.0419 3868	DcomLaunch - ok
23:39:36.0478 3868	defragsvc       (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
23:39:36.0645 3868	defragsvc - ok
23:39:36.0672 3868	DfsC            (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
23:39:36.0793 3868	DfsC - ok
23:39:36.0859 3868	Dhcp            (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
23:39:36.0999 3868	Dhcp - ok
23:39:37.0018 3868	discache        (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
23:39:37.0135 3868	discache - ok
23:39:37.0172 3868	Disk            (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
23:39:37.0211 3868	Disk - ok
23:39:37.0260 3868	Dnscache        (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
23:39:37.0337 3868	Dnscache - ok
23:39:37.0394 3868	dot3svc         (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
23:39:37.0531 3868	dot3svc - ok
23:39:37.0580 3868	DPS             (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
23:39:37.0709 3868	DPS - ok
23:39:37.0746 3868	drmkaud         (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
23:39:37.0805 3868	drmkaud - ok
23:39:37.0939 3868	DsiWMIService   (4ab2a58816cc6be771f1d8c768b804c5) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
23:39:38.0004 3868	DsiWMIService - ok
23:39:38.0107 3868	DXGKrnl         (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
23:39:38.0207 3868	DXGKrnl - ok
23:39:38.0303 3868	EapHost         (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
23:39:38.0442 3868	EapHost - ok
23:39:38.0727 3868	ebdrv           (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
23:39:38.0917 3868	ebdrv - ok
23:39:39.0047 3868	EFS             (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
23:39:39.0133 3868	EFS - ok
23:39:39.0220 3868	EgisTec Ticket Service (03e6888da1a85acf14ac2a3c328a9e62) C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe
23:39:39.0273 3868	EgisTec Ticket Service - ok
23:39:39.0392 3868	ehRecvr         (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
23:39:39.0513 3868	ehRecvr - ok
23:39:39.0538 3868	ehSched         (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
23:39:39.0592 3868	ehSched - ok
23:39:39.0709 3868	elxstor         (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
23:39:39.0782 3868	elxstor - ok
23:39:39.0921 3868	ePowerSvc       (753fad8fd476116fa93799b0db77702b) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
23:39:40.0010 3868	ePowerSvc - ok
23:39:40.0098 3868	ErrDev          (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
23:39:40.0157 3868	ErrDev - ok
23:39:40.0228 3868	EventSystem     (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
23:39:40.0387 3868	EventSystem - ok
23:39:40.0422 3868	exfat           (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
23:39:40.0553 3868	exfat - ok
23:39:40.0633 3868	fastfat         (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
23:39:40.0801 3868	fastfat - ok
23:39:40.0903 3868	Fax             (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
23:39:41.0008 3868	Fax - ok
23:39:41.0021 3868	fdc             (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
23:39:41.0069 3868	fdc - ok
23:39:41.0089 3868	fdPHost         (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
23:39:41.0223 3868	fdPHost - ok
23:39:41.0246 3868	FDResPub        (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
23:39:41.0359 3868	FDResPub - ok
23:39:41.0408 3868	FileInfo        (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
23:39:41.0446 3868	FileInfo - ok
23:39:41.0467 3868	Filetrace       (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
23:39:41.0593 3868	Filetrace - ok
23:39:41.0604 3868	flpydisk        (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
23:39:41.0640 3868	flpydisk - ok
23:39:41.0687 3868	FltMgr          (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
23:39:41.0746 3868	FltMgr - ok
23:39:41.0877 3868	FontCache       (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
23:39:42.0001 3868	FontCache - ok
23:39:42.0099 3868	FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
23:39:42.0133 3868	FontCache3.0.0.0 - ok
23:39:42.0191 3868	FsDepends       (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
23:39:42.0228 3868	FsDepends - ok
23:39:42.0278 3868	Fs_Rec          (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
23:39:42.0314 3868	Fs_Rec - ok
23:39:42.0367 3868	fvevol          (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
23:39:42.0432 3868	fvevol - ok
23:39:42.0459 3868	gagp30kx        (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
23:39:42.0495 3868	gagp30kx - ok
23:39:42.0580 3868	gpsvc           (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
23:39:42.0728 3868	gpsvc - ok
23:39:42.0804 3868	GREGService     (0191dee9b9eb7902af2cf4f67301095d) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
23:39:42.0840 3868	GREGService - ok
23:39:42.0909 3868	gupdate         (506708142bc63daba64f2d3ad1dcd5bf) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
23:39:42.0948 3868	gupdate - ok
23:39:42.0972 3868	gupdatem        (506708142bc63daba64f2d3ad1dcd5bf) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
23:39:43.0007 3868	gupdatem - ok
23:39:43.0034 3868	hcw85cir        (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
23:39:43.0108 3868	hcw85cir - ok
23:39:43.0154 3868	HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
23:39:43.0244 3868	HdAudAddService - ok
23:39:43.0765 3868	HDAudBus        (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
23:39:43.0876 3868	HDAudBus - ok
23:39:43.0888 3868	HidBatt         (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
23:39:43.0934 3868	HidBatt - ok
23:39:43.0953 3868	HidBth          (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
23:39:44.0032 3868	HidBth - ok
23:39:44.0046 3868	HidIr           (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
23:39:44.0090 3868	HidIr - ok
23:39:44.0114 3868	hidserv         (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
23:39:44.0234 3868	hidserv - ok
23:39:44.0262 3868	HidUsb          (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
23:39:44.0303 3868	HidUsb - ok
23:39:44.0338 3868	hkmsvc          (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
23:39:44.0467 3868	hkmsvc - ok
23:39:44.0509 3868	HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
23:39:44.0597 3868	HomeGroupListener - ok
23:39:44.0657 3868	HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
23:39:44.0732 3868	HomeGroupProvider - ok
23:39:44.0762 3868	HpSAMD          (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
23:39:44.0802 3868	HpSAMD - ok
23:39:44.0880 3868	HTTP            (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
23:39:45.0037 3868	HTTP - ok
23:39:45.0072 3868	hwpolicy        (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
23:39:45.0105 3868	hwpolicy - ok
23:39:45.0156 3868	i8042prt        (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
23:39:45.0194 3868	i8042prt - ok
23:39:45.0264 3868	iaStorV         (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
23:39:45.0355 3868	iaStorV - ok
23:39:45.0479 3868	idsvc           (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
23:39:45.0562 3868	idsvc - ok
23:39:45.0591 3868	iirsp           (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
23:39:45.0627 3868	iirsp - ok
23:39:45.0723 3868	IKEEXT          (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
23:39:45.0886 3868	IKEEXT - ok
23:39:45.0903 3868	intelide        (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
23:39:45.0936 3868	intelide - ok
23:39:45.0966 3868	intelppm        (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\drivers\intelppm.sys
23:39:46.0009 3868	intelppm - ok
23:39:46.0032 3868	IPBusEnum       (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
23:39:46.0167 3868	IPBusEnum - ok
23:39:46.0186 3868	IpFilterDriver  (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
23:39:46.0288 3868	IpFilterDriver - ok
23:39:46.0351 3868	iphlpsvc        (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
23:39:46.0500 3868	iphlpsvc - ok
23:39:46.0518 3868	IPMIDRV         (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
23:39:46.0557 3868	IPMIDRV - ok
23:39:46.0587 3868	IPNAT           (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
23:39:46.0699 3868	IPNAT - ok
23:39:46.0733 3868	IRENUM          (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
23:39:46.0783 3868	IRENUM - ok
23:39:46.0795 3868	isapnp          (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
23:39:46.0827 3868	isapnp - ok
23:39:46.0871 3868	iScsiPrt        (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
23:39:46.0927 3868	iScsiPrt - ok
23:39:46.0954 3868	kbdclass        (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
23:39:46.0990 3868	kbdclass - ok
23:39:47.0004 3868	kbdhid          (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
23:39:47.0055 3868	kbdhid - ok
23:39:47.0095 3868	KeyIso          (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
23:39:47.0128 3868	KeyIso - ok
23:39:47.0152 3868	KSecDD          (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
23:39:47.0189 3868	KSecDD - ok
23:39:47.0239 3868	KSecPkg         (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
23:39:47.0290 3868	KSecPkg - ok
23:39:47.0320 3868	ksthunk         (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
23:39:47.0442 3868	ksthunk - ok
23:39:47.0516 3868	KtmRm           (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
23:39:47.0652 3868	KtmRm - ok
23:39:47.0689 3868	L1C             (6dd5383c9413aae3113faf89e345663d) C:\Windows\system32\DRIVERS\L1C62x64.sys
23:39:47.0719 3868	L1C - ok
23:39:47.0771 3868	LanmanServer    (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
23:39:47.0908 3868	LanmanServer - ok
23:39:47.0947 3868	LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
23:39:48.0084 3868	LanmanWorkstation - ok
23:39:48.0182 3868	Live Updater Service (6bcee9c766815bfff89de7d81af34ce1) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
23:39:48.0235 3868	Live Updater Service - ok
23:39:48.0278 3868	lltdio          (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
23:39:48.0403 3868	lltdio - ok
23:39:48.0466 3868	lltdsvc         (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
23:39:48.0596 3868	lltdsvc - ok
23:39:48.0617 3868	lmhosts         (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
23:39:48.0747 3868	lmhosts - ok
23:39:48.0812 3868	LSI_FC          (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
23:39:48.0870 3868	LSI_FC - ok
23:39:48.0891 3868	LSI_SAS         (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
23:39:48.0941 3868	LSI_SAS - ok
23:39:48.0956 3868	LSI_SAS2        (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
23:39:48.0993 3868	LSI_SAS2 - ok
23:39:49.0017 3868	LSI_SCSI        (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
23:39:49.0055 3868	LSI_SCSI - ok
23:39:49.0110 3868	luafv           (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
23:39:49.0251 3868	luafv - ok
23:39:49.0327 3868	MBAMProtector   (dbc08862a71459e74f7538b432c114cc) C:\Windows\system32\drivers\mbam.sys
23:39:49.0370 3868	MBAMProtector - ok
23:39:49.0501 3868	MBAMService     (ba400ed640bca1eae5c727ae17c10207) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
23:39:49.0578 3868	MBAMService - ok
23:39:49.0691 3868	McComponentHostService (22a7776c5d8eb5930edf9c8dd0884259) C:\Program Files (x86)\McAfee Security Scan\3.0.207\McCHSvc.exe
23:39:49.0747 3868	McComponentHostService - ok
23:39:49.0783 3868	Mcx2Svc         (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
23:39:49.0836 3868	Mcx2Svc - ok
23:39:49.0861 3868	megasas         (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
23:39:49.0896 3868	megasas - ok
23:39:49.0954 3868	MegaSR          (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
23:39:50.0008 3868	MegaSR - ok
23:39:50.0039 3868	MMCSS           (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
23:39:50.0154 3868	MMCSS - ok
23:39:50.0171 3868	Modem           (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
23:39:50.0284 3868	Modem - ok
23:39:50.0305 3868	monitor         (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
23:39:50.0355 3868	monitor - ok
23:39:50.0379 3868	mouclass        (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
23:39:50.0414 3868	mouclass - ok
23:39:50.0442 3868	mouhid          (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
23:39:50.0488 3868	mouhid - ok
23:39:50.0514 3868	mountmgr        (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
23:39:50.0551 3868	mountmgr - ok
23:39:50.0621 3868	MozillaMaintenance (96aa8ba23142cc8e2b30f3cae0c80254) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
23:39:50.0671 3868	MozillaMaintenance - ok
23:39:50.0698 3868	mpio            (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
23:39:50.0747 3868	mpio - ok
23:39:50.0782 3868	mpsdrv          (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
23:39:50.0886 3868	mpsdrv - ok
23:39:50.0984 3868	MpsSvc          (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
23:39:51.0189 3868	MpsSvc - ok
23:39:51.0222 3868	MRxDAV          (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
23:39:51.0288 3868	MRxDAV - ok
23:39:51.0328 3868	mrxsmb          (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
23:39:51.0439 3868	mrxsmb - ok
23:39:51.0482 3868	mrxsmb10        (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
23:39:51.0546 3868	mrxsmb10 - ok
23:39:51.0588 3868	mrxsmb20        (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
23:39:51.0642 3868	mrxsmb20 - ok
23:39:51.0684 3868	msahci          (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
23:39:51.0716 3868	msahci - ok
23:39:51.0746 3868	msdsm           (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
23:39:51.0796 3868	msdsm - ok
23:39:51.0838 3868	MSDTC           (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
23:39:51.0889 3868	MSDTC - ok
23:39:51.0929 3868	Msfs            (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
23:39:52.0034 3868	Msfs - ok
23:39:52.0053 3868	mshidkmdf       (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
23:39:52.0164 3868	mshidkmdf - ok
23:39:52.0188 3868	msisadrv        (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
23:39:52.0222 3868	msisadrv - ok
23:39:52.0265 3868	MSiSCSI         (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
23:39:52.0387 3868	MSiSCSI - ok
23:39:52.0396 3868	msiserver - ok
23:39:52.0419 3868	MSKSSRV         (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
23:39:52.0535 3868	MSKSSRV - ok
23:39:52.0549 3868	MSPCLOCK        (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
23:39:52.0661 3868	MSPCLOCK - ok
23:39:52.0671 3868	MSPQM           (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
23:39:52.0778 3868	MSPQM - ok
23:39:52.0829 3868	MsRPC           (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
23:39:52.0891 3868	MsRPC - ok
23:39:52.0916 3868	mssmbios        (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
23:39:52.0950 3868	mssmbios - ok
23:39:52.0960 3868	MSTEE           (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
23:39:53.0069 3868	MSTEE - ok
23:39:53.0080 3868	MTConfig        (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
23:39:53.0115 3868	MTConfig - ok
23:39:53.0142 3868	Mup             (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
23:39:53.0177 3868	Mup - ok
23:39:53.0220 3868	mwlPSDFilter    (9b1eac6faf6f37305e822f5588dc8056) C:\Windows\system32\DRIVERS\mwlPSDFilter.sys
23:39:53.0248 3868	mwlPSDFilter - ok
23:39:53.0274 3868	mwlPSDNServ     (ad55c1524b296280ed9c6e0d730d35da) C:\Windows\system32\DRIVERS\mwlPSDNServ.sys
23:39:53.0303 3868	mwlPSDNServ - ok
23:39:53.0328 3868	mwlPSDVDisk     (2b599e6ec8843637bdd62e7f8f3ba201) C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys
23:39:53.0358 3868	mwlPSDVDisk - ok
23:39:53.0427 3868	napagent        (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
23:39:53.0564 3868	napagent - ok
23:39:53.0614 3868	NativeWifiP     (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
23:39:53.0697 3868	NativeWifiP - ok
23:39:53.0802 3868	NDIS            (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
23:39:53.0904 3868	NDIS - ok
23:39:53.0926 3868	NdisCap         (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
23:39:54.0034 3868	NdisCap - ok
23:39:54.0065 3868	NdisTapi        (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
23:39:54.0168 3868	NdisTapi - ok
23:39:54.0205 3868	Ndisuio         (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
23:39:54.0320 3868	Ndisuio - ok
23:39:54.0351 3868	NdisWan         (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
23:39:54.0479 3868	NdisWan - ok
23:39:54.0505 3868	NDProxy         (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
23:39:54.0608 3868	NDProxy - ok
23:39:54.0626 3868	NetBIOS         (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
23:39:54.0742 3868	NetBIOS - ok
23:39:54.0783 3868	NetBT           (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
23:39:54.0902 3868	NetBT - ok
23:39:54.0943 3868	Netlogon        (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
23:39:54.0994 3868	Netlogon - ok
23:39:55.0064 3868	Netman          (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
23:39:55.0208 3868	Netman - ok
23:39:55.0272 3868	netprofm        (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
23:39:55.0419 3868	netprofm - ok
23:39:55.0512 3868	NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
23:39:55.0556 3868	NetTcpPortSharing - ok
23:39:55.0610 3868	nfrd960         (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
23:39:55.0645 3868	nfrd960 - ok
23:39:55.0715 3868	NlaSvc          (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
23:39:55.0850 3868	NlaSvc - ok
23:39:55.0878 3868	Npfs            (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
23:39:55.0982 3868	Npfs - ok
23:39:56.0003 3868	nsi             (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
23:39:56.0116 3868	nsi - ok
23:39:56.0139 3868	nsiproxy        (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
23:39:56.0243 3868	nsiproxy - ok
23:39:56.0413 3868	Ntfs            (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
23:39:56.0564 3868	Ntfs - ok
23:39:56.0705 3868	Null            (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
23:39:56.0819 3868	Null - ok
23:39:56.0858 3868	nvraid          (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
23:39:56.0906 3868	nvraid - ok
23:39:56.0938 3868	nvstor          (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
23:39:56.0986 3868	nvstor - ok
23:39:57.0018 3868	nv_agp          (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
23:39:57.0067 3868	nv_agp - ok
23:39:57.0190 3868	odserv          (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
23:39:57.0271 3868	odserv - ok
23:39:57.0292 3868	ohci1394        (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
23:39:57.0373 3868	ohci1394 - ok
23:39:57.0421 3868	ose             (5a432a042dae460abe7199b758e8606c) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
23:39:57.0474 3868	ose - ok
23:39:57.0535 3868	p2pimsvc        (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
23:39:57.0627 3868	p2pimsvc - ok
23:39:57.0677 3868	p2psvc          (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
23:39:57.0736 3868	p2psvc - ok
23:39:57.0758 3868	Parport         (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys
23:39:57.0798 3868	Parport - ok
23:39:57.0845 3868	partmgr         (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
23:39:57.0881 3868	partmgr - ok
23:39:57.0910 3868	PcaSvc          (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
23:39:57.0993 3868	PcaSvc - ok
23:39:58.0023 3868	pci             (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
23:39:58.0072 3868	pci - ok
23:39:58.0093 3868	pciide          (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
23:39:58.0127 3868	pciide - ok
23:39:58.0165 3868	pcmcia          (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
23:39:58.0215 3868	pcmcia - ok
23:39:58.0254 3868	pcw             (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
23:39:58.0292 3868	pcw - ok
23:39:58.0361 3868	PEAUTH          (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
23:39:58.0519 3868	PEAUTH - ok
23:39:58.0613 3868	PerfHost        (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
23:39:58.0669 3868	PerfHost - ok
23:39:58.0828 3868	pla             (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
23:39:59.0013 3868	pla - ok
23:39:59.0092 3868	PlugPlay        (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
23:39:59.0173 3868	PlugPlay - ok
23:39:59.0198 3868	PNRPAutoReg     (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
23:39:59.0244 3868	PNRPAutoReg - ok
23:39:59.0294 3868	PNRPsvc         (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
23:39:59.0341 3868	PNRPsvc - ok
23:39:59.0420 3868	PolicyAgent     (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
23:39:59.0568 3868	PolicyAgent - ok
23:39:59.0607 3868	Power           (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
23:39:59.0762 3868	Power - ok
23:39:59.0829 3868	PptpMiniport    (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
23:39:59.0947 3868	PptpMiniport - ok
23:39:59.0976 3868	Processor       (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
23:40:00.0022 3868	Processor - ok
23:40:00.0073 3868	ProfSvc         (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll
23:40:00.0182 3868	ProfSvc - ok
23:40:00.0220 3868	ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
23:40:00.0258 3868	ProtectedStorage - ok
23:40:00.0294 3868	Psched          (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
23:40:00.0424 3868	Psched - ok
23:40:00.0558 3868	ql2300          (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
23:40:00.0688 3868	ql2300 - ok
23:40:00.0831 3868	ql40xx          (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
23:40:00.0875 3868	ql40xx - ok
23:40:00.0920 3868	QWAVE           (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
23:40:00.0995 3868	QWAVE - ok
23:40:01.0016 3868	QWAVEdrv        (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
23:40:01.0077 3868	QWAVEdrv - ok
23:40:01.0088 3868	RasAcd          (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
23:40:01.0201 3868	RasAcd - ok
23:40:01.0257 3868	RasAgileVpn     (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
23:40:01.0364 3868	RasAgileVpn - ok
23:40:01.0419 3868	RasAuto         (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
23:40:01.0555 3868	RasAuto - ok
23:40:01.0590 3868	Rasl2tp         (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
23:40:01.0720 3868	Rasl2tp - ok
23:40:01.0781 3868	RasMan          (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
23:40:01.0914 3868	RasMan - ok
23:40:01.0939 3868	RasPppoe        (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
23:40:02.0060 3868	RasPppoe - ok
23:40:02.0119 3868	RasSstp         (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
23:40:02.0242 3868	RasSstp - ok
23:40:02.0289 3868	rdbss           (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
23:40:02.0426 3868	rdbss - ok
23:40:02.0446 3868	rdpbus          (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys
23:40:02.0491 3868	rdpbus - ok
23:40:02.0508 3868	RDPCDD          (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
23:40:02.0614 3868	RDPCDD - ok
23:40:02.0638 3868	RDPENCDD        (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
23:40:02.0755 3868	RDPENCDD - ok
23:40:02.0778 3868	RDPREFMP        (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
23:40:02.0882 3868	RDPREFMP - ok
23:40:02.0923 3868	RDPWD           (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys
23:40:02.0993 3868	RDPWD - ok
23:40:03.0031 3868	rdyboost        (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
23:40:03.0073 3868	rdyboost - ok
23:40:03.0133 3868	RemoteAccess    (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
23:40:03.0263 3868	RemoteAccess - ok
23:40:03.0310 3868	RemoteRegistry  (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
23:40:03.0437 3868	RemoteRegistry - ok
23:40:03.0465 3868	RpcEptMapper    (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
23:40:03.0592 3868	RpcEptMapper - ok
23:40:03.0609 3868	RpcLocator      (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
23:40:03.0661 3868	RpcLocator - ok
23:40:03.0716 3868	RpcSs           (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
23:40:03.0835 3868	RpcSs - ok
23:40:03.0891 3868	rspndr          (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
23:40:03.0998 3868	rspndr - ok
23:40:04.0066 3868	RSUSBSTOR       (135a64530d7699ad48f29d73a658dd11) C:\Windows\System32\Drivers\RtsUStor.sys
23:40:04.0112 3868	RSUSBSTOR - ok
23:40:04.0200 3868	RS_Service      (7cb9f0fdd730f4a4ecf6cde15ea12e8a) C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe
23:40:04.0258 3868	RS_Service - ok
23:40:04.0299 3868	SamSs           (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
23:40:04.0336 3868	SamSs - ok
23:40:04.0366 3868	sbp2port        (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
23:40:04.0405 3868	sbp2port - ok
23:40:04.0455 3868	SCardSvr        (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
23:40:04.0584 3868	SCardSvr - ok
23:40:04.0612 3868	scfilter        (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
23:40:04.0724 3868	scfilter - ok
23:40:04.0853 3868	Schedule        (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
23:40:05.0025 3868	Schedule - ok
23:40:05.0066 3868	SCPolicySvc     (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
23:40:05.0169 3868	SCPolicySvc - ok
23:40:05.0207 3868	SDRSVC          (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
23:40:05.0281 3868	SDRSVC - ok
23:40:05.0394 3868	SeaPort         (cc781378e7eda615d2cdca3b17829fa4) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
23:40:05.0461 3868	SeaPort - ok
23:40:05.0524 3868	secdrv          (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
23:40:05.0660 3868	secdrv - ok
23:40:05.0706 3868	seclogon        (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
23:40:05.0812 3868	seclogon - ok
23:40:05.0847 3868	SENS            (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
23:40:05.0987 3868	SENS - ok
23:40:06.0012 3868	SensrSvc        (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
23:40:06.0104 3868	SensrSvc - ok
23:40:06.0147 3868	Serenum         (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys
23:40:06.0200 3868	Serenum - ok
23:40:06.0232 3868	Serial          (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys
23:40:06.0309 3868	Serial - ok
23:40:06.0347 3868	sermouse        (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
23:40:06.0425 3868	sermouse - ok
23:40:06.0489 3868	SessionEnv      (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
23:40:06.0688 3868	SessionEnv - ok
23:40:06.0760 3868	sesvc           (4c99e251d89c95dcaaa26f9243747c99) C:\Program Files (x86)\ShadowExplorer\sesvc.exe
23:40:06.0784 3868	sesvc ( UnsignedFile.Multi.Generic ) - warning
23:40:06.0784 3868	sesvc - detected UnsignedFile.Multi.Generic (1)
23:40:06.0799 3868	sffdisk         (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
23:40:06.0857 3868	sffdisk - ok
23:40:06.0890 3868	sffp_mmc        (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
23:40:06.0966 3868	sffp_mmc - ok
23:40:06.0979 3868	sffp_sd         (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
23:40:07.0043 3868	sffp_sd - ok
23:40:07.0056 3868	sfloppy         (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
23:40:07.0120 3868	sfloppy - ok
23:40:07.0217 3868	SharedAccess    (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
23:40:07.0383 3868	SharedAccess - ok
23:40:07.0445 3868	ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
23:40:07.0607 3868	ShellHWDetection - ok
23:40:07.0631 3868	SiSRaid2        (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
23:40:07.0666 3868	SiSRaid2 - ok
23:40:07.0695 3868	SiSRaid4        (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
23:40:07.0732 3868	SiSRaid4 - ok
23:40:07.0764 3868	Smb             (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
23:40:07.0905 3868	Smb - ok
23:40:07.0956 3868	SNMPTRAP        (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
23:40:07.0999 3868	SNMPTRAP - ok
23:40:08.0023 3868	spldr           (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
23:40:08.0056 3868	spldr - ok
23:40:08.0132 3868	Spooler         (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
23:40:08.0287 3868	Spooler - ok
23:40:08.0689 3868	sppsvc          (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
23:40:09.0009 3868	sppsvc - ok
23:40:09.0134 3868	sppuinotify     (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
23:40:09.0252 3868	sppuinotify - ok
23:40:09.0335 3868	srv             (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
23:40:09.0454 3868	srv - ok
23:40:09.0513 3868	srv2            (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
23:40:09.0578 3868	srv2 - ok
23:40:09.0609 3868	srvnet          (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
23:40:09.0686 3868	srvnet - ok
23:40:09.0751 3868	SSDPSRV         (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
23:40:10.0044 3868	SSDPSRV - ok
23:40:10.0137 3868	SstpSvc         (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
23:40:10.0515 3868	SstpSvc - ok
23:40:10.0555 3868	stexstor        (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
23:40:10.0590 3868	stexstor - ok
23:40:10.0680 3868	stisvc          (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
23:40:10.0777 3868	stisvc - ok
23:40:10.0801 3868	swenum          (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
23:40:10.0834 3868	swenum - ok
23:40:10.0892 3868	swprv           (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
23:40:11.0045 3868	swprv - ok
23:40:11.0211 3868	SynTP           (02364d8be46a51361b0905736c3f7438) C:\Windows\system32\DRIVERS\SynTP.sys
23:40:11.0327 3868	SynTP - ok
23:40:11.0594 3868	SysMain         (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
23:40:11.0797 3868	SysMain - ok
23:40:11.0908 3868	TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
23:40:11.0969 3868	TabletInputService - ok
23:40:12.0020 3868	TapiSrv         (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
23:40:12.0187 3868	TapiSrv - ok
23:40:12.0220 3868	TBS             (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
23:40:12.0354 3868	TBS - ok
23:40:12.0565 3868	Tcpip           (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
23:40:12.0705 3868	Tcpip - ok
23:40:13.0036 3868	TCPIP6          (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
23:40:13.0159 3868	TCPIP6 - ok
23:40:13.0286 3868	tcpipreg        (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
23:40:13.0416 3868	tcpipreg - ok
23:40:13.0463 3868	TDPIPE          (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
23:40:13.0517 3868	TDPIPE - ok
23:40:13.0559 3868	TDTCP           (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
23:40:13.0596 3868	TDTCP - ok
23:40:13.0639 3868	tdx             (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
23:40:13.0777 3868	tdx - ok
23:40:13.0823 3868	TermDD          (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
23:40:13.0870 3868	TermDD - ok
23:40:13.0955 3868	TermService     (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
23:40:14.0111 3868	TermService - ok
23:40:14.0136 3868	Themes          (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
23:40:14.0192 3868	Themes - ok
23:40:14.0223 3868	THREADORDER     (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
23:40:14.0332 3868	THREADORDER - ok
23:40:14.0359 3868	TrkWks          (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
23:40:14.0486 3868	TrkWks - ok
23:40:14.0561 3868	TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
23:40:14.0698 3868	TrustedInstaller - ok
23:40:14.0728 3868	tssecsrv        (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
23:40:14.0842 3868	tssecsrv - ok
23:40:14.0876 3868	TsUsbFlt        (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
23:40:14.0932 3868	TsUsbFlt - ok
23:40:14.0954 3868	TsUsbGD         (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys
23:40:14.0988 3868	TsUsbGD - ok
23:40:15.0020 3868	tunnel          (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
23:40:15.0152 3868	tunnel - ok
23:40:15.0169 3868	uagp35          (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
23:40:15.0204 3868	uagp35 - ok
23:40:15.0246 3868	udfs            (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
23:40:15.0375 3868	udfs - ok
23:40:15.0424 3868	UI0Detect       (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
23:40:15.0467 3868	UI0Detect - ok
23:40:15.0485 3868	uliagpkx        (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
23:40:15.0526 3868	uliagpkx - ok
23:40:15.0567 3868	umbus           (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
23:40:15.0618 3868	umbus - ok
23:40:15.0629 3868	UmPass          (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys
23:40:15.0677 3868	UmPass - ok
23:40:15.0733 3868	upnphost        (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
23:40:15.0884 3868	upnphost - ok
23:40:15.0930 3868	usbccgp         (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
23:40:15.0991 3868	usbccgp - ok
23:40:16.0035 3868	usbcir          (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
23:40:16.0096 3868	usbcir - ok
23:40:16.0146 3868	usbehci         (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
23:40:16.0219 3868	usbehci - ok
23:40:16.0259 3868	usbfilter       (76e2ffad301490ba27b947c6507752fb) C:\Windows\system32\DRIVERS\usbfilter.sys
23:40:16.0289 3868	usbfilter - ok
23:40:16.0372 3868	usbhub          (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
23:40:16.0447 3868	usbhub - ok
23:40:16.0486 3868	usbohci         (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\DRIVERS\usbohci.sys
23:40:16.0538 3868	usbohci - ok
23:40:16.0577 3868	usbprint        (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
23:40:16.0628 3868	usbprint - ok
23:40:16.0668 3868	usbscan         (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
23:40:16.0713 3868	usbscan - ok
23:40:16.0751 3868	USBSTOR         (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
23:40:16.0825 3868	USBSTOR - ok
23:40:16.0862 3868	usbuhci         (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
23:40:16.0904 3868	usbuhci - ok
23:40:16.0946 3868	usbvideo        (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\system32\Drivers\usbvideo.sys
23:40:17.0002 3868	usbvideo - ok
23:40:17.0042 3868	UxSms           (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
23:40:17.0162 3868	UxSms - ok
23:40:17.0205 3868	VaultSvc        (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
23:40:17.0254 3868	VaultSvc - ok
23:40:17.0313 3868	vdrvroot        (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
23:40:17.0355 3868	vdrvroot - ok
23:40:17.0416 3868	vds             (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
23:40:17.0560 3868	vds - ok
23:40:17.0587 3868	vga             (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
23:40:17.0630 3868	vga - ok
23:40:17.0655 3868	VgaSave         (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
23:40:17.0769 3868	VgaSave - ok
23:40:17.0804 3868	vhdmp           (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
23:40:17.0858 3868	vhdmp - ok
23:40:17.0878 3868	viaide          (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
23:40:17.0912 3868	viaide - ok
23:40:17.0931 3868	volmgr          (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
23:40:17.0966 3868	volmgr - ok
23:40:18.0017 3868	volmgrx         (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
23:40:18.0081 3868	volmgrx - ok
23:40:18.0116 3868	volsnap         (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
23:40:18.0164 3868	volsnap - ok
23:40:18.0203 3868	vsmraid         (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
23:40:18.0250 3868	vsmraid - ok
23:40:18.0404 3868	VSS             (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
23:40:18.0610 3868	VSS - ok
23:40:18.0764 3868	vwifibus        (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
23:40:18.0831 3868	vwifibus - ok
23:40:18.0877 3868	vwififlt        (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
23:40:18.0955 3868	vwififlt - ok
23:40:19.0019 3868	W32Time         (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
23:40:19.0158 3868	W32Time - ok
23:40:19.0190 3868	WacomPen        (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
23:40:19.0262 3868	WacomPen - ok
23:40:19.0391 3868	WANARP          (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
23:40:19.0517 3868	WANARP - ok
23:40:19.0525 3868	Wanarpv6        (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
23:40:19.0626 3868	Wanarpv6 - ok
23:40:20.0369 3868	wbengine        (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
23:40:20.0512 3868	wbengine - ok
23:40:20.0643 3868	WbioSrvc        (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
23:40:20.0726 3868	WbioSrvc - ok
23:40:20.0780 3868	wcncsvc         (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
23:40:20.0887 3868	wcncsvc - ok
23:40:20.0911 3868	WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
23:40:20.0979 3868	WcsPlugInService - ok
23:40:21.0030 3868	Wd              (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
23:40:21.0072 3868	Wd - ok
23:40:21.0150 3868	Wdf01000        (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
23:40:21.0243 3868	Wdf01000 - ok
23:40:21.0467 3868	WdiServiceHost  (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
23:40:21.0619 3868	WdiServiceHost - ok
23:40:21.0629 3868	WdiSystemHost   (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
23:40:21.0689 3868	WdiSystemHost - ok
23:40:21.0760 3868	WebClient       (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
23:40:21.0850 3868	WebClient - ok
23:40:21.0942 3868	Wecsvc          (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
23:40:22.0092 3868	Wecsvc - ok
23:40:22.0133 3868	wercplsupport   (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
23:40:22.0282 3868	wercplsupport - ok
23:40:22.0325 3868	WerSvc          (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
23:40:22.0452 3868	WerSvc - ok
23:40:22.0518 3868	WfpLwf          (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
23:40:22.0629 3868	WfpLwf - ok
23:40:22.0654 3868	WIMMount        (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
23:40:22.0688 3868	WIMMount - ok
23:40:22.0734 3868	WinDefend - ok
23:40:22.0754 3868	WinHttpAutoProxySvc - ok
23:40:22.0823 3868	Winmgmt         (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
23:40:22.0974 3868	Winmgmt - ok
23:40:23.0163 3868	WinRM           (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
23:40:23.0455 3868	WinRM - ok
23:40:23.0838 3868	Wlansvc         (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
23:40:23.0999 3868	Wlansvc - ok
23:40:24.0110 3868	wlcrasvc        (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
23:40:24.0160 3868	wlcrasvc - ok
23:40:24.0373 3868	wlidsvc         (7e47c328fc4768cb8beafbcfafa70362) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
23:40:24.0540 3868	wlidsvc - ok
23:40:24.0652 3868	WmiAcpi         (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys
23:40:24.0705 3868	WmiAcpi - ok
23:40:24.0767 3868	wmiApSrv        (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
23:40:24.0842 3868	wmiApSrv - ok
23:40:24.0914 3868	WMPNetworkSvc - ok
23:40:24.0963 3868	WPCSvc          (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
23:40:25.0018 3868	WPCSvc - ok
23:40:25.0041 3868	WPDBusEnum      (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
23:40:25.0117 3868	WPDBusEnum - ok
23:40:25.0145 3868	ws2ifsl         (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
23:40:25.0257 3868	ws2ifsl - ok
23:40:25.0351 3868	wscsvc          (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll
23:40:25.0450 3868	wscsvc - ok
23:40:25.0460 3868	WSearch - ok
23:40:25.0716 3868	wuauserv        (9df12edbc698b0bc353b3ef84861e430) C:\Windows\system32\wuaueng.dll
23:40:26.0098 3868	wuauserv - ok
23:40:26.0283 3868	WudfPf          (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
23:40:26.0415 3868	WudfPf - ok
23:40:26.0466 3868	WUDFRd          (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
23:40:26.0581 3868	WUDFRd - ok
23:40:26.0611 3868	wudfsvc         (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
23:40:26.0734 3868	wudfsvc - ok
23:40:26.0773 3868	WwanSvc         (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
23:40:26.0846 3868	WwanSvc - ok
23:40:26.0896 3868	MBR (0x1B8)     (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
23:40:27.0468 3868	\Device\Harddisk0\DR0 - ok
23:40:27.0478 3868	Boot (0x1200)   (4c55c7c8406f8445488da0c279a80d68) \Device\Harddisk0\DR0\Partition0
23:40:27.0483 3868	\Device\Harddisk0\DR0\Partition0 - ok
23:40:27.0543 3868	Boot (0x1200)   (27fbe250173647bfccf03c6e08bb58f0) \Device\Harddisk0\DR0\Partition1
23:40:27.0548 3868	\Device\Harddisk0\DR0\Partition1 - ok
23:40:27.0550 3868	============================================================
23:40:27.0550 3868	Scan finished
23:40:27.0550 3868	============================================================
23:40:27.0591 3216	Detected object count: 1
23:40:27.0591 3216	Actual detected object count: 1
23:41:07.0081 3216	sesvc ( UnsignedFile.Multi.Generic ) - skipped by user
23:41:07.0081 3216	sesvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
23:41:21.0762 2448	============================================================
23:41:21.0762 2448	Scan started
23:41:21.0762 2448	Mode: Manual; SigCheck; TDLFS; 
23:41:21.0762 2448	============================================================
23:41:22.0285 2448	1394ohci        (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
23:41:22.0362 2448	1394ohci - ok
23:41:22.0414 2448	ACPI            (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
23:41:22.0460 2448	ACPI - ok
23:41:22.0473 2448	AcpiPmi         (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
23:41:22.0516 2448	AcpiPmi - ok
23:41:22.0599 2448	AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
23:41:22.0638 2448	AdobeARMservice - ok
23:41:22.0761 2448	AdobeFlashPlayerUpdateSvc (76d5a3d2a50402a0b9b6ed13c4371e79) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
23:41:22.0808 2448	AdobeFlashPlayerUpdateSvc - ok
23:41:22.0883 2448	adp94xx         (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
23:41:22.0947 2448	adp94xx - ok
23:41:23.0002 2448	adpahci         (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
23:41:23.0049 2448	adpahci - ok
23:41:23.0081 2448	adpu320         (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
23:41:23.0120 2448	adpu320 - ok
23:41:23.0161 2448	AeLookupSvc     (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
23:41:23.0268 2448	AeLookupSvc - ok
23:41:23.0355 2448	AFD             (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
23:41:23.0402 2448	AFD - ok
23:41:23.0421 2448	agp440          (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
23:41:23.0454 2448	agp440 - ok
23:41:23.0485 2448	ALG             (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
23:41:23.0522 2448	ALG - ok
23:41:23.0535 2448	aliide          (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
23:41:23.0567 2448	aliide - ok
23:41:23.0605 2448	AMD External Events Utility (0497e13936e43065c85be3c9cdc0258b) C:\Windows\system32\atiesrxx.exe
23:41:23.0653 2448	AMD External Events Utility - ok
23:41:23.0665 2448	amdide          (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
23:41:23.0696 2448	amdide - ok
23:41:23.0714 2448	AmdK8           (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
23:41:23.0750 2448	AmdK8 - ok
23:41:24.0373 2448	amdkmdag        (679999d8808c1784dcb9bd59c19ae32f) C:\Windows\system32\DRIVERS\atikmdag.sys
23:41:24.0658 2448	amdkmdag - ok
23:41:24.0951 2448	amdkmdap        (a4769eaf3936da861b9b1c9e5bd2fc52) C:\Windows\system32\DRIVERS\atikmpag.sys
23:41:25.0004 2448	amdkmdap - ok
23:41:25.0033 2448	AmdPPM          (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
23:41:25.0069 2448	AmdPPM - ok
23:41:25.0152 2448	amdsata         (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
23:41:25.0197 2448	amdsata - ok
23:41:25.0234 2448	amdsbs          (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
23:41:25.0273 2448	amdsbs - ok
23:41:25.0301 2448	amdxata         (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
23:41:25.0334 2448	amdxata - ok
23:41:25.0414 2448	AntiVirSchedulerService (466a0d95960dad3222c896d2cea99993) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
23:41:25.0448 2448	AntiVirSchedulerService - ok
23:41:25.0478 2448	AntiVirService  (a489be6bb0aa1ff406b488b60542314b) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
23:41:25.0508 2448	AntiVirService - ok
23:41:25.0527 2448	AppID           (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
23:41:25.0626 2448	AppID - ok
23:41:25.0661 2448	AppIDSvc        (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
23:41:25.0763 2448	AppIDSvc - ok
23:41:25.0785 2448	Appinfo         (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
23:41:25.0885 2448	Appinfo - ok
23:41:25.0905 2448	arc             (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
23:41:25.0940 2448	arc - ok
23:41:25.0960 2448	arcsas          (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
23:41:25.0996 2448	arcsas - ok
23:41:26.0008 2448	AsyncMac        (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
23:41:26.0114 2448	AsyncMac - ok
23:41:26.0141 2448	atapi           (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
23:41:26.0174 2448	atapi - ok
23:41:26.0212 2448	AtiHDAudioService (4bf5bca6e2608cd8a00bc4a6673a9f47) C:\Windows\system32\drivers\AtihdW76.sys
23:41:26.0270 2448	AtiHDAudioService - ok
23:41:26.0342 2448	AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
23:41:26.0479 2448	AudioEndpointBuilder - ok
23:41:26.0498 2448	AudioSrv        (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
23:41:26.0616 2448	AudioSrv - ok
23:41:26.0643 2448	avgntflt        (26e38b5a58c6c55fafbc563eeddb0867) C:\Windows\system32\DRIVERS\avgntflt.sys
23:41:26.0675 2448	avgntflt - ok
23:41:26.0707 2448	avipbb          (9d1f00beff84cbbf46d7f052bc7e0565) C:\Windows\system32\DRIVERS\avipbb.sys
23:41:26.0741 2448	avipbb - ok
23:41:26.0759 2448	avkmgr          (248db59fc86de44d2779f4c7fb1a567d) C:\Windows\system32\DRIVERS\avkmgr.sys
23:41:26.0789 2448	avkmgr - ok
23:41:26.0812 2448	AxInstSV        (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
23:41:26.0864 2448	AxInstSV - ok
23:41:26.0918 2448	b06bdrv         (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
23:41:26.0990 2448	b06bdrv - ok
23:41:27.0034 2448	b57nd60a        (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
23:41:27.0079 2448	b57nd60a - ok
23:41:27.0172 2448	BBSvc           (93ee7d9c35ae7e9ffda148d7805f1421) C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
23:41:27.0224 2448	BBSvc - ok
23:41:27.0623 2448	BCM43XX         (85111026f1c5a1c4cce3697f0da7bc1a) C:\Windows\system32\DRIVERS\bcmwl664.sys
23:41:27.0933 2448	BCM43XX - ok
23:41:28.0067 2448	BDESVC          (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
23:41:28.0121 2448	BDESVC - ok
23:41:28.0153 2448	Beep            (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
23:41:28.0264 2448	Beep - ok
23:41:28.0348 2448	BFE             (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
23:41:28.0491 2448	BFE - ok
23:41:28.0584 2448	BITS            (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
23:41:28.0740 2448	BITS - ok
23:41:28.0767 2448	blbdrive        (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\drivers\blbdrive.sys
23:41:28.0805 2448	blbdrive - ok
23:41:28.0842 2448	bowser          (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
23:41:28.0887 2448	bowser - ok
23:41:28.0902 2448	BrFiltLo        (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
23:41:28.0946 2448	BrFiltLo - ok
23:41:28.0956 2448	BrFiltUp        (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
23:41:29.0001 2448	BrFiltUp - ok
23:41:29.0028 2448	Browser         (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
23:41:29.0131 2448	Browser - ok
23:41:29.0169 2448	Brserid         (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\system32\DRIVERS\BrSerId.sys
23:41:29.0226 2448	Brserid - ok
23:41:29.0239 2448	BrSerWdm        (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
23:41:29.0284 2448	BrSerWdm - ok
23:41:29.0295 2448	BrUsbMdm        (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
23:41:29.0339 2448	BrUsbMdm - ok
23:41:29.0353 2448	BrUsbSer        (a87528880231c54e75ea7a44943b38bf) C:\Windows\system32\DRIVERS\BrUsbSer.sys
23:41:29.0386 2448	BrUsbSer - ok
23:41:29.0406 2448	BTHMODEM        (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys
23:41:29.0451 2448	BTHMODEM - ok
23:41:29.0484 2448	bthserv         (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
23:41:29.0591 2448	bthserv - ok
23:41:29.0624 2448	cdfs            (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
23:41:29.0729 2448	cdfs - ok
23:41:29.0756 2448	cdrom           (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys
23:41:29.0796 2448	cdrom - ok
23:41:29.0821 2448	CertPropSvc     (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
23:41:29.0924 2448	CertPropSvc - ok
23:41:29.0940 2448	circlass        (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
23:41:29.0985 2448	circlass - ok
23:41:30.0027 2448	CLFS            (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
23:41:30.0090 2448	CLFS - ok
23:41:30.0176 2448	clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
23:41:30.0216 2448	clr_optimization_v2.0.50727_32 - ok
23:41:30.0268 2448	clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
23:41:30.0308 2448	clr_optimization_v2.0.50727_64 - ok
23:41:30.0372 2448	clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
23:41:30.0413 2448	clr_optimization_v4.0.30319_32 - ok
23:41:30.0460 2448	clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
23:41:30.0495 2448	clr_optimization_v4.0.30319_64 - ok
23:41:30.0522 2448	CmBatt          (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys
23:41:30.0558 2448	CmBatt - ok
23:41:30.0582 2448	cmdide          (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
23:41:30.0616 2448	cmdide - ok
23:41:30.0691 2448	CNG             (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
23:41:30.0775 2448	CNG - ok
23:41:30.0935 2448	CnxtHdAudService (64ee11cbf385ca6f170fbe93b329b4e0) C:\Windows\system32\drivers\CHDRT64.sys
23:41:31.0058 2448	CnxtHdAudService - ok
23:41:31.0174 2448	Compbatt        (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys
23:41:31.0219 2448	Compbatt - ok
23:41:31.0241 2448	CompositeBus    (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
23:41:31.0285 2448	CompositeBus - ok
23:41:31.0296 2448	COMSysApp - ok
23:41:31.0320 2448	crcdisk         (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
23:41:31.0356 2448	crcdisk - ok
23:41:31.0417 2448	CryptSvc        (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll
23:41:31.0456 2448	CryptSvc - ok
23:41:31.0500 2448	CxAudMsg        (9d0d050170d47e778b624a28c90f23de) C:\Windows\system32\CxAudMsg64.exe
23:41:31.0549 2448	CxAudMsg - ok
23:41:31.0629 2448	DcomLaunch      (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
23:41:31.0749 2448	DcomLaunch - ok
23:41:31.0804 2448	defragsvc       (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
23:41:31.0924 2448	defragsvc - ok
23:41:31.0957 2448	DfsC            (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
23:41:32.0061 2448	DfsC - ok
23:41:32.0099 2448	Dhcp            (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
23:41:32.0217 2448	Dhcp - ok
23:41:32.0237 2448	discache        (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
23:41:32.0344 2448	discache - ok
23:41:32.0368 2448	Disk            (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
23:41:32.0404 2448	Disk - ok
23:41:32.0456 2448	Dnscache        (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
23:41:32.0504 2448	Dnscache - ok
23:41:32.0545 2448	dot3svc         (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
23:41:32.0665 2448	dot3svc - ok
23:41:32.0700 2448	DPS             (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
23:41:32.0813 2448	DPS - ok
23:41:32.0833 2448	drmkaud         (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
23:41:32.0875 2448	drmkaud - ok
23:41:32.0983 2448	DsiWMIService   (4ab2a58816cc6be771f1d8c768b804c5) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
23:41:33.0054 2448	DsiWMIService - ok
23:41:33.0152 2448	DXGKrnl         (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
23:41:33.0247 2448	DXGKrnl - ok
23:41:33.0279 2448	EapHost         (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
23:41:33.0390 2448	EapHost - ok
23:41:33.0678 2448	ebdrv           (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
23:41:33.0882 2448	ebdrv - ok
23:41:34.0002 2448	EFS             (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
23:41:34.0044 2448	EFS - ok
23:41:34.0128 2448	EgisTec Ticket Service (03e6888da1a85acf14ac2a3c328a9e62) C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe
23:41:34.0187 2448	EgisTec Ticket Service - ok
23:41:34.0304 2448	ehRecvr         (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
23:41:34.0389 2448	ehRecvr - ok
23:41:34.0427 2448	ehSched         (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
23:41:34.0484 2448	ehSched - ok
23:41:34.0567 2448	elxstor         (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
23:41:34.0638 2448	elxstor - ok
23:41:34.0751 2448	ePowerSvc       (753fad8fd476116fa93799b0db77702b) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
23:41:34.0830 2448	ePowerSvc - ok
23:41:34.0921 2448	ErrDev          (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
23:41:34.0958 2448	ErrDev - ok
23:41:35.0031 2448	EventSystem     (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
23:41:35.0161 2448	EventSystem - ok
23:41:35.0202 2448	exfat           (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
23:41:35.0323 2448	exfat - ok
23:41:35.0367 2448	fastfat         (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
23:41:35.0481 2448	fastfat - ok
23:41:35.0555 2448	Fax             (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
23:41:35.0627 2448	Fax - ok
23:41:35.0641 2448	fdc             (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
23:41:35.0678 2448	fdc - ok
23:41:35.0702 2448	fdPHost         (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
23:41:35.0807 2448	fdPHost - ok
23:41:35.0827 2448	FDResPub        (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
23:41:35.0935 2448	FDResPub - ok
23:41:35.0956 2448	FileInfo        (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
23:41:35.0992 2448	FileInfo - ok
23:41:36.0014 2448	Filetrace       (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
23:41:36.0119 2448	Filetrace - ok
23:41:36.0133 2448	flpydisk        (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
23:41:36.0168 2448	flpydisk - ok
23:41:36.0214 2448	FltMgr          (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
23:41:36.0279 2448	FltMgr - ok
23:41:36.0391 2448	FontCache       (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
23:41:36.0491 2448	FontCache - ok
23:41:36.0569 2448	FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
23:41:36.0606 2448	FontCache3.0.0.0 - ok
23:41:36.0651 2448	FsDepends       (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
23:41:36.0694 2448	FsDepends - ok
23:41:36.0738 2448	Fs_Rec          (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
23:41:36.0779 2448	Fs_Rec - ok
23:41:36.0820 2448	fvevol          (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
23:41:36.0880 2448	fvevol - ok
23:41:36.0908 2448	gagp30kx        (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
23:41:36.0943 2448	gagp30kx - ok
23:41:37.0028 2448	gpsvc           (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
23:41:37.0167 2448	gpsvc - ok
23:41:37.0231 2448	GREGService     (0191dee9b9eb7902af2cf4f67301095d) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
23:41:37.0262 2448	GREGService - ok
23:41:37.0315 2448	gupdate         (506708142bc63daba64f2d3ad1dcd5bf) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
23:41:37.0357 2448	gupdate - ok
23:41:37.0367 2448	gupdatem        (506708142bc63daba64f2d3ad1dcd5bf) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
23:41:37.0396 2448	gupdatem - ok
23:41:37.0416 2448	hcw85cir        (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
23:41:37.0451 2448	hcw85cir - ok
23:41:37.0492 2448	HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
23:41:37.0559 2448	HdAudAddService - ok
23:41:37.0586 2448	HDAudBus        (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
23:41:37.0644 2448	HDAudBus - ok
23:41:37.0659 2448	HidBatt         (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
23:41:37.0695 2448	HidBatt - ok
23:41:37.0716 2448	HidBth          (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
23:41:37.0761 2448	HidBth - ok
23:41:37.0777 2448	HidIr           (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
23:41:37.0821 2448	HidIr - ok
23:41:37.0837 2448	hidserv         (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
23:41:37.0944 2448	hidserv - ok
23:41:37.0959 2448	HidUsb          (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
23:41:37.0995 2448	HidUsb - ok
23:41:38.0018 2448	hkmsvc          (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
23:41:38.0133 2448	hkmsvc - ok
23:41:38.0166 2448	HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
23:41:38.0237 2448	HomeGroupListener - ok
23:41:38.0281 2448	HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
23:41:38.0336 2448	HomeGroupProvider - ok
23:41:38.0356 2448	HpSAMD          (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
23:41:38.0392 2448	HpSAMD - ok
23:41:38.0472 2448	HTTP            (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
23:41:38.0612 2448	HTTP - ok
23:41:38.0631 2448	hwpolicy        (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
23:41:38.0664 2448	hwpolicy - ok
23:41:38.0702 2448	i8042prt        (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
23:41:38.0740 2448	i8042prt - ok
23:41:38.0811 2448	iaStorV         (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
23:41:38.0874 2448	iaStorV - ok
23:41:39.0003 2448	idsvc           (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
23:41:39.0086 2448	idsvc - ok
23:41:39.0116 2448	iirsp           (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
23:41:39.0151 2448	iirsp - ok
23:41:39.0252 2448	IKEEXT          (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
23:41:39.0396 2448	IKEEXT - ok
23:41:39.0416 2448	intelide        (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
23:41:39.0451 2448	intelide - ok
23:41:39.0468 2448	intelppm        (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\drivers\intelppm.sys
23:41:39.0504 2448	intelppm - ok
23:41:39.0535 2448	IPBusEnum       (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
23:41:39.0652 2448	IPBusEnum - ok
23:41:39.0673 2448	IpFilterDriver  (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
23:41:39.0778 2448	IpFilterDriver - ok
23:41:39.0843 2448	iphlpsvc        (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
23:41:39.0975 2448	iphlpsvc - ok
23:41:39.0994 2448	IPMIDRV         (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
23:41:40.0032 2448	IPMIDRV - ok
23:41:40.0055 2448	IPNAT           (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
23:41:40.0168 2448	IPNAT - ok
23:41:40.0194 2448	IRENUM          (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
23:41:40.0244 2448	IRENUM - ok
23:41:40.0257 2448	isapnp          (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
23:41:40.0290 2448	isapnp - ok
23:41:40.0329 2448	iScsiPrt        (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
23:41:40.0386 2448	iScsiPrt - ok
23:41:40.0412 2448	kbdclass        (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
23:41:40.0448 2448	kbdclass - ok
23:41:40.0463 2448	kbdhid          (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
23:41:40.0499 2448	kbdhid - ok
23:41:40.0542 2448	KeyIso          (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
23:41:40.0575 2448	KeyIso - ok
23:41:40.0600 2448	KSecDD          (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
23:41:40.0637 2448	KSecDD - ok
23:41:40.0665 2448	KSecPkg         (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
23:41:40.0714 2448	KSecPkg - ok
23:41:40.0735 2448	ksthunk         (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
23:41:40.0839 2448	ksthunk - ok
23:41:40.0895 2448	KtmRm           (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
23:41:41.0028 2448	KtmRm - ok
23:41:41.0060 2448	L1C             (6dd5383c9413aae3113faf89e345663d) C:\Windows\system32\DRIVERS\L1C62x64.sys
23:41:41.0091 2448	L1C - ok
23:41:41.0141 2448	LanmanServer    (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
23:41:41.0268 2448	LanmanServer - ok
23:41:41.0294 2448	LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
23:41:41.0409 2448	LanmanWorkstation - ok
23:41:41.0505 2448	Live Updater Service (6bcee9c766815bfff89de7d81af34ce1) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
23:41:41.0561 2448	Live Updater Service - ok
23:41:41.0604 2448	lltdio          (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
23:41:41.0721 2448	lltdio - ok
23:41:41.0782 2448	lltdsvc         (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
23:41:41.0906 2448	lltdsvc - ok
23:41:41.0930 2448	lmhosts         (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
23:41:42.0038 2448	lmhosts - ok
23:41:42.0072 2448	LSI_FC          (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
23:41:42.0110 2448	LSI_FC - ok
23:41:42.0135 2448	LSI_SAS         (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
23:41:42.0172 2448	LSI_SAS - ok
23:41:42.0190 2448	LSI_SAS2        (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
23:41:42.0226 2448	LSI_SAS2 - ok
23:41:42.0250 2448	LSI_SCSI        (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
23:41:42.0288 2448	LSI_SCSI - ok
23:41:42.0316 2448	luafv           (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
23:41:42.0433 2448	luafv - ok
23:41:42.0467 2448	MBAMProtector   (dbc08862a71459e74f7538b432c114cc) C:\Windows\system32\drivers\mbam.sys
23:41:42.0502 2448	MBAMProtector - ok
23:41:42.0592 2448	MBAMService     (ba400ed640bca1eae5c727ae17c10207) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
23:41:42.0679 2448	MBAMService - ok
23:41:42.0788 2448	McComponentHostService (22a7776c5d8eb5930edf9c8dd0884259) C:\Program Files (x86)\McAfee Security Scan\3.0.207\McCHSvc.exe
23:41:42.0833 2448	McComponentHostService - ok
23:41:42.0869 2448	Mcx2Svc         (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
23:41:42.0921 2448	Mcx2Svc - ok
23:41:42.0946 2448	megasas         (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
23:41:42.0982 2448	megasas - ok
23:41:43.0028 2448	MegaSR          (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
23:41:43.0081 2448	MegaSR - ok
23:41:43.0113 2448	MMCSS           (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
23:41:43.0224 2448	MMCSS - ok
23:41:43.0244 2448	Modem           (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
23:41:43.0352 2448	Modem - ok
23:41:43.0379 2448	monitor         (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
23:41:43.0421 2448	monitor - ok
23:41:43.0442 2448	mouclass        (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
23:41:43.0478 2448	mouclass - ok
23:41:43.0492 2448	mouhid          (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
23:41:43.0530 2448	mouhid - ok
23:41:43.0555 2448	mountmgr        (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
23:41:43.0592 2448	mountmgr - ok
23:41:43.0650 2448	MozillaMaintenance (96aa8ba23142cc8e2b30f3cae0c80254) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
23:41:43.0697 2448	MozillaMaintenance - ok
23:41:43.0727 2448	mpio            (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
23:41:43.0767 2448	mpio - ok
23:41:43.0793 2448	mpsdrv          (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
23:41:43.0900 2448	mpsdrv - ok
23:41:43.0991 2448	MpsSvc          (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
23:41:44.0135 2448	MpsSvc - ok
23:41:44.0164 2448	MRxDAV          (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
23:41:44.0218 2448	MRxDAV - ok
23:41:44.0259 2448	mrxsmb          (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
23:41:44.0321 2448	mrxsmb - ok
23:41:44.0369 2448	mrxsmb10        (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
23:41:44.0423 2448	mrxsmb10 - ok
23:41:44.0464 2448	mrxsmb20        (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
23:41:44.0511 2448	mrxsmb20 - ok
23:41:44.0538 2448	msahci          (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
23:41:44.0573 2448	msahci - ok
23:41:44.0601 2448	msdsm           (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
23:41:44.0650 2448	msdsm - ok
23:41:44.0681 2448	MSDTC           (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
23:41:44.0732 2448	MSDTC - ok
23:41:44.0772 2448	Msfs            (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
23:41:44.0877 2448	Msfs - ok
23:41:44.0896 2448	mshidkmdf       (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
23:41:45.0000 2448	mshidkmdf - ok
23:41:45.0019 2448	msisadrv        (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
23:41:45.0054 2448	msisadrv - ok
23:41:45.0086 2448	MSiSCSI         (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
23:41:45.0204 2448	MSiSCSI - ok
23:41:45.0215 2448	msiserver - ok
23:41:45.0233 2448	MSKSSRV         (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
23:41:45.0336 2448	MSKSSRV - ok
23:41:45.0346 2448	MSPCLOCK        (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
23:41:45.0451 2448	MSPCLOCK - ok
23:41:45.0462 2448	MSPQM           (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
23:41:45.0567 2448	MSPQM - ok
23:41:45.0618 2448	MsRPC           (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
23:41:45.0684 2448	MsRPC - ok
23:41:45.0715 2448	mssmbios        (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
23:41:45.0749 2448	mssmbios - ok
23:41:45.0775 2448	MSTEE           (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
23:41:45.0880 2448	MSTEE - ok
23:41:45.0892 2448	MTConfig        (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
23:41:45.0927 2448	MTConfig - ok
23:41:45.0952 2448	Mup             (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
23:41:45.0988 2448	Mup - ok
23:41:46.0007 2448	mwlPSDFilter    (9b1eac6faf6f37305e822f5588dc8056) C:\Windows\system32\DRIVERS\mwlPSDFilter.sys
23:41:46.0037 2448	mwlPSDFilter - ok
23:41:46.0061 2448	mwlPSDNServ     (ad55c1524b296280ed9c6e0d730d35da) C:\Windows\system32\DRIVERS\mwlPSDNServ.sys
23:41:46.0090 2448	mwlPSDNServ - ok
23:41:46.0116 2448	mwlPSDVDisk     (2b599e6ec8843637bdd62e7f8f3ba201) C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys
23:41:46.0147 2448	mwlPSDVDisk - ok
23:41:46.0215 2448	napagent        (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
23:41:46.0352 2448	napagent - ok
23:41:46.0402 2448	NativeWifiP     (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
23:41:46.0470 2448	NativeWifiP - ok
23:41:46.0598 2448	NDIS            (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
23:41:46.0677 2448	NDIS - ok
23:41:46.0703 2448	NdisCap         (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
23:41:46.0809 2448	NdisCap - ok
23:41:46.0831 2448	NdisTapi        (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
23:41:46.0936 2448	NdisTapi - ok
23:41:46.0960 2448	Ndisuio         (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
23:41:47.0062 2448	Ndisuio - ok
23:41:47.0096 2448	NdisWan         (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
23:41:47.0210 2448	NdisWan - ok
23:41:47.0239 2448	NDProxy         (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
23:41:47.0344 2448	NDProxy - ok
23:41:47.0370 2448	NetBIOS         (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
23:41:47.0476 2448	NetBIOS - ok
23:41:47.0516 2448	NetBT           (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
23:41:47.0637 2448	NetBT - ok
23:41:47.0676 2448	Netlogon        (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
23:41:47.0711 2448	Netlogon - ok
23:41:47.0763 2448	Netman          (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
23:41:47.0896 2448	Netman - ok
23:41:47.0946 2448	netprofm        (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
23:41:48.0069 2448	netprofm - ok
23:41:48.0147 2448	NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
23:41:48.0180 2448	NetTcpPortSharing - ok
23:41:48.0212 2448	nfrd960         (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
23:41:48.0247 2448	nfrd960 - ok
23:41:48.0296 2448	NlaSvc          (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
23:41:48.0415 2448	NlaSvc - ok
23:41:48.0435 2448	Npfs            (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
23:41:48.0542 2448	Npfs - ok
23:41:48.0572 2448	nsi             (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
23:41:48.0681 2448	nsi - ok
23:41:48.0697 2448	nsiproxy        (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
23:41:48.0802 2448	nsiproxy - ok
23:41:48.0982 2448	Ntfs            (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
23:41:49.0117 2448	Ntfs - ok
23:41:49.0220 2448	Null            (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
23:41:49.0335 2448	Null - ok
23:41:49.0384 2448	nvraid          (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
23:41:49.0431 2448	nvraid - ok
23:41:49.0463 2448	nvstor          (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
23:41:49.0513 2448	nvstor - ok
23:41:49.0543 2448	nv_agp          (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
23:41:49.0581 2448	nv_agp - ok
23:41:49.0691 2448	odserv          (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
23:41:49.0752 2448	odserv - ok
23:41:49.0773 2448	ohci1394        (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
23:41:49.0811 2448	ohci1394 - ok
23:41:49.0847 2448	ose             (5a432a042dae460abe7199b758e8606c) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
23:41:49.0893 2448	ose - ok
23:41:49.0951 2448	p2pimsvc        (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
23:41:50.0020 2448	p2pimsvc - ok
23:41:50.0070 2448	p2psvc          (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
23:41:50.0130 2448	p2psvc - ok
23:41:50.0157 2448	Parport         (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys
23:41:50.0208 2448	Parport - ok
23:41:50.0260 2448	partmgr         (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
23:41:50.0296 2448	partmgr - ok
23:41:50.0325 2448	PcaSvc          (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
23:41:50.0397 2448	PcaSvc - ok
23:41:50.0429 2448	pci             (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
23:41:50.0483 2448	pci - ok
23:41:50.0496 2448	pciide          (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
23:41:50.0529 2448	pciide - ok
23:41:50.0573 2448	pcmcia          (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
23:41:50.0617 2448	pcmcia - ok
23:41:50.0647 2448	pcw             (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
23:41:50.0683 2448	pcw - ok
23:41:50.0752 2448	PEAUTH          (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
23:41:50.0885 2448	PEAUTH - ok
23:41:50.0972 2448	PerfHost        (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
23:41:51.0013 2448	PerfHost - ok
23:41:51.0163 2448	pla             (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
23:41:51.0331 2448	pla - ok
23:41:51.0399 2448	PlugPlay        (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
23:41:51.0458 2448	PlugPlay - ok
23:41:51.0481 2448	PNRPAutoReg     (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
23:41:51.0519 2448	PNRPAutoReg - ok
23:41:51.0567 2448	PNRPsvc         (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
23:41:51.0613 2448	PNRPsvc - ok
23:41:51.0691 2448	PolicyAgent     (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
23:41:51.0828 2448	PolicyAgent - ok
23:41:51.0867 2448	Power           (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
23:41:51.0980 2448	Power - ok
23:41:52.0046 2448	PptpMiniport    (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
23:41:52.0151 2448	PptpMiniport - ok
23:41:52.0182 2448	Processor       (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
23:41:52.0221 2448	Processor - ok
23:41:52.0266 2448	ProfSvc         (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll
23:41:52.0318 2448	ProfSvc - ok
23:41:52.0360 2448	ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
23:41:52.0395 2448	ProtectedStorage - ok
23:41:52.0423 2448	Psched          (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
23:41:52.0537 2448	Psched - ok
23:41:52.0675 2448	ql2300          (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
23:41:52.0800 2448	ql2300 - ok
23:41:52.0897 2448	ql40xx          (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
23:41:52.0935 2448	ql40xx - ok
23:41:52.0984 2448	QWAVE           (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
23:41:53.0055 2448	QWAVE - ok
23:41:53.0079 2448	QWAVEdrv        (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
23:41:53.0131 2448	QWAVEdrv - ok
23:41:53.0141 2448	RasAcd          (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
23:41:53.0249 2448	RasAcd - ok
23:41:53.0276 2448	RasAgileVpn     (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
23:41:53.0381 2448	RasAgileVpn - ok
23:41:53.0406 2448	RasAuto         (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
23:41:53.0525 2448	RasAuto - ok
23:41:53.0552 2448	Rasl2tp         (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
23:41:53.0665 2448	Rasl2tp - ok
23:41:53.0710 2448	RasMan          (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
23:41:53.0840 2448	RasMan - ok
23:41:53.0870 2448	RasPppoe        (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
23:41:53.0990 2448	RasPppoe - ok
23:41:54.0017 2448	RasSstp         (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
23:41:54.0121 2448	RasSstp - ok
23:41:54.0165 2448	rdbss           (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
23:41:54.0294 2448	rdbss - ok
23:41:54.0322 2448	rdpbus          (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys
23:41:54.0366 2448	rdpbus - ok
23:41:54.0385 2448	RDPCDD          (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
23:41:54.0488 2448	RDPCDD - ok
23:41:54.0514 2448	RDPENCDD        (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
23:41:54.0618 2448	RDPENCDD - ok
23:41:54.0643 2448	RDPREFMP        (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
23:41:54.0750 2448	RDPREFMP - ok
23:41:54.0793 2448	RDPWD           (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys
23:41:54.0858 2448	RDPWD - ok
23:41:54.0896 2448	rdyboost        (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
23:41:54.0937 2448	rdyboost - ok
23:41:54.0976 2448	RemoteAccess    (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
23:41:55.0096 2448	RemoteAccess - ok
23:41:55.0142 2448	RemoteRegistry  (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
23:41:55.0271 2448	RemoteRegistry - ok
23:41:55.0296 2448	RpcEptMapper    (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
23:41:55.0405 2448	RpcEptMapper - ok
23:41:55.0429 2448	RpcLocator      (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
23:41:55.0470 2448	RpcLocator - ok
23:41:55.0527 2448	RpcSs           (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
23:41:55.0646 2448	RpcSs - ok
23:41:55.0668 2448	rspndr          (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
23:41:55.0777 2448	rspndr - ok
23:41:55.0830 2448	RSUSBSTOR       (135a64530d7699ad48f29d73a658dd11) C:\Windows\System32\Drivers\RtsUStor.sys
23:41:55.0885 2448	RSUSBSTOR - ok
23:41:55.0959 2448	RS_Service      (7cb9f0fdd730f4a4ecf6cde15ea12e8a) C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe
23:41:56.0014 2448	RS_Service - ok
23:41:56.0054 2448	SamSs           (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
23:41:56.0087 2448	SamSs - ok
23:41:56.0121 2448	sbp2port        (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
23:41:56.0159 2448	sbp2port - ok
23:41:56.0200 2448	SCardSvr        (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
23:41:56.0325 2448	SCardSvr - ok
23:41:56.0346 2448	scfilter        (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
23:41:56.0447 2448	scfilter - ok
23:41:56.0553 2448	Schedule        (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
23:41:56.0712 2448	Schedule - ok
23:41:56.0754 2448	SCPolicySvc     (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
23:41:56.0858 2448	SCPolicySvc - ok
23:41:56.0891 2448	SDRSVC          (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
23:41:56.0945 2448	SDRSVC - ok
23:41:57.0040 2448	SeaPort         (cc781378e7eda615d2cdca3b17829fa4) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
23:41:57.0106 2448	SeaPort - ok
23:41:57.0168 2448	secdrv          (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
23:41:57.0275 2448	secdrv - ok
23:41:57.0318 2448	seclogon        (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
23:41:57.0426 2448	seclogon - ok
23:41:57.0449 2448	SENS            (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
23:41:57.0572 2448	SENS - ok
23:41:57.0596 2448	SensrSvc        (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
23:41:57.0633 2448	SensrSvc - ok
23:41:57.0660 2448	Serenum         (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys
23:41:57.0696 2448	Serenum - ok
23:41:57.0716 2448	Serial          (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys
23:41:57.0755 2448	Serial - ok
23:41:57.0769 2448	sermouse        (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
23:41:57.0805 2448	sermouse - ok
23:41:57.0854 2448	SessionEnv      (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
23:41:57.0961 2448	SessionEnv - ok
23:41:57.0999 2448	sesvc           (4c99e251d89c95dcaaa26f9243747c99) C:\Program Files (x86)\ShadowExplorer\sesvc.exe
23:41:58.0011 2448	sesvc ( UnsignedFile.Multi.Generic ) - warning
23:41:58.0011 2448	sesvc - detected UnsignedFile.Multi.Generic (1)
23:41:58.0024 2448	sffdisk         (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
23:41:58.0067 2448	sffdisk - ok
23:41:58.0092 2448	sffp_mmc        (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
23:41:58.0136 2448	sffp_mmc - ok
23:41:58.0149 2448	sffp_sd         (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
23:41:58.0191 2448	sffp_sd - ok
23:41:58.0203 2448	sfloppy         (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
23:41:58.0238 2448	sfloppy - ok
23:41:58.0293 2448	SharedAccess    (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
23:41:58.0429 2448	SharedAccess - ok
23:41:58.0481 2448	ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
23:41:58.0610 2448	ShellHWDetection - ok
23:41:58.0627 2448	SiSRaid2        (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
23:41:58.0662 2448	SiSRaid2 - ok
23:41:58.0682 2448	SiSRaid4        (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
23:41:58.0718 2448	SiSRaid4 - ok
23:41:58.0738 2448	Smb             (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
23:41:58.0845 2448	Smb - ok
23:41:58.0886 2448	SNMPTRAP        (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
23:41:58.0927 2448	SNMPTRAP - ok
23:41:58.0939 2448	spldr           (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
23:41:58.0973 2448	spldr - ok
23:41:59.0041 2448	Spooler         (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
23:41:59.0192 2448	Spooler - ok
23:41:59.0512 2448	sppsvc          (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
23:41:59.0783 2448	sppsvc - ok
23:41:59.0900 2448	sppuinotify     (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
23:42:00.0027 2448	sppuinotify - ok
23:42:00.0112 2448	srv             (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
23:42:00.0177 2448	srv - ok
23:42:00.0239 2448	srv2            (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
23:42:00.0286 2448	srv2 - ok
23:42:00.0319 2448	srvnet          (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
23:42:00.0365 2448	srvnet - ok
23:42:00.0401 2448	SSDPSRV         (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
23:42:00.0526 2448	SSDPSRV - ok
23:42:00.0551 2448	SstpSvc         (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
23:42:00.0672 2448	SstpSvc - ok
23:42:00.0705 2448	stexstor        (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
23:42:00.0739 2448	stexstor - ok
23:42:00.0819 2448	stisvc          (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
23:42:00.0904 2448	stisvc - ok
23:42:00.0928 2448	swenum          (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
23:42:00.0962 2448	swenum - ok
23:42:01.0020 2448	swprv           (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
23:42:01.0160 2448	swprv - ok
23:42:01.0304 2448	SynTP           (02364d8be46a51361b0905736c3f7438) C:\Windows\system32\DRIVERS\SynTP.sys
23:42:01.0416 2448	SynTP - ok
23:42:01.0668 2448	SysMain         (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
23:42:01.0808 2448	SysMain - ok
23:42:01.0903 2448	TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
23:42:01.0971 2448	TabletInputService - ok
23:42:02.0016 2448	TapiSrv         (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
23:42:02.0146 2448	TapiSrv - ok
23:42:02.0172 2448	TBS             (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
23:42:02.0295 2448	TBS - ok
23:42:02.0496 2448	Tcpip           (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
23:42:02.0658 2448	Tcpip - ok
23:42:02.0892 2448	TCPIP6          (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
23:42:03.0004 2448	TCPIP6 - ok
23:42:03.0105 2448	tcpipreg        (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
23:42:03.0215 2448	tcpipreg - ok
23:42:03.0248 2448	TDPIPE          (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
23:42:03.0288 2448	TDPIPE - ok
23:42:03.0313 2448	TDTCP           (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
23:42:03.0347 2448	TDTCP - ok
23:42:03.0380 2448	tdx             (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
23:42:03.0487 2448	tdx - ok
23:42:03.0517 2448	TermDD          (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
23:42:03.0552 2448	TermDD - ok
23:42:03.0633 2448	TermService     (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
23:42:03.0772 2448	TermService - ok
23:42:03.0792 2448	Themes          (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
23:42:03.0847 2448	Themes - ok
23:42:03.0878 2448	THREADORDER     (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
23:42:03.0984 2448	THREADORDER - ok
23:42:04.0015 2448	TrkWks          (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
23:42:04.0132 2448	TrkWks - ok
23:42:04.0212 2448	TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
23:42:04.0344 2448	TrustedInstaller - ok
23:42:04.0372 2448	tssecsrv        (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
23:42:04.0474 2448	tssecsrv - ok
23:42:04.0498 2448	TsUsbFlt        (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
23:42:04.0543 2448	TsUsbFlt - ok
23:42:04.0558 2448	TsUsbGD         (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys
23:42:04.0592 2448	TsUsbGD - ok
23:42:04.0637 2448	tunnel          (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
23:42:04.0746 2448	tunnel - ok
23:42:04.0769 2448	uagp35          (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
23:42:04.0805 2448	uagp35 - ok
23:42:04.0848 2448	udfs            (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
23:42:04.0964 2448	udfs - ok
23:42:05.0002 2448	UI0Detect       (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
23:42:05.0045 2448	UI0Detect - ok
23:42:05.0062 2448	uliagpkx        (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
23:42:05.0098 2448	uliagpkx - ok
23:42:05.0123 2448	umbus           (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
23:42:05.0161 2448	umbus - ok
23:42:05.0172 2448	UmPass          (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys
23:42:05.0210 2448	UmPass - ok
23:42:05.0256 2448	upnphost        (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
23:42:05.0386 2448	upnphost - ok
23:42:05.0419 2448	usbccgp         (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
23:42:05.0469 2448	usbccgp - ok
23:42:05.0492 2448	usbcir          (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
23:42:05.0541 2448	usbcir - ok
23:42:05.0582 2448	usbehci         (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
23:42:05.0619 2448	usbehci - ok
23:42:05.0651 2448	usbfilter       (76e2ffad301490ba27b947c6507752fb) C:\Windows\system32\DRIVERS\usbfilter.sys
23:42:05.0682 2448	usbfilter - ok
23:42:05.0742 2448	usbhub          (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
23:42:05.0793 2448	usbhub - ok
23:42:05.0824 2448	usbohci         (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\DRIVERS\usbohci.sys
23:42:05.0858 2448	usbohci - ok
23:42:05.0882 2448	usbprint        (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
23:42:05.0927 2448	usbprint - ok
23:42:05.0961 2448	usbscan         (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
23:42:06.0007 2448	usbscan - ok
23:42:06.0045 2448	USBSTOR         (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
23:42:06.0082 2448	USBSTOR - ok
23:42:06.0111 2448	usbuhci         (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
23:42:06.0147 2448	usbuhci - ok
23:42:06.0185 2448	usbvideo        (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\system32\Drivers\usbvideo.sys
23:42:06.0241 2448	usbvideo - ok
23:42:06.0280 2448	UxSms           (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
23:42:06.0387 2448	UxSms - ok
23:42:06.0431 2448	VaultSvc        (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
23:42:06.0465 2448	VaultSvc - ok
23:42:06.0486 2448	vdrvroot        (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
23:42:06.0525 2448	vdrvroot - ok
23:42:06.0588 2448	vds             (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
23:42:06.0720 2448	vds - ok
23:42:06.0748 2448	vga             (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
23:42:06.0792 2448	vga - ok
23:42:06.0816 2448	VgaSave         (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
23:42:06.0921 2448	VgaSave - ok
23:42:06.0966 2448	vhdmp           (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
23:42:07.0020 2448	vhdmp - ok
23:42:07.0039 2448	viaide          (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
23:42:07.0073 2448	viaide - ok
23:42:07.0093 2448	volmgr          (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
23:42:07.0128 2448	volmgr - ok
23:42:07.0177 2448	volmgrx         (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
23:42:07.0239 2448	volmgrx - ok
23:42:07.0276 2448	volsnap         (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
23:42:07.0324 2448	volsnap - ok
23:42:07.0364 2448	vsmraid         (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
23:42:07.0412 2448	vsmraid - ok
23:42:07.0558 2448	VSS             (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
23:42:07.0736 2448	VSS - ok
23:42:07.0870 2448	vwifibus        (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
23:42:07.0922 2448	vwifibus - ok
23:42:07.0939 2448	vwififlt        (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
23:42:07.0991 2448	vwififlt - ok
23:42:08.0038 2448	W32Time         (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
23:42:08.0169 2448	W32Time - ok
23:42:08.0199 2448	WacomPen        (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
23:42:08.0236 2448	WacomPen - ok
23:42:08.0266 2448	WANARP          (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
23:42:08.0371 2448	WANARP - ok
23:42:08.0381 2448	Wanarpv6        (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
23:42:08.0483 2448	Wanarpv6 - ok
23:42:08.0620 2448	wbengine        (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
23:42:08.0725 2448	wbengine - ok
23:42:08.0812 2448	WbioSrvc        (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
23:42:08.0885 2448	WbioSrvc - ok
23:42:08.0927 2448	wcncsvc         (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
23:42:09.0005 2448	wcncsvc - ok
23:42:09.0027 2448	WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
23:42:09.0065 2448	WcsPlugInService - ok
23:42:09.0085 2448	Wd              (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
23:42:09.0120 2448	Wd - ok
23:42:09.0199 2448	Wdf01000        (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
23:42:09.0278 2448	Wdf01000 - ok
23:42:09.0330 2448	WdiServiceHost  (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
23:42:09.0408 2448	WdiServiceHost - ok
23:42:09.0417 2448	WdiSystemHost   (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
23:42:09.0474 2448	WdiSystemHost - ok
23:42:09.0525 2448	WebClient       (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
23:42:09.0595 2448	WebClient - ok
23:42:09.0628 2448	Wecsvc          (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
23:42:09.0752 2448	Wecsvc - ok
23:42:09.0777 2448	wercplsupport   (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
23:42:09.0898 2448	wercplsupport - ok
23:42:09.0924 2448	WerSvc          (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
23:42:10.0044 2448	WerSvc - ok
23:42:10.0074 2448	WfpLwf          (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
23:42:10.0180 2448	WfpLwf - ok
23:42:10.0195 2448	WIMMount        (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
23:42:10.0229 2448	WIMMount - ok
23:42:10.0267 2448	WinDefend - ok
23:42:10.0289 2448	WinHttpAutoProxySvc - ok
23:42:10.0368 2448	Winmgmt         (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
23:42:10.0501 2448	Winmgmt - ok
23:42:10.0701 2448	WinRM           (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
23:42:10.0899 2448	WinRM - ok
23:42:11.0073 2448	Wlansvc         (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
23:42:11.0171 2448	Wlansvc - ok
23:42:11.0233 2448	wlcrasvc        (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
23:42:11.0264 2448	wlcrasvc - ok
23:42:11.0480 2448	wlidsvc         (7e47c328fc4768cb8beafbcfafa70362) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
23:42:11.0664 2448	wlidsvc - ok
23:42:11.0768 2448	WmiAcpi         (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys
23:42:11.0801 2448	WmiAcpi - ok
23:42:11.0873 2448	wmiApSrv        (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
23:42:11.0930 2448	wmiApSrv - ok
23:42:11.0964 2448	WMPNetworkSvc - ok
23:42:12.0002 2448	WPCSvc          (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
23:42:12.0040 2448	WPCSvc - ok
23:42:12.0068 2448	WPDBusEnum      (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
23:42:12.0123 2448	WPDBusEnum - ok
23:42:12.0151 2448	ws2ifsl         (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
23:42:12.0255 2448	ws2ifsl - ok
23:42:12.0289 2448	wscsvc          (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll
23:42:12.0354 2448	wscsvc - ok
23:42:12.0365 2448	WSearch - ok
23:42:12.0575 2448	wuauserv        (9df12edbc698b0bc353b3ef84861e430) C:\Windows\system32\wuaueng.dll
23:42:12.0803 2448	wuauserv - ok
23:42:12.0926 2448	WudfPf          (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
23:42:13.0041 2448	WudfPf - ok
23:42:13.0076 2448	WUDFRd          (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
23:42:13.0188 2448	WUDFRd - ok
23:42:13.0221 2448	wudfsvc         (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
23:42:13.0338 2448	wudfsvc - ok
23:42:13.0372 2448	WwanSvc         (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
23:42:13.0458 2448	WwanSvc - ok
23:42:13.0507 2448	MBR (0x1B8)     (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
23:42:14.0100 2448	\Device\Harddisk0\DR0 - ok
23:42:14.0112 2448	Boot (0x1200)   (4c55c7c8406f8445488da0c279a80d68) \Device\Harddisk0\DR0\Partition0
23:42:14.0116 2448	\Device\Harddisk0\DR0\Partition0 - ok
23:42:14.0164 2448	Boot (0x1200)   (27fbe250173647bfccf03c6e08bb58f0) \Device\Harddisk0\DR0\Partition1
23:42:14.0169 2448	\Device\Harddisk0\DR0\Partition1 - ok
23:42:14.0171 2448	============================================================
23:42:14.0171 2448	Scan finished
23:42:14.0171 2448	============================================================
23:42:14.0203 4312	Detected object count: 1
23:42:14.0203 4312	Actual detected object count: 1
23:42:23.0068 4312	sesvc ( UnsignedFile.Multi.Generic ) - skipped by user
23:42:23.0068 4312	sesvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
23:42:28.0192 3652	Deinitialize success
         
das ist das Log. lg

Alt 19.06.2012, 08:07   #10
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Verschlüsselungstrojaner - Standard

Verschlüsselungstrojaner



Dann bitte jetzt CF ausführen:

ComboFix

Ein Leitfaden und Tutorium zur Nutzung von ComboFix
  • Schliesse alle Programme, vor allem dein Antivirenprogramm und andere Hintergrundwächter sowie deinen Internetbrowser.
  • Starte combofix.exe von deinem Desktop aus, bestätige die Warnmeldungen, führe die Updates durch (falls vorgeschlagen), installiere die Wiederherstellungskonsole (falls vorgeschlagen) und lass dein System durchsuchen.
    Vermeide es auch während Combofix läuft die Maus und Tastatur zu benutzen.
  • Im Anschluss öffnet sich automatisch eine combofix.txt, diesen Inhalt bitte kopieren ([Strg]a, [Strg]c) und in deinen Beitrag einfügen ([Strg]v). Die Datei findest du außerdem unter: C:\ComboFix.txt.
Wichtiger Hinweis:
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat!

Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich ziehen und eine Bereinigung der Infektion noch erschweren.

Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie

Zitat:
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
startest du Windows dann manuell neu und die Fehlermeldungen sollten nicht mehr auftauchen.
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 19.06.2012, 12:09   #11
anne1282
 
Verschlüsselungstrojaner - Standard

Verschlüsselungstrojaner



Lieber Arne, hier die Log-Datei von Combofix:

Code:
ATTFilter
ComboFix 12-06-19.01 - Judith 19.06.2012  12:29:24.1.2 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.49.1031.18.1771.943 [GMT 2:00]
ausgeführt von:: c:\users\Judith\Downloads\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\FullRemove.exe
.
.
(((((((((((((((((((((((   Dateien erstellt von 2012-05-19 bis 2012-06-19  ))))))))))))))))))))))))))))))
.
.
2012-06-19 10:42 . 2012-06-19 10:42	--------	d-----w-	c:\users\Default\AppData\Local\temp
2012-06-19 07:07 . 2012-05-31 04:04	9013136	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{A197B95B-84EF-4ED8-BC48-2E0B4478CB06}\mpengine.dll
2012-06-15 20:15 . 2012-06-15 20:15	--------	d-----w-	c:\users\Judith\AppData\Roaming\www.shadowexplorer.com
2012-06-15 20:14 . 2012-06-15 20:15	--------	d-----w-	c:\program files (x86)\ShadowExplorer
2012-06-15 18:55 . 2012-06-15 18:55	--------	d-----w-	c:\program files (x86)\ESET
2012-06-13 13:27 . 2012-04-26 05:41	77312	----a-w-	c:\windows\system32\rdpwsx.dll
2012-06-13 13:27 . 2012-04-26 05:41	149504	----a-w-	c:\windows\system32\rdpcorekmts.dll
2012-06-13 13:27 . 2012-04-26 05:34	9216	----a-w-	c:\windows\system32\rdrmemptylst.exe
2012-06-13 13:27 . 2012-05-01 05:40	209920	----a-w-	c:\windows\system32\profsvc.dll
2012-06-13 13:27 . 2012-04-28 03:55	210944	----a-w-	c:\windows\system32\drivers\rdpwd.sys
2012-06-13 13:27 . 2012-05-15 01:32	3146752	----a-w-	c:\windows\system32\win32k.sys
2012-06-13 13:27 . 2012-05-04 11:06	5559664	----a-w-	c:\windows\system32\ntoskrnl.exe
2012-06-13 13:27 . 2012-05-04 10:03	3913072	----a-w-	c:\windows\SysWow64\ntoskrnl.exe
2012-06-13 13:27 . 2012-05-04 10:03	3968368	----a-w-	c:\windows\SysWow64\ntkrnlpa.exe
2012-06-13 13:27 . 2012-04-07 12:31	3216384	----a-w-	c:\windows\system32\msi.dll
2012-06-13 13:27 . 2012-04-07 11:26	2342400	----a-w-	c:\windows\SysWow64\msi.dll
2012-06-13 13:26 . 2012-04-24 05:37	1462272	----a-w-	c:\windows\system32\crypt32.dll
2012-06-13 13:26 . 2012-04-24 05:37	184320	----a-w-	c:\windows\system32\cryptsvc.dll
2012-06-13 13:26 . 2012-04-24 05:37	140288	----a-w-	c:\windows\system32\cryptnet.dll
2012-06-13 13:26 . 2012-04-24 04:36	140288	----a-w-	c:\windows\SysWow64\cryptsvc.dll
2012-06-13 13:26 . 2012-04-24 04:36	1158656	----a-w-	c:\windows\SysWow64\crypt32.dll
2012-06-13 13:26 . 2012-04-24 04:36	103936	----a-w-	c:\windows\SysWow64\cryptnet.dll
2012-06-12 18:30 . 2012-06-12 18:30	--------	d-----w-	c:\programdata\WinZip
2012-06-12 10:39 . 2012-06-12 10:39	--------	d-----w-	c:\users\Judith\AppData\Roaming\Malwarebytes
2012-06-12 10:39 . 2012-06-12 10:39	--------	d-----w-	c:\programdata\Malwarebytes
2012-06-12 10:39 . 2012-06-12 10:39	--------	d-----w-	c:\program files (x86)\Malwarebytes' Anti-Malware
2012-06-12 10:39 . 2012-04-04 13:56	24904	----a-w-	c:\windows\system32\drivers\mbam.sys
2012-06-12 08:33 . 2012-06-16 20:41	--------	d-----w-	c:\users\Judith\Szsrxdtff
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-05-09 15:43 . 2011-12-03 15:19	98848	----a-w-	c:\windows\system32\drivers\avgntflt.sys
2012-05-09 15:43 . 2011-12-03 15:19	132832	----a-w-	c:\windows\system32\drivers\avipbb.sys
2012-05-08 17:05 . 2012-04-05 10:08	419488	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2012-05-08 17:05 . 2011-08-29 16:49	70304	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-05-05 07:27 . 2012-04-14 09:04	8744608	----a-w-	c:\windows\SysWow64\FlashPlayerInstaller.exe
2012-04-04 19:36 . 2012-04-04 19:36	472808	----a-w-	c:\windows\SysWow64\deployJava1.dll
2012-03-30 11:35 . 2012-05-11 11:19	1918320	----a-w-	c:\windows\system32\drivers\tcpip.sys
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"SuiteTray"="c:\program files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe" [2010-09-28 340336]
"EgisTecPMMUpdate"="c:\program files (x86)\EgisTec IPS\PmmUpdate.exe" [2010-09-17 407920]
"EgisUpdate"="c:\program files (x86)\EgisTec IPS\EgisUpdate.exe" [2010-09-17 201584]
"LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2011-03-14 1081424]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-01-11 336384]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2012-05-09 348624]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-04-04 462408]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"IsMyWinLockerReboot"="msiexec.exe" [2010-11-21 73216]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Acer VCM.lnk - c:\program files (x86)\Acer\Acer VCM\AcerVCM.exe [2011-4-15 704104]
McAfee Security Scan Plus.lnk - c:\program files (x86)\McAfee Security Scan\3.0.207\SSScheduler.exe [2011-6-17 272528]
PDFCreator.lnk - c:\program files (x86)\PDFCreator\PDFCreator.exe [2012-2-13 2641920]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages	REG_MULTI_SZ   	kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Google Update-Dienst (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-04-28 116648]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-08 257696]
R3 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-03-01 183560]
R3 EgisTec Ticket Service;EgisTec Ticket Service;c:\program files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe [2010-09-28 172912]
R3 gupdatem;Google Update-Dienst (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-04-28 116648]
R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files (x86)\McAfee Security Scan\3.0.207\McCHSvc.exe [2011-06-17 237008]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-04-27 129976]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\System32\Drivers\RtsUStor.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [x]
S1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\DRIVERS\mwlPSDFilter.sys [x]
S1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\DRIVERS\mwlPSDNServ.sys [x]
S1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\DRIVERS\mwlPSDVDisk.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2012-05-09 86224]
S2 CxAudMsg;Conexant Audio Message Service;c:\windows\system32\CxAudMsg64.exe [x]
S2 DsiWMIService;Dritek WMI Service;c:\program files (x86)\Launch Manager\dsiwmis.exe [2011-03-14 352336]
S2 ePowerSvc;Acer ePower Service;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe [2011-01-28 868224]
S2 GREGService;GREGService;c:\program files (x86)\Acer\Registration\GREGsvc.exe [2010-01-08 23584]
S2 Live Updater Service;Live Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe [2011-01-31 244624]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-04-04 654408]
S2 RS_Service;Raw Socket Service;c:\program files (x86)\Acer\Acer VCM\RS_Service.exe [2010-01-29 260640]
S2 sesvc;ShadowExplorer Service;c:\program files (x86)\ShadowExplorer\sesvc.exe [2011-01-02 9216]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [x]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]
S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [x]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - WS2IFSL
.
Inhalt des "geplante Tasks" Ordners
.
2012-06-19 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-05 17:05]
.
2012-06-19 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-04-28 09:26]
.
2012-06-19 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-04-28 09:26]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Acer ePower Management"="c:\program files\Acer\Acer ePower Management\ePowerTray.exe" [2011-01-28 862088]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.de/
mStart Page = hxxp://acer.msn.com
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Nach Microsoft E&xel exportieren - c:\progra~2\MICROS~4\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.2.1
FF - ProfilePath - c:\users\Judith\AppData\Roaming\Mozilla\Firefox\Profiles\2fbozq77.default\
FF - prefs.js: network.proxy.type - 0
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Toolbar-Locked - (no file)
Wow6432Node-HKCU-Run-Skype - c:\program files (x86)\Skype\Phone\Skype.exe
Toolbar-Locked - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
   00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Nico Mak Computing\WinZip]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
   00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe
c:\program files (x86)\Launch Manager\LMutilps32.exe
c:\program files (x86)\Microsoft\BingBar\SeaPort.EXE
.
**************************************************************************
.
Zeit der Fertigstellung: 2012-06-19  12:53:00 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2012-06-19 10:52
.
Vor Suchlauf: 6 Verzeichnis(se), 208.914.722.816 Bytes frei
Nach Suchlauf: 13 Verzeichnis(se), 208.718.200.832 Bytes frei
.
- - End Of File - - D58301776E90A1AB9AABBB17C7974EB5
         
sonnige Grüße

Alt 19.06.2012, 12:37   #12
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Verschlüsselungstrojaner - Standard

Verschlüsselungstrojaner



Bitte nun Logs mit GMER und OSAM erstellen und posten.
GMER stürzt häufiger ab, wenn das Tool auch beim 2. Mal nicht will, lass es einfach weg und führ nur OSAM aus - die Online-Abfrage durch OSAM bitte überspringen.
Bei OSAM bitte darauf auch achten, dass Du das Log auch als *.log und nicht *.html oder so abspeicherst.

Hinweis: Zum Entpacken von OSAM bitte WinRAR oder 7zip verwenden! Stell auch unbedingt den Virenscanner ab, besonders der Scanner von McAfee meldet oft einen Fehalarm in OSAM!

Downloade dir bitte aswMBR.exe und speichere die Datei auf deinem Desktop.
  • Starte die aswMBR.exe - (aswMBR.exe Anleitung)
    Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten".
  • Das Tool wird dich fragen, ob Du mit der aktuellen Virendefinition von AVAST! dein System scannen willst. Beantworte diese Frage bitte mit Ja. (Sollte deine Firewall fragen, bitte den Zugriff auf das Internet zulassen )
    Der Download der Definitionen kann je nach Verbindung eine Weile dauern.
  • Klicke auf Scan.
  • Warte bitte bis Scan finished successfully im DOS-Fenster steht.
  • Drücke auf Save Log und speichere diese auf dem Desktop.
Poste mir die aswMBR.txt in deiner nächsten Antwort.

Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung

Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none).



Noch ein Hinweis: Sollte aswMBR abstürzen und es kommt eine Meldung wie "aswMBR.exe funktioniert nicht mehr, dann mach Folgendes:
Starte aswMBR neu, wähle unten links im Drop-Down-Menü (unten links im Fenster von aswMBR) bei "AV scan" (none) aus und klick nochmal auf den Scan-Button.
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 19.06.2012, 21:03   #13
anne1282
 
Verschlüsselungstrojaner - Standard

Verschlüsselungstrojaner



Lieber Arne,
habe alles durchgeführt.
Hier das Log von GMER:
Code:
ATTFilter
GMER 1.0.15.15641 - hxxp://www.gmer.net
Rootkit scan 2012-06-19 20:55:03
Windows 6.1.7601 Service Pack 1 
Running: dezb9rgn.exe


---- Registry - GMER 1.0.15 ----

Reg  HKLM\SYSTEM\CurrentControlSet\Control\Network\{4d36e975-e325-11ce-bfc1-08002be10318}\{2B07FAA1-8217-4E30-B5EC-FD4501E773BB}\Linkage@Route   "{1B309225-D5F9-49B7-84DE-D0F555F3BD00}"?"{B4DBC79B-7F68-4266-91F5-64F4CA70DFDA}"?
Reg  HKLM\SYSTEM\CurrentControlSet\Control\Network\{4d36e975-e325-11ce-bfc1-08002be10318}\{2B07FAA1-8217-4E30-B5EC-FD4501E773BB}\Linkage@Export  \Device\TCPIP6TUNNEL_{1B309225-D5F9-49B7-84DE-D0F555F3BD00}?\Device\TCPIP6TUNNEL_{B4DBC79B-7F68-4266-91F5-64F4CA70DFDA}?

---- EOF - GMER 1.0.15 ----
         
hier das log von OSAM:
Code:
ATTFilter
Report of OSAM: Autorun Manager v5.0.11926.0
hxxp://www.online-solutions.ru/en/
Saved at 21:33:16 on 19.06.2012

OS: Windows 7 Home Premium Edition Service Pack 1 (Build 7601), 64-bit
Default Browser: Mozilla Corporation Firefox 12.0

Scanner Settings
[x] Rootkits detection (hidden registry)
[x] Rootkits detection (hidden files)
[x] Retrieve files information
[x] Check Microsoft signatures

Filters
[ ] Trusted entries
[ ] Empty entries
[x] Hidden registry entries (rootkit activity)
[x] Exclusively opened files
[x] Not found files
[x] Files without detailed information
[x] Existing files
[ ] Non-startable services
[ ] Non-startable drivers
[x] Active entries
[x] Disabled entries


[Common]
-----( %SystemRoot%\Tasks )-----
"GoogleUpdateTaskMachineCore.job" - "Google Inc." - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
"GoogleUpdateTaskMachineUA.job" - "Google Inc." - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
"Adobe Flash Player Updater.job" - "Adobe Systems Incorporated" - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

[Drivers]
-----( HKLM\SYSTEM\CurrentControlSet\Services )-----
"avgntflt" (avgntflt) - "Avira GmbH" - C:\Windows\System32\DRIVERS\avgntflt.sys
"avipbb" (avipbb) - "Avira GmbH" - C:\Windows\System32\DRIVERS\avipbb.sys
"avkmgr" (avkmgr) - "Avira GmbH" - C:\Windows\System32\DRIVERS\avkmgr.sys
"catchme" (catchme) - ? - C:\ComboFix\catchme.sys  (File not found)
"MBAMProtector" (MBAMProtector) - "Malwarebytes Corporation" - C:\Windows\system32\drivers\mbam.sys

[Explorer]
-----( HKLM\Software\Classes\Folder\shellex\ColumnHandlers )-----
{F9DB5320-233E-11D1-9F84-707F02C10627} "PDF Shell Extension" - "Adobe Systems, Inc." - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll
-----( HKLM\Software\Classes\Protocols\Filter )-----
{807563E5-5146-11D5-A672-00B0D022E945} "Microsoft Office InfoPath XML Mime Filter" - "Microsoft Corporation" - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
-----( HKLM\Software\Classes\Protocols\Handler )-----
{E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} "Album Download IE Asynchronous Pluggable Protocol Interface" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
{314111c7-a502-11d2-bbca-00c04f8ec294} "HxProtocol Class" - "Microsoft Corporation" - C:\Program Files (x86)\Common Files\Microsoft Shared\Help\hxds.dll
{FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} "IEProtocolHandler Class" - "Skype Technologies" - C:\Program Files (x86)\Acer\Acer VCM\Skype4COM.dll
{03C514A3-1EFB-4856-9F99-10D7BE1653C0} "Windows Live Mail HTML Asynchronous Pluggable Protocol Handler" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )-----
{5E2121EE-0300-11D4-8D3B-444553540000} "Catalyst Context Menu extension" - ? -   (File not found | COM-object registry key not found)
{42042206-2D85-11D3-8CFF-005004838597} "Microsoft Office HTML Icon Handler" - "Microsoft Corporation" - C:\Program Files (x86)\Microsoft Office\Office12\msohevi.dll
{993BE281-6695-4BA5-8A2A-7AACBFAAB69E} "Microsoft Office Metadata Handler" - "Microsoft Corporation" - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\msoshext.dll
{C41662BB-1FA0-4CE0-8DC5-9B7F8279FF97} "Microsoft Office Thumbnail Handler" - "Microsoft Corporation" - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\msoshext.dll
{2BE99FD4-A181-4996-BFA9-58C5FFD11F6C} "Windows Live Photo Gallery Autoplay Drop Target" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe
{00F30F64-AC33-42F5-8FD1-5DC2D3FDE06C} "Windows Live Photo Gallery Editor Drop Target" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe
{00F3712A-CA79-45B4-9E4D-D7891E7F8B9D} "Windows Live Photo Gallery Editor Shim" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\PhotoViewerShim.dll
{00F30F90-3E96-453B-AFCD-D71989ECC2C7} "Windows Live Photo Gallery Viewer Autoplay Shim" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\PhotoViewerShim.dll
{00F33137-EE26-412F-8D71-F84E4C2C6625} "Windows Live Photo Gallery Viewer Autoplay Shim" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\PhotoViewerShim.dll
{00F374B7-B390-4884-B372-2FC349F2172B} "Windows Live Photo Gallery Viewer Drop Target" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe
{00F346CB-35A4-465B-8B8F-65A29DBAB1F6} "Windows Live Photo Gallery Viewer Shim" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\PhotoViewerShim.dll
{0563DB41-F538-4B37-A92D-4659049B7766} "WLMD Message Handler" - ? -   (File not found | COM-object registry key not found)
{06A2568A-CED6-4187-BB20-400B8C02BE5A} "{06A2568A-CED6-4187-BB20-400B8C02BE5A}" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoAcquireWizard.exe

[Internet Explorer]
-----( HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser )-----
ITBar7Height "ITBar7Height" - ? -   (File not found | COM-object registry key not found)
<binary data> "ITBar7Layout" - ? -   (File not found | COM-object registry key not found)
-----( HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units )-----
{8AD9C840-044E-11D1-B3E9-00805F499D93} "Java Plug-in 1.6.0_31" - "Sun Microsystems, Inc." - C:\Program Files (x86)\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} "Java Plug-in 1.6.0_31" - "Sun Microsystems, Inc." - C:\Program Files (x86)\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} "Java Plug-in 1.6.0_31" - "Sun Microsystems, Inc." - C:\Program Files (x86)\Java\jre6\bin\npjpi160_31.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
-----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions )-----
{5F7B1267-94A9-47F5-98DB-E99415F33AEC} "@C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
{FF059E31-CC5A-4E2E-BF3B-96E929D65503} "Research" - "Microsoft Corporation" - C:\PROGRA~2\MICROS~4\Office12\REFIEBAR.DLL
-----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar )-----
{8dcb7100-df86-4384-8842-8fa844297b3f} "Bing Bar" - "Microsoft Corporation." - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll
Locked "Locked" - ? -   (File not found | COM-object registry key not found)
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects )-----
{18DF081C-E8AD-4283-A596-FA578C2EBDC3} "Adobe PDF Link Helper" - "Adobe Systems Incorporated" - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
{d2ce3e00-f94a-4740-988e-03dc2f38c34f} "Bing Bar Helper" - "Microsoft Corporation." - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll
{DBC80044-A445-435b-BC74-9C25C1C588A9} "Java(tm) Plug-In 2 SSV Helper" - "Sun Microsystems, Inc." - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} "Java(tm) Plug-In SSV Helper" - "Sun Microsystems, Inc." - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
{27B4851A-3207-45A2-B947-BE8AFE6163AB} "McAfee Phishing Filter" - ? - c:\progra~1\mcafee\msk\mskapbho.dll  (File not found)
{9030D464-4C02-4ABF-8ECC-5164760863C6} "Windows Live ID Sign-in Helper" - "Microsoft Corp." - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

[LSA Providers]
-----( HKLM\SYSTEM\CurrentControlSet\Control\Lsa )-----
"Security Packages" - "Microsoft Corp." - C:\Windows\system32\livessp.dll

[Logon]
-----( %APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup )-----
"desktop.ini" - ? - C:\Users\Judith\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
-----( %AllUsersProfile%\Microsoft\Windows\Start Menu\Programs\Startup )-----
"Acer VCM.lnk" - "Acer Incorporated" - C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe  (Shortcut exists | File exists)
"desktop.ini" - ? - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
"McAfee Security Scan Plus.lnk" - "McAfee, Inc." - C:\Program Files (x86)\McAfee Security Scan\3.0.207\SSScheduler.exe  (Shortcut exists | File exists)
"PDFCreator.lnk" - "pdfforge  hxxp://www.pdfforge.org/" - C:\Program Files (x86)\PDFCreator\PDFCreator.exe  (Shortcut exists | File exists)
-----( HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server\Wds\rdpwd )-----
"StartupPrograms" - ? - rdpclip  (File not found)
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Run )-----
"Adobe ARM" - "Adobe Systems Incorporated" - "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"avgnt" - "Avira Operations GmbH & Co. KG" - "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
"EgisTecPMMUpdate" - "Egis Technology Inc." - "C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe"
"EgisUpdate" - "Egis Technology Inc." - "C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe" -d
"LManager" - "Dritek System Inc." - C:\Program Files (x86)\Launch Manager\LManager.exe
"Malwarebytes' Anti-Malware" - "Malwarebytes Corporation" - "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
"StartCCC" - "Advanced Micro Devices, Inc." - "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
"SuiteTray" - "Egis Technology Inc." - "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"
"SunJavaUpdateSched" - "Sun Microsystems, Inc." - "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

[Print Monitors]
-----( HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors )-----
"PDFCreator" - ? - C:\Windows\system32\pdfcmnnt.dll  (File found, but it contains no detailed information)

[Services]
-----( HKLM\SYSTEM\CurrentControlSet\Services )-----
"@%ProgramFiles%\Windows Defender\MsMpRes.dll,-103" (WinDefend) - ? - C:\Program Files (x86)\Windows Defender\mpsvc.dll  (File not found)
"@%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101" (WMPNetworkSvc) - ? - "C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe"  (File not found)
"@C:\Windows\system32\CxAudMsg64.exe,-100" (CxAudMsg) - "Conexant Systems Inc." - C:\Windows\system32\CxAudMsg64.exe
"Acer ePower Service" (ePowerSvc) - "Acer Incorporated" - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
"Adobe Acrobat Update Service" (AdobeARMservice) - "Adobe Systems Incorporated" - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
"Adobe Flash Player Update Service" (AdobeFlashPlayerUpdateSvc) - "Adobe Systems Incorporated" - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
"Avira Echtzeit Scanner" (AntiVirService) - "Avira Operations GmbH & Co. KG" - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
"Avira Planer" (AntiVirSchedulerService) - "Avira Operations GmbH & Co. KG" - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
"Bing Bar Update Service" (BBSvc) - "Microsoft Corporation." - C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
"Dritek WMI Service" (DsiWMIService) - "Dritek System Inc." - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
"EgisTec Ticket Service" (EgisTec Ticket Service) - "Egis Technology Inc. " - C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe
"Google Update-Dienst (gupdate)" (gupdate) - "Google Inc." - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
"Google Update-Dienst (gupdatem)" (gupdatem) - "Google Inc." - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
"GREGService" (GREGService) - "Acer Incorporated" - C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
"Live Updater Service" (Live Updater Service) - "Acer Incorporated" - C:\Program Files\Acer\Acer Updater\UpdaterService.exe
"MBAMService" (MBAMService) - "Malwarebytes Corporation" - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
"McAfee Security Scan Component Host Service" (McComponentHostService) - "McAfee, Inc." - C:\Program Files (x86)\McAfee Security Scan\3.0.207\McCHSvc.exe
"Microsoft .NET Framework NGEN v4.0.30319_X64" (clr_optimization_v4.0.30319_64) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
"Microsoft .NET Framework NGEN v4.0.30319_X86" (clr_optimization_v4.0.30319_32) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
"Microsoft Office Diagnostics Service" (odserv) - "Microsoft Corporation" - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
"Mozilla Maintenance Service" (MozillaMaintenance) - "Mozilla Foundation" - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
"Office Source Engine" (ose) - "Microsoft Corporation" - C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
"Raw Socket Service" (RS_Service) - "Acer Incorporated" - C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe
"SeaPort" (SeaPort) - "Microsoft Corporation" - C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
"ShadowExplorer Service" (sesvc) - "www.shadowexplorer.com" - C:\Program Files (x86)\ShadowExplorer\sesvc.exe
"Windows Live ID Sign-in Assistant" (wlidsvc) - "Microsoft Corp." - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

[Winsock Providers]
-----( HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries )-----
"WindowsLive Local NSP" - "Microsoft Corp." - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL
"WindowsLive NSP" - "Microsoft Corp." - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL

===[ Logfile end ]=========================================[ Logfile end ]===

If You have questions or want to get some help, You can visit hxxp://forum.online-solutions.ru
         
und hier das dritte log von aswMBR: hier wurde nie angezeigt Scan finished successfully, ich hoffe ich habe ausreichend gewartet bis ich die Log erstellt habe...

Code:
ATTFilter
aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-06-19 21:34:06
-----------------------------
21:34:06.962    OS Version: Windows x64 6.1.7601 Service Pack 1
21:34:06.963    Number of processors: 2 586 0x100
21:34:06.965    ComputerName: JUDITH-PC  UserName: Judith
21:34:08.399    Initialize success
21:36:01.065    AVAST engine defs: 12061900
21:37:25.263    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
21:37:25.269    Disk 0 Vendor: ST320LT020-9YG142 0001SDM1 Size: 305245MB BusType: 11
21:37:25.305    Disk 0 MBR read successfully
21:37:25.313    Disk 0 MBR scan
21:37:25.325    Disk 0 Windows 7 default MBR code
21:37:25.337    Disk 0 Partition 1 00     27 Hidden NTFS WinRE NTFS        14336 MB offset 2048
21:37:25.369    Disk 0 Partition 2 80 (A) 07    HPFS/NTFS NTFS          100 MB offset 29362176
21:37:25.391    Disk 0 Partition 3 00     07    HPFS/NTFS NTFS       290807 MB offset 29566976
21:37:25.441    Disk 0 scanning C:\Windows\system32\drivers
21:37:39.713    Service scanning
21:38:10.685    Modules scanning
21:38:10.708    Disk 0 trace - called modules:
21:38:10.762    ntoskrnl.exe CLASSPNP.SYS disk.sys ataport.SYS PCIIDEX.SYS hal.dll msahci.sys 
21:38:10.779    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8002453060]
21:38:10.794    3 CLASSPNP.SYS[fffff880019a643f] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa8001f47500]
21:38:11.825    AVAST engine scan C:\Windows
21:38:16.068    AVAST engine scan C:\Windows\system32
21:43:34.594    AVAST engine scan C:\Windows\system32\drivers
21:43:58.936    AVAST engine scan C:\Users\Judith
21:46:25.394    Disk 0 MBR has been saved successfully to "C:\Users\Judith\Desktop\MBR.dat"
21:46:25.421    The log file has been saved successfully to "C:\Users\Judith\Desktop\aswMBR.txt"


aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-06-19 21:47:20
-----------------------------
21:47:20.694    OS Version: Windows x64 6.1.7601 Service Pack 1
21:47:20.694    Number of processors: 2 586 0x100
21:47:20.697    ComputerName: JUDITH-PC  UserName: Judith
21:47:24.695    Initialize success
21:47:38.376    AVAST engine defs: 12061900
21:47:47.064    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
21:47:47.071    Disk 0 Vendor: ST320LT020-9YG142 0001SDM1 Size: 305245MB BusType: 11
21:47:47.114    Disk 0 MBR read successfully
21:47:47.121    Disk 0 MBR scan
21:47:47.133    Disk 0 Windows 7 default MBR code
21:47:47.145    Disk 0 Partition 1 00     27 Hidden NTFS WinRE NTFS        14336 MB offset 2048
21:47:47.177    Disk 0 Partition 2 80 (A) 07    HPFS/NTFS NTFS          100 MB offset 29362176
21:47:47.200    Disk 0 Partition 3 00     07    HPFS/NTFS NTFS       290807 MB offset 29566976
21:47:47.251    Disk 0 scanning C:\Windows\system32\drivers
21:48:07.646    Service scanning
21:48:38.033    Modules scanning
21:48:38.054    Disk 0 trace - called modules:
21:48:38.088    ntoskrnl.exe CLASSPNP.SYS disk.sys ataport.SYS PCIIDEX.SYS hal.dll msahci.sys 
21:48:38.104    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8002453060]
21:48:38.121    3 CLASSPNP.SYS[fffff880019a643f] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa8001f47500]
21:48:46.019    AVAST engine scan C:\Windows
21:48:58.522    AVAST engine scan C:\Windows\system32
21:54:12.752    AVAST engine scan C:\Windows\system32\drivers
21:54:31.141    AVAST engine scan C:\Users\Judith
22:00:13.360    Disk 0 MBR has been saved successfully to "C:\Users\Judith\Desktop\MBR.dat"
22:00:13.389    The log file has been saved successfully to "C:\Users\Judith\Desktop\aswMBR.txt"
         
vielen Dank!
Judith

Alt 20.06.2012, 10:59   #14
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Verschlüsselungstrojaner - Standard

Verschlüsselungstrojaner



Sieht ok aus. Wir sollten fast durch sein. Mach bitte zur Kontrolle Vollscans mit Malwarebytes und SUPERAntiSpyware und poste die Logs.
Denk dran beide Tools zu updaten vor dem Scan!!
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 20.06.2012, 21:59   #15
anne1282
 
Verschlüsselungstrojaner - Standard

Verschlüsselungstrojaner



Hier die Log von SuperAntiSpyware:

Code:
ATTFilter
SUPERAntiSpyware Scan Log
hxxp://www.superantispyware.com

Generated 06/20/2012 at 08:24 PM

Application Version : 5.0.1150

Core Rules Database Version : 8764
Trace Rules Database Version: 6576

Scan type       : Complete Scan
Total Scan Time : 02:57:32

Operating System Information
Windows 7 Home Premium 64-bit, Service Pack 1 (Build 6.01.7601)
UAC On - Limited User

Memory items scanned      : 565
Memory threats detected   : 0
Registry items scanned    : 65357
Registry threats detected : 0
File items scanned        : 145525
File threats detected     : 501

Adware.Tracking Cookie
	C:\Users\Judith\AppData\Roaming\Microsoft\Windows\Cookies\F9ZY8VAO.txt [ /atdmt.com ]
	C:\Users\Judith\AppData\Roaming\Microsoft\Windows\Cookies\353RVZJY.txt [ /smartadserver.com ]
	C:\Users\Judith\AppData\Roaming\Microsoft\Windows\Cookies\2AETUTIL.txt [ /partypoker.com ]
	C:\Users\Judith\AppData\Roaming\Microsoft\Windows\Cookies\04P5RCNL.txt [ /track.adform.net ]
	C:\Users\Judith\AppData\Roaming\Microsoft\Windows\Cookies\LUBLW34I.txt [ /tracking.quisma.com ]
	C:\Users\Judith\AppData\Roaming\Microsoft\Windows\Cookies\9YZCIPQL.txt [ /mediaplex.com ]
	C:\Users\Judith\AppData\Roaming\Microsoft\Windows\Cookies\KQQEE1CF.txt [ /ad.zanox.com ]
	C:\Users\Judith\AppData\Roaming\Microsoft\Windows\Cookies\RK48X4UJ.txt [ /dyntracker.com ]
	C:\Users\Judith\AppData\Roaming\Microsoft\Windows\Cookies\0C5UZ39R.txt [ /apmebf.com ]
	C:\Users\Judith\AppData\Roaming\Microsoft\Windows\Cookies\T8GS3AUM.txt [ /adform.net ]
	C:\Users\Judith\AppData\Roaming\Microsoft\Windows\Cookies\4JK3LS2J.txt [ /zanox.com ]
	C:\Users\Judith\AppData\Roaming\Microsoft\Windows\Cookies\QV1E02AE.txt [ /fastclick.net ]
	C:\USERS\JUDITH\AppData\Roaming\Microsoft\Windows\Cookies\Low\IU3JG3EB.txt [ Cookie:judith@atdmt.com/ ]
	C:\USERS\JUDITH\AppData\Roaming\Microsoft\Windows\Cookies\Low\HXI9O6IV.txt [ Cookie:judith@tradedoubler.com/ ]
	C:\USERS\JUDITH\AppData\Roaming\Microsoft\Windows\Cookies\Low\6YSF6F25.txt [ Cookie:judith@accounts.google.com/ ]
	C:\USERS\JUDITH\AppData\Roaming\Microsoft\Windows\Cookies\Low\MX5NS1Q2.txt [ Cookie:judith@de.partypoker.com/ ]
	C:\USERS\JUDITH\AppData\Roaming\Microsoft\Windows\Cookies\Low\Q2RKKILE.txt [ Cookie:judith@partypoker.com/ ]
	C:\USERS\JUDITH\AppData\Roaming\Microsoft\Windows\Cookies\Low\43XMBAOW.txt [ Cookie:judith@adviva.net/ ]
	C:\USERS\JUDITH\AppData\Roaming\Microsoft\Windows\Cookies\Low\FYK3K9I2.txt [ Cookie:judith@track.adform.net/ ]
	C:\USERS\JUDITH\AppData\Roaming\Microsoft\Windows\Cookies\Low\V3J5P9RZ.txt [ Cookie:judith@zanox-affiliate.de/ ]
	C:\USERS\JUDITH\AppData\Roaming\Microsoft\Windows\Cookies\Low\GC2ACXNA.txt [ Cookie:judith@tracking.quisma.com/ ]
	C:\USERS\JUDITH\AppData\Roaming\Microsoft\Windows\Cookies\Low\C6R88UDF.txt [ Cookie:judith@germanwings.112.2o7.net/ ]
	C:\USERS\JUDITH\AppData\Roaming\Microsoft\Windows\Cookies\Low\D99UDNA4.txt [ Cookie:judith@invitemedia.com/ ]
	C:\USERS\JUDITH\AppData\Roaming\Microsoft\Windows\Cookies\Low\1A8WRI2A.txt [ Cookie:judith@adserver2.clipkit.de/ ]
	C:\USERS\JUDITH\AppData\Roaming\Microsoft\Windows\Cookies\Low\DQE2FCLE.txt [ Cookie:judith@www.ad-track.de/ ]
	C:\USERS\JUDITH\AppData\Roaming\Microsoft\Windows\Cookies\Low\BA1QUI9J.txt [ Cookie:judith@ad.zanox.com/ ]
	C:\USERS\JUDITH\AppData\Roaming\Microsoft\Windows\Cookies\Low\KV13C6RB.txt [ Cookie:judith@questionmarket.com/ ]
	C:\USERS\JUDITH\AppData\Roaming\Microsoft\Windows\Cookies\Low\5ZH8Q55M.txt [ Cookie:judith@apmebf.com/ ]
	C:\USERS\JUDITH\AppData\Roaming\Microsoft\Windows\Cookies\Low\2W3ADY3Y.txt [ Cookie:judith@www.etracker.de/ ]
	C:\USERS\JUDITH\AppData\Roaming\Microsoft\Windows\Cookies\Low\FQBX12ZQ.txt [ Cookie:judith@ad.yieldmanager.com/ ]
	C:\USERS\JUDITH\AppData\Roaming\Microsoft\Windows\Cookies\Low\judith@microsoftwindows.112.2o7[1].txt [ Cookie:judith@microsoftwindows.112.2o7.net/ ]
	C:\USERS\JUDITH\AppData\Roaming\Microsoft\Windows\Cookies\Low\FN84VOKQ.txt [ Cookie:judith@adform.net/ ]
	C:\USERS\JUDITH\AppData\Roaming\Microsoft\Windows\Cookies\Low\65CVETQF.txt [ Cookie:judith@content.yieldmanager.com/ ]
	C:\USERS\JUDITH\AppData\Roaming\Microsoft\Windows\Cookies\Low\GJHA8MV8.txt [ Cookie:judith@zedo.com/ ]
	C:\USERS\JUDITH\AppData\Roaming\Microsoft\Windows\Cookies\Low\DXXF2K3Y.txt [ Cookie:judith@studivz.adfarm1.adition.com/ ]
	C:\USERS\JUDITH\AppData\Roaming\Microsoft\Windows\Cookies\Low\judith@a.revenuemax[1].txt [ Cookie:judith@a.revenuemax.de/ ]
	C:\USERS\JUDITH\AppData\Roaming\Microsoft\Windows\Cookies\Low\judith@www.mediamarkt[1].txt [ Cookie:judith@www.mediamarkt.de/ ]
	C:\USERS\JUDITH\AppData\Roaming\Microsoft\Windows\Cookies\Low\R2O6CNHH.txt [ Cookie:judith@ad3.adfarm1.adition.com/ ]
	C:\USERS\JUDITH\AppData\Roaming\Microsoft\Windows\Cookies\Low\B44TQ4WC.txt [ Cookie:judith@tracking.mindshare.de/ ]
	C:\USERS\JUDITH\AppData\Roaming\Microsoft\Windows\Cookies\Low\7QH8AK2J.txt [ Cookie:judith@de.sitestat.com/ing-diba/de/ ]
	C:\USERS\JUDITH\AppData\Roaming\Microsoft\Windows\Cookies\Low\W77XX0TL.txt [ Cookie:judith@doubleclick.net/ ]
	C:\USERS\JUDITH\AppData\Roaming\Microsoft\Windows\Cookies\Low\KRCQGGAJ.txt [ Cookie:judith@eyewonder.com/ ]
	C:\USERS\JUDITH\AppData\Roaming\Microsoft\Windows\Cookies\Low\MGL9QHCF.txt [ Cookie:judith@zanox.com/ ]
	C:\USERS\JUDITH\AppData\Roaming\Microsoft\Windows\Cookies\Low\O8I1II06.txt [ Cookie:judith@amazon-adsystem.com/ ]
	C:\USERS\JUDITH\AppData\Roaming\Microsoft\Windows\Cookies\Low\197F6FKQ.txt [ Cookie:judith@ad1.adfarm1.adition.com/ ]
	C:\USERS\JUDITH\AppData\Roaming\Microsoft\Windows\Cookies\Low\JU6VKZ6C.txt [ Cookie:judith@www.usenext.de/ ]
	C:\USERS\JUDITH\AppData\Roaming\Microsoft\Windows\Cookies\Low\3GB555CF.txt [ Cookie:judith@in.getclicky.com/ ]
	C:\USERS\JUDITH\AppData\Roaming\Microsoft\Windows\Cookies\Low\0ZA1GBQC.txt [ Cookie:judith@c.atdmt.com/ ]
	C:\USERS\JUDITH\AppData\Roaming\Microsoft\Windows\Cookies\Low\ZGOOBI99.txt [ Cookie:judith@www.burstnet.com/ ]
	C:\USERS\JUDITH\AppData\Roaming\Microsoft\Windows\Cookies\Low\KDO1CZ5D.txt [ Cookie:judith@webmasterplan.com/ ]
	C:\USERS\JUDITH\AppData\Roaming\Microsoft\Windows\Cookies\Low\WTQMX5MD.txt [ Cookie:judith@traffictrack.de/ ]
	C:\USERS\JUDITH\AppData\Roaming\Microsoft\Windows\Cookies\Low\WYWJF2JK.txt [ Cookie:judith@www.googleadservices.com/pagead/conversion/1052039368/ ]
	C:\USERS\JUDITH\AppData\Roaming\Microsoft\Windows\Cookies\Low\SOLP7AU1.txt [ Cookie:judith@adfarm1.adition.com/ ]
	C:\USERS\JUDITH\AppData\Roaming\Microsoft\Windows\Cookies\Low\MHOJHGRN.txt [ Cookie:judith@ad4.adfarm1.adition.com/ ]
	C:\USERS\JUDITH\AppData\Roaming\Microsoft\Windows\Cookies\Low\RQ0RWELN.txt [ Cookie:judith@eas.apm.emediate.eu/ ]
	C:\USERS\JUDITH\AppData\Roaming\Microsoft\Windows\Cookies\Low\N7JFT6LT.txt [ Cookie:judith@advertising.com/ ]
	C:\USERS\JUDITH\AppData\Roaming\Microsoft\Windows\Cookies\Low\QRRNP675.txt [ Cookie:judith@stats.justhost.com/ ]
	C:\USERS\JUDITH\AppData\Roaming\Microsoft\Windows\Cookies\Low\8KR2G4BO.txt [ Cookie:judith@rts.pgmediaserve.com/ ]
	C:\USERS\JUDITH\AppData\Roaming\Microsoft\Windows\Cookies\Low\QLJY9FVD.txt [ Cookie:judith@de.sitestat.com/is24/is24/ ]
	C:\USERS\JUDITH\AppData\Roaming\Microsoft\Windows\Cookies\Low\9OSUH4MQ.txt [ Cookie:judith@clickfuse.com/ ]
	C:\USERS\JUDITH\AppData\Roaming\Microsoft\Windows\Cookies\Low\A2PIQOXB.txt [ Cookie:judith@ru4.com/ ]
	C:\USERS\JUDITH\AppData\Roaming\Microsoft\Windows\Cookies\Low\JG035XGF.txt [ Cookie:judith@fastclick.net/ ]
	C:\USERS\JUDITH\AppData\Roaming\Microsoft\Windows\Cookies\Low\QYLZBSNL.txt [ Cookie:judith@tracking.hostgator.com/ ]
	C:\USERS\JUDITH\AppData\Roaming\Microsoft\Windows\Cookies\Low\LGIR845Z.txt [ Cookie:judith@www.googleadservices.com/pagead/conversion/1070482875/ ]
	C:\USERS\JUDITH\AppData\Roaming\Microsoft\Windows\Cookies\Low\ES9OID9A.txt [ Cookie:judith@track.webtrekk.net/523478367474333/ ]
	C:\USERS\JUDITH\AppData\Roaming\Microsoft\Windows\Cookies\Low\B7P1WNBE.txt [ Cookie:judith@edates.traffective-tracking.com/ ]
	C:\USERS\JUDITH\AppData\Roaming\Microsoft\Windows\Cookies\Low\HUQMUIAQ.txt [ Cookie:judith@mmotraffic.com/ ]
	C:\USERS\JUDITH\AppData\Roaming\Microsoft\Windows\Cookies\Low\POJVLKL6.txt [ Cookie:judith@adtech.de/ ]
	C:\USERS\JUDITH\AppData\Roaming\Microsoft\Windows\Cookies\Low\GOVQMLFA.txt [ Cookie:judith@www.googleadservices.com/pagead/conversion/1007229786/ ]
	C:\USERS\JUDITH\AppData\Roaming\Microsoft\Windows\Cookies\Low\9J7VRW0L.txt [ Cookie:judith@azjmp.com/ ]
	C:\USERS\JUDITH\AppData\Roaming\Microsoft\Windows\Cookies\Low\IPI6WU7L.txt [ Cookie:judith@fr.sitestat.com/eurosport/ ]
	C:\USERS\JUDITH\AppData\Roaming\Microsoft\Windows\Cookies\Low\U8BRY40N.txt [ Cookie:judith@revsci.net/ ]
	C:\USERS\JUDITH\AppData\Roaming\Microsoft\Windows\Cookies\Low\AQ3PXXL0.txt [ Cookie:judith@casalemedia.com/ ]
	C:\USERS\JUDITH\AppData\Roaming\Microsoft\Windows\Cookies\Low\MWD2A3ZX.txt [ Cookie:judith@specificclick.net/ ]
	C:\USERS\JUDITH\AppData\Roaming\Microsoft\Windows\Cookies\Low\XOIQWW1Q.txt [ Cookie:judith@trackalyzer.com/ ]
	C:\USERS\JUDITH\AppData\Roaming\Microsoft\Windows\Cookies\Low\FB5YW1JY.txt [ Cookie:judith@track.effiliation.com/servlet/ ]
	C:\USERS\JUDITH\AppData\Roaming\Microsoft\Windows\Cookies\Low\DWVPT3D2.txt [ Cookie:judith@nl.sitestat.com/elsevier/elsevier-com/ ]
	C:\USERS\JUDITH\AppData\Roaming\Microsoft\Windows\Cookies\Low\9PHI1T0S.txt [ Cookie:judith@elitepartner.de/ ]
	C:\USERS\JUDITH\AppData\Roaming\Microsoft\Windows\Cookies\Low\ZH12BOTI.txt [ Cookie:judith@t2.trackalyzer.com/ ]
	C:\USERS\JUDITH\AppData\Roaming\Microsoft\Windows\Cookies\Low\CUR959ZS.txt [ Cookie:judith@photobox.112.2o7.net/ ]
	C:\USERS\JUDITH\AppData\Roaming\Microsoft\Windows\Cookies\Low\DDN0GXCM.txt [ Cookie:judith@im.banner.t-online.de/ ]
	C:\USERS\JUDITH\AppData\Roaming\Microsoft\Windows\Cookies\Low\PD9DH7GW.txt [ Cookie:judith@yadro.ru/ ]
	C:\USERS\JUDITH\AppData\Roaming\Microsoft\Windows\Cookies\Low\PBVCD1N1.txt [ Cookie:judith@ad.adnet.de/ ]
	C:\USERS\JUDITH\AppData\Roaming\Microsoft\Windows\Cookies\Low\7PSER7R0.txt [ Cookie:judith@2o7.net/ ]
	C:\USERS\JUDITH\AppData\Roaming\Microsoft\Windows\Cookies\Low\A1GXQXNJ.txt [ Cookie:judith@yieldmanager.net/ ]
	C:\USERS\JUDITH\Cookies\F9ZY8VAO.txt [ Cookie:judith@atdmt.com/ ]
	C:\USERS\JUDITH\Cookies\2AETUTIL.txt [ Cookie:judith@partypoker.com/ ]
	C:\USERS\JUDITH\Cookies\04P5RCNL.txt [ Cookie:judith@track.adform.net/ ]
	C:\USERS\JUDITH\Cookies\LUBLW34I.txt [ Cookie:judith@tracking.quisma.com/ ]
	C:\USERS\JUDITH\Cookies\KQQEE1CF.txt [ Cookie:judith@ad.zanox.com/ ]
	C:\USERS\JUDITH\Cookies\RK48X4UJ.txt [ Cookie:judith@dyntracker.com/ ]
	C:\USERS\JUDITH\Cookies\0C5UZ39R.txt [ Cookie:judith@apmebf.com/ ]
	C:\USERS\JUDITH\Cookies\T8GS3AUM.txt [ Cookie:judith@adform.net/ ]
	C:\USERS\JUDITH\Cookies\4JK3LS2J.txt [ Cookie:judith@zanox.com/ ]
	C:\USERS\JUDITH\Cookies\QV1E02AE.txt [ Cookie:judith@fastclick.net/ ]
	delivery.ibanner.de [ C:\USERS\JUDITH\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\U42VJ9JX ]
	http-s3.videoservices.netzathleten-media.de [ C:\USERS\JUDITH\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\U42VJ9JX ]
	ia.media-imdb.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\U42VJ9JX ]
	imagesrv.adition.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\U42VJ9JX ]
	media.mtvnservices.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\U42VJ9JX ]
	media1.break.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\U42VJ9JX ]
	media3.break.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\U42VJ9JX ]
	s0.2mdn.net [ C:\USERS\JUDITH\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\U42VJ9JX ]
	secure-it.imrworldwide.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\U42VJ9JX ]
	secure-us.imrworldwide.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\U42VJ9JX ]
	www.elitepartner.de [ C:\USERS\JUDITH\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\U42VJ9JX ]
	C:\USERS\JUDITH\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\JUDITH@TRACKING.DC-STORM[2].TXT [ /TRACKING.DC-STORM ]
	.a.revenuemax.de [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.tracking.dc-storm.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.tracking.dc-storm.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	nl.sitestat.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.invitemedia.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.xiti.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.atdmt.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.amazon-adsystem.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.amazon-adsystem.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	ad.yieldmanager.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.adxvalue.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.adxvalue.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.adxvalue.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.adxvalue.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.revsci.net [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.histats.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.histats.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	track.effiliation.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.adtech.de [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	eas.apm.emediate.eu [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.apmebf.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.mediaplex.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.imrworldwide.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.smartadserver.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	tradefx.advertserve.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	de.sitestat.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	tracking.sim-technik.de [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.specificclick.net [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.apmebf.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	counter.hitslink.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.c1.atdmt.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	eas.apm.emediate.eu [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	zbox.zanox.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.2o7.net [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.2o7.net [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	e2.emediate.se [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.guj.122.2o7.net [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.zedo.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.tradedoubler.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.tradedoubler.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.ibanner.de [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.zedo.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.ero-advertising.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.ero-advertising.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.clicksor.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.clicksor.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.ad.adnet.de [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.clickfuse.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.doubleclick.net [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.adserver.adtechus.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.technoratimedia.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.elitepartner.de [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.elitepartner.de [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	www.elitepartner.de [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	www.elitepartner.de [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	www.elitepartner-akademie.de [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	www.elitepartner-akademie.de [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	track.effiliation.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	www.openisbn.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.mm.chitika.net [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	tracking.tchibo.de [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.revsci.net [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.eyewonder.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.eyewonder.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.adxvalue.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.tradedoubler.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.2o7.net [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.2o7.net [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.elitepartner.de [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.tracking.quisma.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	tracking.quisma.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	tracking.quisma.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	tracking.quisma.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.doubleclick.net [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.2o7.net [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.gostats.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.imrworldwide.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	adserver.doccheck.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.yieldmanager.net [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.adxvalue.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	ad.zanox.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.adxvalue.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.adbrite.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.lfstmedia.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.lfstmedia.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.mediafire.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.mediafire.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.mediafire.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	www.openisbn.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	www.openisbn.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	www.openisbn.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	www.openisbn.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	www.openisbn.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	www.openisbn.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	www.openisbn.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	www.openisbn.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.ad.adnet.de [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.webmasterplan.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	server.adform.net [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.im.banner.t-online.de [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	clicks.pangora.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	clicks.pangora.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	flagcounter.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.elitepartner.de [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	www.googleadservices.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.burstnet.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.tracking.quisma.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.serving-sys.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	static.freewebs.getclicky.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	www.etracker.de [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.tacoda.at.atwola.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.tacoda.at.atwola.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.at.atwola.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.tacoda.at.atwola.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.advertising.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.advertising.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.ar.atwola.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.accounts.google.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.accounts.google.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.webmasterplan.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	s2.trafficmaxx.de [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	eas.apm.emediate.eu [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.im.banner.t-online.de [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	media.gan-online.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.yadro.ru [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	server.adform.net [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	www.etracker.de [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	mediathek.daserste.de [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.media6degrees.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.ru4.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.ru4.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.smartadserver.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.smartadserver.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.lucidmedia.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.tradedoubler.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	fl01.ct2.comclick.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	fl01.ct2.comclick.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.adtech.de [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.elitepartner.de [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.webmasterplan.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.webmasterplan.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.apmebf.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.webmasterplan.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.statcounter.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.webmasterplan.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	eas.apm.emediate.eu [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.webmasterplan.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	www.googleadservices.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	de.sitestat.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.tracking.quisma.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	www.googleadservices.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.unister-adservices.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	www.etracker.de [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	www.etracker.de [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	www.etracker.de [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.atdmt.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.c.atdmt.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.c.atdmt.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.tracking.quisma.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.eyewonder.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.eyewonder.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.unister-adservices.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.unister-adservices.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	ad.yieldmanager.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.webmasterplan.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	track.adform.net [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	www.etracker.de [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	ad.yieldmanager.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.webmasterplan.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.webmasterplan.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	ad.yieldmanager.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.webmasterplan.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.webmasterplan.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	tracking.dc-storm.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	tracking.dc-storm.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.bs.serving-sys.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	www.etracker.de [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	accounts.youtube.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.www.burstnet.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	tomtailor.dyntracker.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	www.googleadservices.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.elitepartner.de [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.elitepartner.de [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	counters.gigya.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.media6degrees.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.media6degrees.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.media6degrees.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.questionmarket.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.webmasterplan.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	de.sitestat.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	de.sitestat.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.webmasterplan.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	eas.apm.emediate.eu [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	tracking.quisma.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	tracking.quisma.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.tracking.quisma.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.2o7.net [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	www.burstnet.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	statse.webtrendslive.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	www.googleadservices.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.2o7.net [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.2o7.net [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.247realmedia.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.at.atwola.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.doubleclick.net [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.beiersdorf.122.2o7.net [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	eas.apm.emediate.eu [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.revsci.net [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.invitemedia.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.tradedoubler.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.tradedoubler.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.traffictrack.de [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.elitepartner.de [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.questionmarket.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	ww251.smartadserver.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.fastclick.net [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.elitepartner.de [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.unister-adservices.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.unister-adservices.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	ad4.adfarm1.adition.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	ad.dyntracker.de [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	www.zanox-affiliate.de [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	ad.yieldmanager.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.ad.adnet.de [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.ad.adnet.de [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.adviva.net [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.tribalfusion.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	mediathek.daserste.de [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.bs.serving-sys.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	adfarm1.adition.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.zanox-affiliate.de [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	ad.dyntracker.de [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	accounts.youtube.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	accounts.google.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.serving-sys.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	www.googleadservices.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	ad.yieldmanager.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	ad.yieldmanager.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	ad.yieldmanager.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	ad.yieldmanager.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.adform.net [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.elitepartner.de [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.webmasterplan.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	ad1.adfarm1.adition.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.zanox.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.smartadserver.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.revsci.net [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.revsci.net [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.revsci.net [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.revsci.net [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.revsci.net [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	adx.chip.de [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	adx.chip.de [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	adx.chip.de [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	adx.chip.de [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	adx.chip.de [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	adx.chip.de [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	adx.chip.de [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.mediaplex.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	www.elitepartner.de [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	ad.zanox.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.smartadserver.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.smartadserver.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.invitemedia.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.invitemedia.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.invitemedia.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.invitemedia.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.invitemedia.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.invitemedia.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.advertising.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.advertising.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.kontera.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.invitemedia.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.adbrite.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.casalemedia.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.casalemedia.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.casalemedia.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.casalemedia.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.casalemedia.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.casalemedia.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	server.adformdsp.net [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	server.adformdsp.net [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.adformdsp.net [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	ad3.adfarm1.adition.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.smartadserver.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.smartadserver.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.smartadserver.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	track.adform.net [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.adform.net [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.adform.net [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.elitepartner.de [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.serving-sys.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.serving-sys.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.serving-sys.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.doubleclick.net [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.elitepartner.de [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.elitepartner.de [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.elitepartner.de [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.www.elitepartner.de [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	ad2.adfarm1.adition.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\JUDITH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2FBOZQ77.DEFAULT\COOKIES.SQLITE ]
         
und hier die log von Malwarebytes:

Code:
ATTFilter
 Malwarebytes Anti-Malware  (Test) 1.61.0.1400
www.malwarebytes.org

Datenbank Version: v2012.06.20.03

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Judith :: JUDITH-PC [Administrator]

Schutz: Aktiviert

20.06.2012 14:41:03
mbam-log-2012-06-20 (14-41-03).txt

Art des Suchlaufs: Vollständiger Suchlauf
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 348941
Laufzeit: 2 Stunde(n), 19 Minute(n), 59 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)
         
lg und schönen Abend

Antwort

Themen zu Verschlüsselungstrojaner
antivir, bildschirm, blockiert, computer, dateien, desktop, dringend, e-mail, email, fehlermeldung, formatieren, infiziert., keine viren, namen, neue, ordner, programm, programme, schwarzer bildschirm, security, senden, task-manager, update, viren, virus, windows



Ähnliche Themen: Verschlüsselungstrojaner


  1. Verschlüsselungstrojaner
    Log-Analyse und Auswertung - 29.10.2012 (3)
  2. (2x) Verschlüsselungstrojaner
    Mülltonne - 27.10.2012 (1)
  3. Verschlüsselungstrojaner
    Log-Analyse und Auswertung - 21.08.2012 (23)
  4. Verschlüsselungstrojaner
    Log-Analyse und Auswertung - 15.08.2012 (1)
  5. Verschlüsselungstrojaner
    Log-Analyse und Auswertung - 30.07.2012 (1)
  6. Verschlüsselungstrojaner
    Log-Analyse und Auswertung - 27.07.2012 (1)
  7. Verschlüsselungstrojaner
    Plagegeister aller Art und deren Bekämpfung - 29.06.2012 (24)
  8. Verschlüsselungstrojaner
    Plagegeister aller Art und deren Bekämpfung - 24.06.2012 (1)
  9. Verschlüsselungstrojaner
    Plagegeister aller Art und deren Bekämpfung - 20.06.2012 (3)
  10. Verschlüsselungstrojaner
    Plagegeister aller Art und deren Bekämpfung - 18.06.2012 (1)
  11. Verschlüsselungstrojaner
    Plagegeister aller Art und deren Bekämpfung - 18.06.2012 (1)
  12. Verschlüsselungstrojaner!
    Log-Analyse und Auswertung - 16.06.2012 (3)
  13. Verschlüsselungstrojaner
    Log-Analyse und Auswertung - 14.06.2012 (5)
  14. Verschlüsselungstrojaner
    Plagegeister aller Art und deren Bekämpfung - 13.06.2012 (2)
  15. Verschlüsselungstrojaner
    Plagegeister aller Art und deren Bekämpfung - 30.05.2012 (1)
  16. Verschlüsselungstrojaner
    Log-Analyse und Auswertung - 24.05.2012 (1)
  17. Verschlüsselungstrojaner
    Log-Analyse und Auswertung - 03.05.2012 (8)

Zum Thema Verschlüsselungstrojaner - Hallo, habe heute eine E-Mail geöffnet die an mich adressiert war mit meinem vollständigen Namen in der Anrede. Der Absender war smilinchefjohnny@rogers.com. Der Text lautete: "Hallo ***, Sicher ist es - Verschlüsselungstrojaner...
Archiv
Du betrachtest: Verschlüsselungstrojaner auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.