Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Avast blockiert URL bei Google Chrome

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 24.09.2012, 14:04   #16
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Avast blockiert URL bei Google Chrome - Standard

Avast blockiert URL bei Google Chrome



Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten Anleitung und Downloadlink hier => http://www.trojaner-board.de/82358-t...entfernen.html

Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm!

Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet,
Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten.

Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition ( meistens Laufwerk C: ) nach, da speichert der TDSS-Killer seine Logs.

Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten!

__________________
Logfiles bitte immer in CODE-Tags posten

Alt 24.09.2012, 15:33   #17
dibbel91
 
Avast blockiert URL bei Google Chrome - Standard

Avast blockiert URL bei Google Chrome



Der Beitrag würde gute 3000 Zeichen zu lang sein und somit die maximale Länge übersteigen.
Wie soll ich dir also den Report posten?
__________________


Alt 24.09.2012, 19:44   #18
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Avast blockiert URL bei Google Chrome - Standard

Avast blockiert URL bei Google Chrome



Wenn es nur ein Zehntel davon wäre, hättest du es in zwei oder drei Beiträge verteilt posten können aber so

Bitte das Log zippen und hier anhängen. Wenn's zu groß ist muss es so sein
__________________
__________________

Alt 24.09.2012, 21:05   #19
dibbel91
 
Avast blockiert URL bei Google Chrome - Standard

Avast blockiert URL bei Google Chrome



Ich teile es nun doch. Natürlich die beste Idee... Unfassbar wie dumm ich mir vorkomme

[code]
Code:
ATTFilter
 16:21:29.0029 1180  TDSS rootkit removing tool 2.8.10.0 Sep 17 2012 19:23:24
16:21:29.0387 1180  ============================================================
16:21:29.0387 1180  Current date / time: 2012/09/24 16:21:29.0387
16:21:29.0387 1180  SystemInfo:
16:21:29.0387 1180  
16:21:29.0388 1180  OS Version: 6.0.6000 ServicePack: 0.0
16:21:29.0388 1180  Product type: Workstation
16:21:29.0388 1180  ComputerName: POSSEHL-PC
16:21:29.0388 1180  UserName: Possehl
16:21:29.0388 1180  Windows directory: C:\Windows
16:21:29.0388 1180  System windows directory: C:\Windows
16:21:29.0389 1180  Processor architecture: Intel x86
16:21:29.0389 1180  Number of processors: 2
16:21:29.0389 1180  Page size: 0x1000
16:21:29.0389 1180  Boot type: Normal boot
16:21:29.0389 1180  ============================================================
16:21:30.0172 1180  Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
16:21:30.0174 1180  ============================================================
16:21:30.0174 1180  \Device\Harddisk0\DR0:
16:21:30.0175 1180  MBR partitions:
16:21:30.0175 1180  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1770800, BlocksNum 0x12831000
16:21:30.0175 1180  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x13FA1800, BlocksNum 0x9223800
16:21:30.0175 1180  ============================================================
16:21:30.0210 1180  C: <-> \Device\Harddisk0\DR0\Partition1
16:21:30.0254 1180  D: <-> \Device\Harddisk0\DR0\Partition2
16:21:30.0254 1180  ============================================================
16:21:30.0255 1180  Initialize success
16:21:30.0255 1180  ============================================================
16:21:33.0594 5068  ============================================================
16:21:33.0594 5068  Scan started
16:21:33.0594 5068  Mode: Manual; 
16:21:33.0594 5068  ============================================================
16:21:33.0915 5068  ================ Scan system memory ========================
16:21:33.0915 5068  System memory - ok
16:21:33.0916 5068  ================ Scan services =============================
16:21:34.0157 5068  [ 84FC6DF81212D16BE5C4F441682FECCC ] ACPI            C:\Windows\system32\drivers\acpi.sys
16:21:34.0161 5068  ACPI - ok
16:21:34.0280 5068  [ 3FD8DC2C9735C2AA70155102CFB93EDA ] AdobeActiveFileMonitor7.0 C:\Program Files\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe
16:21:34.0286 5068  AdobeActiveFileMonitor7.0 - ok
16:21:34.0436 5068  [ B2B64AF436FACCFA854DD397027C5360 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
16:21:34.0441 5068  AdobeFlashPlayerUpdateSvc - ok
16:21:34.0503 5068  [ 2EDC5BBAC6C651ECE337BDE8ED97C9FB ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
16:21:34.0513 5068  adp94xx - ok
16:21:34.0570 5068  [ B84088CA3CDCA97DA44A984C6CE1CCAD ] adpahci         C:\Windows\system32\drivers\adpahci.sys
16:21:34.0577 5068  adpahci - ok
16:21:34.0599 5068  [ 7880C67BCCC27C86FD05AA2AFB5EA469 ] adpu160m        C:\Windows\system32\drivers\adpu160m.sys
16:21:34.0602 5068  adpu160m - ok
16:21:34.0619 5068  [ 9AE713F8E30EFC2ABCCD84904333DF4D ] adpu320         C:\Windows\system32\drivers\adpu320.sys
16:21:34.0623 5068  adpu320 - ok
16:21:34.0663 5068  [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
16:21:34.0664 5068  AeLookupSvc - ok
16:21:34.0685 5068  [ 5D24CAF8EFD924A875698FF28384DB8B ] AFD             C:\Windows\system32\drivers\afd.sys
16:21:34.0691 5068  AFD - ok
16:21:34.0719 5068  [ 198636E76971EBC96404547EC0FD5E75 ] agp440          C:\Windows\system32\drivers\agp440.sys
16:21:34.0721 5068  agp440 - ok
16:21:34.0748 5068  [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx         C:\Windows\system32\drivers\djsvs.sys
16:21:34.0750 5068  aic78xx - ok
16:21:34.0764 5068  [ E69FB0E3112C40FDC0EF7D21A52DC951 ] ALG             C:\Windows\System32\alg.exe
16:21:34.0766 5068  ALG - ok
16:21:34.0803 5068  [ 0B3B337A68D9A75CC8D787DC98B53D79 ] aliide          C:\Windows\system32\drivers\aliide.sys
16:21:34.0805 5068  aliide - ok
16:21:34.0834 5068  [ 2363ABC8989A14FD7247CA6F4E89D397 ] amdagp          C:\Windows\system32\drivers\amdagp.sys
16:21:34.0836 5068  amdagp - ok
16:21:34.0858 5068  [ 468A204966D09F327A662C35F4B15DD3 ] amdide          C:\Windows\system32\drivers\amdide.sys
16:21:34.0860 5068  amdide - ok
16:21:34.0897 5068  [ DC487885BCEF9F28EECE6FAC0E5DDFC5 ] AmdK7           C:\Windows\system32\drivers\amdk7.sys
16:21:34.0899 5068  AmdK7 - ok
16:21:34.0946 5068  [ 0CA0071DA4315B00FC1328CA86B425DA ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
16:21:34.0947 5068  AmdK8 - ok
16:21:34.0997 5068  [ CFA455816879F06F1C4E5BBF9E8AEF7D ] Appinfo         C:\Windows\System32\appinfo.dll
16:21:34.0998 5068  Appinfo - ok
16:21:35.0112 5068  [ 7EF47644B74EBE721CC32211D3C35E76 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
16:21:35.0115 5068  Apple Mobile Device - ok
16:21:35.0154 5068  [ 5F673180268BB1FDB69C99B6619FE379 ] arc             C:\Windows\system32\drivers\arc.sys
16:21:35.0156 5068  arc - ok
16:21:35.0178 5068  [ 957F7540B5E7F602E44648C7DE5A1C05 ] arcsas          C:\Windows\system32\drivers\arcsas.sys
16:21:35.0181 5068  arcsas - ok
16:21:35.0217 5068  [ F5DC168BF77572D51BE28BA261B30CB4 ] aswFsBlk        C:\Windows\system32\drivers\aswFsBlk.sys
16:21:35.0219 5068  aswFsBlk - ok
16:21:35.0228 5068  [ F76E51561562AC4105DBBE53FC99BC10 ] aswMonFlt       C:\Windows\system32\drivers\aswMonFlt.sys
16:21:35.0230 5068  aswMonFlt - ok
16:21:35.0248 5068  [ B7D5E4486BA658ED08624D8084ABB830 ] aswRdr          C:\Windows\system32\drivers\aswRdr.sys
16:21:35.0249 5068  aswRdr - ok
16:21:35.0311 5068  [ 30E45AF8B4D83176CA850FC9699E860B ] aswSnx          C:\Windows\system32\drivers\aswSnx.sys
16:21:35.0354 5068  aswSnx - ok
16:21:35.0389 5068  [ F04BDBCB965C05C51F4A7DE7B62063D6 ] aswSP           C:\Windows\system32\drivers\aswSP.sys
16:21:35.0398 5068  aswSP - ok
16:21:35.0422 5068  [ DFE9152ABFA89BB8CFDC057409B2D4DA ] aswTdi          C:\Windows\system32\drivers\aswTdi.sys
16:21:35.0425 5068  aswTdi - ok
16:21:35.0468 5068  [ E86CF7CE67D5DE898F27EF884DC357D8 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
16:21:35.0469 5068  AsyncMac - ok
16:21:35.0494 5068  [ 0B77F93AB73798F97E8E0A0AA4CCBEEF ] atapi           C:\Windows\system32\drivers\atapi.sys
16:21:35.0496 5068  atapi - ok
16:21:35.0566 5068  [ ADFD93663D3BAE4FADC19AD1AE519EE4 ] Ati External Event Utility C:\Windows\system32\Ati2evxx.exe
16:21:35.0587 5068  Ati External Event Utility - ok
16:21:35.0718 5068  [ 389A2668E0C0C6698A6B565632C7F43A ] atikmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
16:21:35.0807 5068  atikmdag - ok
16:21:35.0865 5068  [ 0B5302314A77100A930249F0BE9AB2D2 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
16:21:35.0868 5068  AudioEndpointBuilder - ok
16:21:35.0898 5068  [ 0B5302314A77100A930249F0BE9AB2D2 ] Audiosrv        C:\Windows\System32\Audiosrv.dll
16:21:35.0901 5068  Audiosrv - ok
16:21:35.0964 5068  [ 04AC21E821F259845BD7367CEE057290 ] avast! Antivirus C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
16:21:35.0966 5068  avast! Antivirus - ok
16:21:36.0010 5068  [ AC3DD1708B22761EBD7CBE14DCC3B5D7 ] Beep            C:\Windows\system32\drivers\Beep.sys
16:21:36.0011 5068  Beep - ok
16:21:36.0073 5068  [ 96B73CC64BD905EA6CC4E44384ABD8C9 ] BFE             C:\Windows\System32\bfe.dll
16:21:36.0076 5068  BFE - ok
16:21:36.0152 5068  [ DA551697E34D2B9943C8B1C8EAFFE89A ] BITS            C:\Windows\System32\qmgr.dll
16:21:36.0162 5068  BITS - ok
16:21:36.0168 5068  blbdrive - ok
16:21:36.0245 5068  [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
16:21:36.0252 5068  Bonjour Service - ok
16:21:36.0278 5068  [ 913CD06FBE9105CE6077E90FD4418561 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
16:21:36.0281 5068  bowser - ok
16:21:36.0325 5068  [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo        C:\Windows\system32\drivers\brfiltlo.sys
16:21:36.0327 5068  BrFiltLo - ok
16:21:36.0357 5068  [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp        C:\Windows\system32\drivers\brfiltup.sys
16:21:36.0358 5068  BrFiltUp - ok
16:21:36.0412 5068  [ BEB6470532B7461D7BB426E3FACB424F ] Browser         C:\Windows\System32\browser.dll
16:21:36.0415 5068  Browser - ok
16:21:36.0439 5068  [ B304E75CFF293029EDDF094246747113 ] Brserid         C:\Windows\system32\drivers\brserid.sys
16:21:36.0442 5068  Brserid - ok
16:21:36.0474 5068  [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm        C:\Windows\system32\drivers\brserwdm.sys
16:21:36.0476 5068  BrSerWdm - ok
16:21:36.0505 5068  [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm        C:\Windows\system32\drivers\brusbmdm.sys
16:21:36.0506 5068  BrUsbMdm - ok
16:21:36.0533 5068  [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer        C:\Windows\system32\drivers\brusbser.sys
16:21:36.0534 5068  BrUsbSer - ok
16:21:36.0557 5068  [ AD07C1EC6665B8B35741AB91200C6B68 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
16:21:36.0559 5068  BTHMODEM - ok
16:21:36.0625 5068  [ 6C3A437FC873C6F6A4FC620B6888CB86 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
16:21:36.0626 5068  cdfs - ok
16:21:36.0641 5068  [ 8D1866E61AF096AE8B582454F5E4D303 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
16:21:36.0644 5068  cdrom - ok
16:21:36.0681 5068  [ 0600E04315FE543802A379D5D23C8BE0 ] CertPropSvc     C:\Windows\System32\certprop.dll
16:21:36.0683 5068  CertPropSvc - ok
16:21:36.0691 5068  [ DA8E0AFC7BAA226C538EF53AC2F90897 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
16:21:36.0693 5068  circlass - ok
16:21:36.0735 5068  [ 1B84FD0937D3B99AF9BA38DDFF3DAF54 ] CLFS            C:\Windows\system32\CLFS.sys
16:21:36.0741 5068  CLFS - ok
16:21:36.0808 5068  [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:21:36.0811 5068  clr_optimization_v2.0.50727_32 - ok
16:21:36.0864 5068  CLTNetCnService - ok
16:21:36.0891 5068  [ ED97AD3DF1B9005989EAF149BF06C821 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
16:21:36.0892 5068  CmBatt - ok
16:21:36.0915 5068  [ 2AC0C92B29EC21838F4CB46ADB26BCC0 ] cmdide          C:\Windows\system32\drivers\cmdide.sys
16:21:36.0917 5068  cmdide - ok
16:21:36.0986 5068  [ 722936AFB75A7F509662B69B5632F48A ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
16:21:36.0987 5068  Compbatt - ok
16:21:36.0997 5068  COMSysApp - ok
16:21:37.0008 5068  [ 2A213AE086BBEC5E937553C7D9A2B22C ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
16:21:37.0009 5068  crcdisk - ok
16:21:37.0027 5068  [ 22A7F883508176489F559EE745B5BF5D ] Crusoe          C:\Windows\system32\drivers\crusoe.sys
16:21:37.0029 5068  Crusoe - ok
16:21:37.0081 5068  [ 1C26FB097170A2A91066D1E3A24366E3 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
16:21:37.0084 5068  CryptSvc - ok
16:21:37.0137 5068  [ B1BB45E24717A7F790B4411C4446EF5E ] DcomLaunch      C:\Windows\system32\rpcss.dll
16:21:37.0161 5068  DcomLaunch - ok
16:21:37.0196 5068  [ A7179DE59AE269AB70345527894CCD7C ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
16:21:37.0200 5068  DfsC - ok
16:21:37.0293 5068  [ E0D584AA76C7D845BA9F3A788260528F ] DFSR            C:\Windows\system32\DFSR.exe
16:21:37.0360 5068  DFSR - ok
16:21:37.0410 5068  [ DC45739BC22D528D2B3E50D3F6761750 ] Dhcp            C:\Windows\System32\dhcpcsvc.dll
16:21:37.0415 5068  Dhcp - ok
16:21:37.0429 5068  [ 841AF4C4D41D3E3B2F244E976B0F7963 ] disk            C:\Windows\system32\drivers\disk.sys
16:21:37.0431 5068  disk - ok
16:21:37.0466 5068  [ 05D7E62FD2EABAD579EB4D0C29245EEC ] Dnscache        C:\Windows\System32\dnsrslvr.dll
16:21:37.0468 5068  Dnscache - ok
16:21:37.0487 5068  [ 32A15AF277E287E5A3AAEC67EDDB258C ] dot3svc         C:\Windows\System32\dot3svc.dll
16:21:37.0492 5068  dot3svc - ok
16:21:37.0548 5068  [ 57B2D433A08B95E4F1B53A919937F3E5 ] Dot4            C:\Windows\system32\DRIVERS\Dot4.sys
16:21:37.0552 5068  Dot4 - ok
16:21:37.0573 5068  [ D93FA484BB62FBE7E5EF335C5415D3CF ] Dot4Print       C:\Windows\system32\DRIVERS\Dot4Prt.sys
16:21:37.0575 5068  Dot4Print - ok
16:21:37.0593 5068  [ 599742C4260FB3E8EDB3BE148B8CE856 ] dot4usb         C:\Windows\system32\DRIVERS\dot4usb.sys
16:21:37.0595 5068  dot4usb - ok
16:21:37.0635 5068  [ 032C90AD677BF7B7A8013D6087C7A921 ] DPS             C:\Windows\system32\dps.dll
16:21:37.0638 5068  DPS - ok
16:21:37.0670 5068  [ EE472CD2C01F6F8E8AA1FA06FFEF61B6 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
16:21:37.0671 5068  drmkaud - ok
16:21:37.0704 5068  [ 2D13D9E98CAF6321F219B28921AF214C ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
16:21:37.0715 5068  DXGKrnl - ok
16:21:37.0762 5068  [ F88FB26547FD2CE6D0A5AF2985892C48 ] E1G60           C:\Windows\system32\DRIVERS\E1G60I32.sys
16:21:37.0766 5068  E1G60 - ok
16:21:37.0796 5068  [ 90A0A875642E18618010645311B4E89E ] EapHost         C:\Windows\System32\eapsvc.dll
16:21:37.0798 5068  EapHost - ok
16:21:37.0838 5068  [ 38573398F734B71B06CD2411494F234A ] Ecache          C:\Windows\system32\drivers\ecache.sys
16:21:37.0842 5068  Ecache - ok
16:21:37.0896 5068  [ 8EA277BDA2730C9B34ADD67CDD593D64 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
16:21:37.0902 5068  ehRecvr - ok
16:21:37.0926 5068  [ AD1870C8E5D6DD340C829E6074BF3C3F ] ehSched         C:\Windows\ehome\ehsched.exe
16:21:37.0929 5068  ehSched - ok
16:21:37.0936 5068  [ C27C4EE8926E74AA72EFCAB24C5242C3 ] ehstart         C:\Windows\ehome\ehstart.dll
16:21:37.0937 5068  ehstart - ok
16:21:37.0982 5068  [ E8F3F21A71720C84BCF423B80028359F ] elxstor         C:\Windows\system32\drivers\elxstor.sys
16:21:37.0989 5068  elxstor - ok
16:21:38.0057 5068  [ 902CDDD9CD94AD1B4688D96FF8F2EDB8 ] EMDMgmt         C:\Windows\system32\emdmgmt.dll
16:21:38.0063 5068  EMDMgmt - ok
16:21:38.0120 5068  [ 7B4971C3D43525175A4EA0D143E0412E ] EventSystem     C:\Windows\system32\es.dll
16:21:38.0124 5068  EventSystem - ok
16:21:38.0130 5068  ewusbnet - ok
16:21:38.0179 5068  [ 84A317CB0B3954D3768CDCD018DBF670 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
16:21:38.0183 5068  fastfat - ok
16:21:38.0206 5068  [ 63BDADA84951B9C03E641800E176898A ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
16:21:38.0207 5068  fdc - ok
16:21:38.0212 5068  [ E43BCE1A77D6FD4ED5F8E0482B9E7DF1 ] fdPHost         C:\Windows\system32\fdPHost.dll
16:21:38.0215 5068  fdPHost - ok
16:21:38.0241 5068  [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub        C:\Windows\system32\fdrespub.dll
16:21:38.0244 5068  FDResPub - ok
16:21:38.0273 5068  [ 65773D6115C037FFD7EF8280AE85EB9D ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
16:21:38.0275 5068  FileInfo - ok
16:21:38.0289 5068  [ C226DD0DE060745F3E042F58DCF78402 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
16:21:38.0291 5068  Filetrace - ok
16:21:38.0390 5068  [ F76D04F7413B07DAA029F6520B64B4E8 ] FLEXnet Licensing Service C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
16:21:38.0434 5068  FLEXnet Licensing Service - ok
16:21:38.0531 5068  [ 6603957EFF5EC62D25075EA8AC27DE68 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
16:21:38.0534 5068  flpydisk - ok
16:21:38.0567 5068  [ A6A8DA7AE4D53394AB22AC3AB6D3F5D3 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
16:21:38.0573 5068  FltMgr - ok
16:21:38.0680 5068  [ C9BE08664611DDAF98E2331E9288B00B ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
16:21:38.0685 5068  FontCache3.0.0.0 - ok
16:21:38.0744 5068  [ 6A4125EDBE6D5907D4B1E4514F1F5675 ] FSCLBaseUpdaterService C:\Program Files\Fujitsu Siemens Computers\FSCLounge\FSCWBaseUpdaterService\2\FSCWBaseUpdaterService.exe
16:21:38.0747 5068  FSCLBaseUpdaterService - ok
16:21:38.0829 5068  [ 66A078591208BAA210C7634B11EB392C ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
16:21:38.0831 5068  Fs_Rec - ok
16:21:38.0891 5068  [ 4E1CD0A45C50A8882616CAE5BF82F3C5 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
16:21:38.0895 5068  gagp30kx - ok
16:21:38.0941 5068  [ 8182FF89C65E4D38B2DE4BB0FB18564E ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
16:21:38.0943 5068  GEARAspiWDM - ok
16:21:39.0041 5068  [ AD0C777CD05A4CA30100000AB9B3E30B ] gpsvc           C:\Windows\System32\gpsvc.dll
16:21:39.0065 5068  gpsvc - ok
16:21:39.0144 5068  [ F02A533F517EB38333CB12A9E8963773 ] gupdate         C:\Program Files\Google\Update\GoogleUpdate.exe
16:21:39.0147 5068  gupdate - ok
16:21:39.0166 5068  [ F02A533F517EB38333CB12A9E8963773 ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe
16:21:39.0169 5068  gupdatem - ok
16:21:39.0238 5068  [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc           C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
16:21:39.0245 5068  gusvc - ok
16:21:39.0288 5068  [ CB04C744BE0A61B1D648FAED182C3B59 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
16:21:39.0295 5068  HdAudAddService - ok
16:21:39.0324 5068  [ 0DB613A7E427B5663563677796FD5258 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
16:21:39.0326 5068  HDAudBus - ok
16:21:39.0344 5068  [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth          C:\Windows\system32\drivers\hidbth.sys
16:21:39.0347 5068  HidBth - ok
16:21:39.0371 5068  [ F24393C44FDFE2E5E9F416FD3BDF98E2 ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
16:21:39.0374 5068  HidIr - ok
16:21:39.0417 5068  [ 8FA640195279ACE21BEA91396A0054FC ] hidserv         C:\Windows\system32\hidserv.dll
16:21:39.0423 5068  hidserv - ok
16:21:39.0456 5068  [ 01E7971E9F4BD6AC6A08DB52D0EA0418 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
16:21:39.0459 5068  HidUsb - ok
16:21:39.0519 5068  [ D40AA05E29BF6ED29B139F044B461E9B ] hkmsvc          C:\Windows\system32\kmsvc.dll
16:21:39.0526 5068  hkmsvc - ok
16:21:39.0561 5068  [ DF353B401001246853763C4B7AAA6F50 ] HpCISSs         C:\Windows\system32\drivers\hpcisss.sys
16:21:39.0564 5068  HpCISSs - ok
16:21:39.0691 5068  [ 0A3C6AA4A9FC38C20BA4EAC2C3351C05 ] hpqcxs08        C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
16:21:39.0695 5068  hpqcxs08 - ok
16:21:39.0727 5068  [ EE4C7A4CF2316701FFDE90F404520265 ] hpqddsvc        C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
16:21:39.0730 5068  hpqddsvc - ok
16:21:39.0840 5068  [ 6F9CB6539A1B2508BD1C53D29334431A ] HPSLPSVC        C:\Program Files\HP\Digital Imaging\bin\HPSLPSVC32.DLL
16:21:39.0850 5068  HPSLPSVC - ok
16:21:39.0921 5068  [ 481B86E8939289F77FBCEA1B24CEC687 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
16:21:39.0933 5068  HTTP - ok
16:21:39.0975 5068  hwdatacard - ok
16:21:39.0992 5068  hwusbdev - ok
16:21:40.0063 5068  [ 324C2152FF2C61ABAE92D09F3CCA4D63 ] i2omp           C:\Windows\system32\drivers\i2omp.sys
16:21:40.0066 5068  i2omp - ok
16:21:40.0112 5068  [ BEA9838CD25D36BEBA3F94386A761D60 ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
16:21:40.0116 5068  i8042prt - ok
16:21:40.0185 5068  [ FD7F9D74C2B35DBDA400804A3F5ED5D8 ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
16:21:40.0189 5068  iaStor - ok
16:21:40.0223 5068  [ C957BF4B5D80B46C5017BF0101E6C906 ] iaStorV         C:\Windows\system32\drivers\iastorv.sys
16:21:40.0230 5068  iaStorV - ok
16:21:40.0350 5068  [ 7B630ACAED64FEF0C3E1CF255CB56686 ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
16:21:40.0383 5068  idsvc - ok
16:21:40.0416 5068  [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
16:21:40.0419 5068  iirsp - ok
16:21:40.0468 5068  [ 4456E314E60177B03E5CBE64CD6A337E ] IKEEXT          C:\Windows\System32\ikeext.dll
16:21:40.0478 5068  IKEEXT - ok
16:21:40.0646 5068  [ 4FA59A84069D9D0991BAE34CC4AFF99C ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
16:21:40.0735 5068  IntcAzAudAddService - ok
16:21:40.0779 5068  [ 4A6B4C4FAB7716C869FA9D19AC8CA5A5 ] intelide        C:\Windows\system32\drivers\intelide.sys
16:21:40.0782 5068  intelide - ok
16:21:40.0813 5068  [ CE44CC04262F28216DD4341E9E36A16F ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
16:21:40.0815 5068  intelppm - ok
16:21:40.0873 5068  [ A6D67306A3E9E526A8AEFEB9680A90EA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
16:21:40.0879 5068  IPBusEnum - ok
16:21:40.0939 5068  [ 880C6F86CC3F551B8FEA2C11141268C0 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:21:40.0942 5068  IpFilterDriver - ok
16:21:41.0026 5068  [ ECC9AD72CFC4AB41CF6A9BCC11F9FEF6 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
16:21:41.0035 5068  iphlpsvc - ok
16:21:41.0045 5068  IpInIp - ok
16:21:41.0081 5068  [ 40F34F8ABA2A015D780E4B09138B6C17 ] IPMIDRV         C:\Windows\system32\drivers\ipmidrv.sys
16:21:41.0084 5068  IPMIDRV - ok
16:21:41.0107 5068  [ 10077C35845101548037DF04FD1A420B ] IPNAT           C:\Windows\system32\DRIVERS\ipnat.sys
16:21:41.0112 5068  IPNAT - ok
16:21:41.0242 5068  [ 49918803B661367023BF325CF602AFDC ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
16:21:41.0276 5068  iPod Service - ok
16:21:41.0323 5068  [ A82F328F4792304184642D6D397BB1E3 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
16:21:41.0326 5068  IRENUM - ok
16:21:41.0349 5068  [ CE2997A0C3B0049A3188C4F0C7A04BC9 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
16:21:41.0352 5068  isapnp - ok
16:21:41.0404 5068  [ 4DCA456D4D5723F8FA9C6760D240B0DF ] iScsiPrt        C:\Windows\system32\DRIVERS\msiscsi.sys
16:21:41.0410 5068  iScsiPrt - ok
16:21:41.0430 5068  [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi        C:\Windows\system32\drivers\iteatapi.sys
16:21:41.0434 5068  iteatapi - ok
16:21:41.0472 5068  [ E4B04A0D8B237ECF026D849439F1BCCE ] itecir          C:\Windows\system32\DRIVERS\itecir.sys
16:21:41.0475 5068  itecir - ok
16:21:41.0500 5068  [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid         C:\Windows\system32\drivers\iteraid.sys
16:21:41.0502 5068  iteraid - ok
16:21:41.0521 5068  [ C1632FE31D1824A43DEA29725312E3FA ] JRAID           C:\Windows\system32\drivers\jraid.sys
16:21:41.0524 5068  JRAID - ok
16:21:41.0547 5068  [ C9B0CF786D5F151A43C7BE8E243F2819 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
16:21:41.0550 5068  kbdclass - ok
16:21:41.0585 5068  [ 97AB2FB84E8E77D93CEE85550F4CF7F9 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
16:21:41.0588 5068  kbdhid - ok
16:21:41.0626 5068  [ D09A5DA84B7C9CA9B02EBCD7FAE41C8D ] KeyIso          C:\Windows\system32\lsass.exe
16:21:41.0633 5068  KeyIso - ok
16:21:41.0703 5068  [ B6FAC1FF7D4A05C06DA9E53DBF5E9E7A ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
16:21:41.0737 5068  KSecDD - ok
16:21:41.0810 5068  [ 45C537FE5DDE9A0146AEFF76E615737D ] KtmRm           C:\Windows\system32\msdtckrm.dll
16:21:41.0816 5068  KtmRm - ok
16:21:41.0837 5068  [ 53D1482FC1AA36AC015A85E6CF2146BD ] LanmanServer    C:\Windows\system32\srvsvc.dll
16:21:41.0843 5068  LanmanServer - ok
16:21:41.0883 5068  [ 435F0F6DC87A4B5DA78F1FA309884189 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
16:21:41.0890 5068  LanmanWorkstation - ok
16:21:41.0947 5068  [ FD015B4F95DAA2B712F0E372A116FBAD ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
16:21:41.0950 5068  lltdio - ok
16:21:41.0990 5068  [ 7450DBCF754391DD6363FFFD5EF0E789 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
16:21:41.0996 5068  lltdsvc - ok
16:21:42.0018 5068  [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts         C:\Windows\System32\lmhsvc.dll
16:21:42.0022 5068  lmhosts - ok
16:21:42.0043 5068  [ A2262FB9F28935E862B4DB46438C80D2 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
16:21:42.0046 5068  LSI_FC - ok
16:21:42.0066 5068  [ 30D73327D390F72A62F32C103DAF1D6D ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
16:21:42.0069 5068  LSI_SAS - ok
16:21:42.0087 5068  [ E1E36FEFD45849A95F1AB81DE0159FE3 ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
16:21:42.0090 5068  LSI_SCSI - ok
16:21:42.0110 5068  [ 42885BB44B6E065B8575A8DD6C430C52 ] luafv           C:\Windows\system32\drivers\luafv.sys
16:21:42.0114 5068  luafv - ok
16:21:42.0172 5068  [ 65E794E86468B61F2BC79ABC48BC4433 ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
16:21:42.0175 5068  MBAMProtector - ok
16:21:42.0223 5068  [ 0DCF16B1449811EFA47AB52CAC84093C ] MBAMScheduler   C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
16:21:42.0230 5068  MBAMScheduler - ok
16:21:42.0269 5068  [ 9EAABA4D601004BEA4DAA6E146E19A96 ] MBAMService     C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
16:21:42.0289 5068  MBAMService - ok
16:21:42.0396 5068  [ 22A7776C5D8EB5930EDF9C8DD0884259 ] McComponentHostService C:\Program Files\McAfee Security Scan\3.0.207\McCHSvc.exe
16:21:42.0403 5068  McComponentHostService - ok
16:21:42.0478 5068  [ BF8426A8E3F3856389E26E94A8F1B588 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
16:21:42.0485 5068  Mcx2Svc - ok
16:21:42.0551 5068  [ D153B14FC6598EAE8422A2037553ADCE ] megasas         C:\Windows\system32\drivers\megasas.sys
16:21:42.0553 5068  megasas - ok
16:21:42.0583 5068  [ 9DFA3A459AF0954AA85B4F7622AD87BB ] MMCSS           C:\Windows\system32\mmcss.dll
16:21:42.0590 5068  MMCSS - ok
16:21:42.0646 5068  [ 21755967298A46FB6ADFEC9DB6012211 ] Modem           C:\Windows\system32\drivers\modem.sys
16:21:42.0648 5068  Modem - ok
16:21:42.0702 5068  [ EE05F7A5E2CEFB275B08F3E3FCC2A8EB ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
16:21:42.0703 5068  monitor - ok
16:21:42.0709 5068  [ 4A00B3CF90AD075193CA5AEECE71154C ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
16:21:42.0711 5068  mouclass - ok
16:21:42.0765 5068  [ 8D9B701D716843C39E93B3432CB721FC ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
16:21:42.0766 5068  mouhid - ok
16:21:42.0779 5068  [ 01F1E5A3E4877C931CBB31613FEC16A6 ] MountMgr        C:\Windows\system32\drivers\mountmgr.sys
16:21:42.0781 5068  MountMgr - ok
16:21:42.0831 5068  [ CB8AF049AC9BE419A77ADAE288673359 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
16:21:42.0834 5068  MozillaMaintenance - ok
16:21:42.0853 5068  [ 583A41F26278D9E0EA548163D6139397 ] mpio            C:\Windows\system32\drivers\mpio.sys
16:21:42.0856 5068  mpio - ok
16:21:42.0881 5068  [ 6E7A7F0C1193EE5648443FE2D4B789EC ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
16:21:42.0883 5068  mpsdrv - ok
16:21:42.0917 5068  [ 563ED845885C6A7C09A7715D8BD0585C ] MpsSvc          C:\Windows\system32\mpssvc.dll
16:21:42.0923 5068  MpsSvc - ok
16:21:42.0951 5068  [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x        C:\Windows\system32\drivers\mraid35x.sys
16:21:42.0953 5068  Mraid35x - ok
16:21:42.0972 5068  [ 08F0C494A69CF3106EE7FFC48D8E5AC7 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
16:21:42.0975 5068  MRxDAV - ok
16:21:43.0014 5068  [ BBB0D31B477CFF3B4F737ED0367F635F ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
16:21:43.0017 5068  mrxsmb - ok
16:21:43.0085 5068  [ A6130566AC4178473B5DAC8F8F74407D ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:21:43.0091 5068  mrxsmb10 - ok
16:21:43.0109 5068  [ 3D475E770D3AB2D0C5E3E1386871F9DA ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:21:43.0112 5068  mrxsmb20 - ok
16:21:43.0143 5068  [ 13FA01D10C95762E3E191BB023DFA8CC ] msahci          C:\Windows\system32\drivers\msahci.sys
16:21:43.0145 5068  msahci - ok
16:21:43.0169 5068  [ 3FC82A2AE4CC149165A94699183D3028 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
16:21:43.0172 5068  msdsm - ok
16:21:43.0190 5068  [ BC64A92D821EFEA8BAB8E8CAF1B668BC ] MSDTC           C:\Windows\System32\msdtc.exe
16:21:43.0195 5068  MSDTC - ok
16:21:43.0225 5068  [ 729EAFEFD4E7417165F353A18DBE947D ] Msfs            C:\Windows\system32\drivers\Msfs.sys
16:21:43.0227 5068  Msfs - ok
16:21:43.0294 5068  [ 0A64168B63535520ADFD6B959695404A ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
16:21:43.0296 5068  msisadrv - ok
16:21:43.0338 5068  [ 8ACF956D9154E893E789881430C12632 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
16:21:43.0343 5068  MSiSCSI - ok
16:21:43.0348 5068  msiserver - ok
16:21:43.0376 5068  [ 892CEDEFA7E0FFE7BE8DA651B651D047 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
16:21:43.0378 5068  MSKSSRV - ok
16:21:43.0391 5068  [ AE2CB1DA69B2676B4CEE2A501AF5871C ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
16:21:43.0393 5068  MSPCLOCK - ok
16:21:43.0410 5068  [ F910DA84FA90C44A3ADDB7CD874463FD ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
16:21:43.0412 5068  MSPQM - ok
16:21:43.0437 5068  [ 84571C0AE07647BA38D493F5F0015DF7 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
16:21:43.0442 5068  MsRPC - ok
16:21:43.0498 5068  [ E09CEDB1BCA303B7F6AE22F512E56969 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
16:21:43.0499 5068  mssmbios - ok
16:21:43.0514 5068  [ C826DD1373F38AFD9CA46EC3C436A14E ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
16:21:43.0515 5068  MSTEE - ok
16:21:43.0540 5068  [ FA7AA70050CF5E2D15DE00941E5665E5 ] Mup             C:\Windows\system32\Drivers\mup.sys
16:21:43.0542 5068  Mup - ok
16:21:43.0571 5068  [ 1CDBB5D002FE2BC5300AA20550D8A52E ] napagent        C:\Windows\system32\qagentRT.dll
16:21:43.0580 5068  napagent - ok
16:21:43.0620 5068  [ BE8C26E61BE5C5A49A6BABD17AEED1B7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
16:21:43.0625 5068  NativeWifiP - ok
16:21:43.0659 5068  [ 6E8DFFACE597629CEF5DF7D69217628F ] NDIS            C:\Windows\system32\drivers\ndis.sys
16:21:43.0668 5068  NDIS - ok
16:21:43.0694 5068  [ 81659CDCBD0F9A9E07E6878AD8C78D3F ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
16:21:43.0696 5068  NdisTapi - ok
16:21:43.0707 5068  [ 5DE5EE546BF40838EBE0E01CB629DF64 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
16:21:43.0709 5068  Ndisuio - ok
16:21:43.0721 5068  [ 397402ADCBB8946223A1950101F6CD94 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
16:21:43.0725 5068  NdisWan - ok
16:21:43.0735 5068  [ 1B24FA907AF283199A81B3BB37E5E526 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
16:21:43.0737 5068  NDProxy - ok
16:21:43.0771 5068  [ 949941E4DE88DF1FAF49A4B3CFFB756F ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
16:21:43.0774 5068  Net Driver HPZ12 - ok
16:21:43.0790 5068  [ 356DBB9F98E8DC1028DD3092FCEEB877 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
16:21:43.0791 5068  NetBIOS - ok
16:21:43.0805 5068  [ 231F6CCFDB7A604221F18FB0852C8560 ] netbt           C:\Windows\system32\DRIVERS\netbt.sys
16:21:43.0810 5068  netbt - ok
16:21:43.0818 5068  [ D09A5DA84B7C9CA9B02EBCD7FAE41C8D ] Netlogon        C:\Windows\system32\lsass.exe
16:21:43.0821 5068  Netlogon - ok
16:21:43.0853 5068  [ 90A4DAE28B94497F83BEA0F2A3B77092 ] Netman          C:\Windows\System32\netman.dll
16:21:43.0859 5068  Netman - ok
16:21:43.0874 5068  [ 7C5C3D9CEEE838856B828AB6F98A2857 ] netprofm        C:\Windows\System32\netprofm.dll
16:21:43.0884 5068  netprofm - ok
16:21:43.0935 5068  [ 0AD5876EF4E9EB77C8F93EB5B2FFF386 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
16:21:43.0940 5068  NetTcpPortSharing - ok
16:21:44.0015 5068  [ A15F219208843A5A210C8CB391384453 ] NETw3v32        C:\Windows\system32\DRIVERS\NETw3v32.sys
16:21:44.0125 5068  NETw3v32 - ok
16:21:44.0238 5068  [ 1D73499A6664B4DA05D750FF83FDB274 ] NETw4v32        C:\Windows\system32\DRIVERS\NETw4v32.sys
16:21:44.0336 5068  NETw4v32 - ok
16:21:44.0365 5068  [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
16:21:44.0369 5068  nfrd960 - ok
16:21:44.0425 5068  [ C424117A562F2DE37A42266894C79AEB ] NlaSvc          C:\Windows\System32\nlasvc.dll
16:21:44.0437 5068  NlaSvc - ok
16:21:44.0546 5068  [ 7B273501C59D52978B761F82BEBADB06 ] NMIndexingService C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
16:21:44.0556 5068  NMIndexingService - ok
16:21:44.0581 5068  [ 4F9832BEB9FAFD8CEB0E541F1323B26E ] Npfs            C:\Windows\system32\drivers\Npfs.sys
16:21:44.0584 5068  Npfs - ok
16:21:44.0596 5068  [ 23B8201A363DE0E649FC75EE9874DEE2 ] nsi             C:\Windows\system32\nsisvc.dll
16:21:44.0605 5068  nsi - ok
16:21:44.0647 5068  [ B488DFEC274DE1FC9D653870EF2587BE ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
16:21:44.0650 5068  nsiproxy - ok
16:21:44.0720 5068  [ F08824715CA6076F5E73E005AB83B9C8 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
16:21:44.0766 5068  Ntfs - ok
16:21:44.0795 5068  [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi       C:\Windows\system32\drivers\ntrigdigi.sys
16:21:44.0798 5068  ntrigdigi - ok
16:21:44.0821 5068  [ EC5EFB3C60F1B624648344A328BCE596 ] Null            C:\Windows\system32\drivers\Null.sys
16:21:44.0824 5068  Null - ok
16:21:44.0838 5068  [ E69E946F80C1C31C53003BFBF50CBB7C ] nvraid          C:\Windows\system32\drivers\nvraid.sys
16:21:44.0842 5068  nvraid - ok
16:21:44.0878 5068  [ ED399014A8029DE02BA5AE01DA8CC9EE ] nvrd32          C:\Windows\system32\drivers\nvrd32.sys
16:21:44.0883 5068  nvrd32 - ok
16:21:44.0912 5068  [ 9E0BA19A28C498A6D323D065DB76DFFC ] nvstor          C:\Windows\system32\drivers\nvstor.sys
16:21:44.0916 5068  nvstor - ok
16:21:44.0938 5068  [ 703E3A7093B0FAC0EEBADBB8E931ECAF ] nvstor32        C:\Windows\system32\drivers\nvstor32.sys
16:21:44.0943 5068  nvstor32 - ok
16:21:44.0977 5068  [ 925EB9E53ECA4473A2D156A02B7418E3 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
16:21:44.0981 5068  nv_agp - ok
16:21:44.0990 5068  NwlnkFlt - ok
16:21:45.0003 5068  NwlnkFwd - ok
16:21:45.0111 5068  [ 1F0E05DFF4F5A833168E49BE1256F002 ] odserv          C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
16:21:45.0133 5068  odserv - ok
16:21:45.0183 5068  [ BE32DA025A0BE1878F0EE8D6D9386CD5 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
16:21:45.0187 5068  ohci1394 - ok
16:21:45.0245 5068  [ 5A432A042DAE460ABE7199B758E8606C ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
16:21:45.0250 5068  ose - ok
16:21:45.0307 5068  [ 016D01D3B8FB976A193C7434BED8DCCF ] p2pimsvc        C:\Windows\system32\p2psvc.dll
16:21:45.0316 5068  p2pimsvc - ok
16:21:45.0352 5068  [ 016D01D3B8FB976A193C7434BED8DCCF ] p2psvc          C:\Windows\system32\p2psvc.dll
16:21:45.0360 5068  p2psvc - ok
16:21:45.0374 5068  [ 0FA9B5055484649D63C303FE404E5F4D ] Parport         C:\Windows\system32\drivers\parport.sys
16:21:45.0377 5068  Parport - ok
16:21:45.0394 5068  [ 555A5B2C8022983BC7467BC925B222EE ] partmgr         C:\Windows\system32\drivers\partmgr.sys
16:21:45.0398 5068  partmgr - ok
16:21:45.0426 5068  [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm          C:\Windows\system32\drivers\parvdm.sys
16:21:45.0427 5068  Parvdm - ok
16:21:45.0458 5068  [ D8C5C215C932233A4F1D7F368F4E4E65 ] PcaSvc          C:\Windows\System32\pcasvc.dll
16:21:45.0462 5068  PcaSvc - ok
16:21:45.0516 5068  [ A48C4D0ACC933F7A37E52AB0761811AD ] pci             C:\Windows\system32\drivers\pci.sys
16:21:45.0519 5068  pci - ok
16:21:45.0541 5068  [ 353968946BCB766F6C5C01717686B382 ] pciide          C:\Windows\system32\drivers\pciide.sys
16:21:45.0542 5068  pciide - ok
16:21:45.0572 5068  [ E6F3FB1B86AA519E7698AD05E58B04E5 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
16:21:45.0577 5068  pcmcia - ok
16:21:45.0621 5068  [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
16:21:45.0655 5068  PEAUTH - ok
16:21:45.0716 5068  [ CD05A38D166BEADE18030BAFC0C0A939 ] pla             C:\Windows\system32\pla.dll
16:21:45.0731 5068  pla - ok
16:21:45.0839 5068  [ 747BB4C31F3B6E8D1B5ED0AD61518CB5 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
16:21:45.0846 5068  PlugPlay - ok
16:21:45.0887 5068  [ 2F4CA141A609CAF5C98F6E4760EF1B9B ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
16:21:45.0891 5068  Pml Driver HPZ12 - ok
16:21:45.0965 5068  [ 016D01D3B8FB976A193C7434BED8DCCF ] PNRPAutoReg     C:\Windows\system32\p2psvc.dll
16:21:45.0976 5068  PNRPAutoReg - ok
16:21:46.0026 5068  [ 016D01D3B8FB976A193C7434BED8DCCF ] PNRPsvc         C:\Windows\system32\p2psvc.dll
16:21:46.0037 5068  PNRPsvc - ok
16:21:46.0095 5068  [ 5EBDEC613BD377CE9A85382BE5C6B83B ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
16:21:46.0119 5068  PolicyAgent - ok
16:21:46.0171 5068  [ C04DEC5ACE67C5247B150C4223970BB7 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
16:21:46.0174 5068  PptpMiniport - ok
16:21:46.0209 5068  [ 0E3CEF5D28B40CF273281D620C50700A ] Processor       C:\Windows\system32\drivers\processr.sys
16:21:46.0213 5068  Processor - ok
16:21:46.0257 5068  [ 8B8E8F4734C5C576E3B910DB73756CF1 ] ProfSvc         C:\Windows\system32\profsvc.dll
16:21:46.0268 5068  ProfSvc - ok
16:21:46.0321 5068  [ D09A5DA84B7C9CA9B02EBCD7FAE41C8D ] ProtectedStorage C:\Windows\system32\lsass.exe
16:21:46.0328 5068  ProtectedStorage - ok
16:21:46.0350 5068  [ 2C8BAE55247C4E09352E870292E4D1AB ] PSched          C:\Windows\system32\DRIVERS\pacer.sys
16:21:46.0353 5068  PSched - ok
16:21:46.0385 5068  [ D86B4A68565E444D76457F14172C875A ] PxHelp20        C:\Windows\system32\Drivers\PxHelp20.sys
16:21:46.0389 5068  PxHelp20 - ok
16:21:46.0474 5068  [ CCDAC889326317792480C0A67156A1EC ] ql2300          C:\Windows\system32\drivers\ql2300.sys
16:21:46.0508 5068  ql2300 - ok
16:21:46.0529 5068  [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
16:21:46.0532 5068  ql40xx - ok
16:21:46.0563 5068  [ CA61BDFD3713A7CE75F2812AFC431594 ] QWAVE           C:\Windows\system32\qwave.dll
16:21:46.0570 5068  QWAVE - ok
16:21:46.0586 5068  [ D2B3E2B7426DC23E185FBC73C8936C12 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
16:21:46.0588 5068  QWAVEdrv - ok
16:21:46.0608 5068  [ BD7B30F55B3649506DD8B3D38F571D2A ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
16:21:46.0610 5068  RasAcd - ok
16:21:46.0631 5068  [ F14F4AAB9F54D099FE99192BDB100AC9 ] RasAuto         C:\Windows\System32\rasauto.dll
16:21:46.0638 5068  RasAuto - ok
16:21:46.0655 5068  [ 68B0019FEE429EC49D29017AF937E482 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
16:21:46.0658 5068  Rasl2tp - ok
16:21:46.0679 5068  [ 6A43A313B384CA0B1ACCBA47EE504764 ] RasMan          C:\Windows\System32\rasmans.dll
16:21:46.0686 5068  RasMan - ok
16:21:46.0714 5068  [ CCF4E9C6CBBAC81437F88CB2AE0B6C96 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
16:21:46.0716 5068  RasPppoe - ok
16:21:46.0781 5068  [ 54129C5D9581BBEC8BD1EBD3BA813F47 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
16:21:46.0786 5068  rdbss - ok
16:21:46.0795 5068  [ 794585276B5D7FCA9F3FC15543F9F0B9 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
16:21:46.0797 5068  RDPCDD - ok
16:21:46.0823 5068  [ 87EE019FE9FBFF071D76CCF9EC794646 ] rdpdr           C:\Windows\system32\drivers\rdpdr.sys
16:21:46.0829 5068  rdpdr - ok
16:21:46.0835 5068  [ 980B56E2E273E19D3A9D72D5C420F008 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
16:21:46.0836 5068  RDPENCDD - ok
16:21:46.0858 5068  [ E2AFAC98FC6CA2AD2D09F2DE1BC71AD9 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
16:21:46.0862 5068  RDPWD - ok
16:21:46.0894 5068  [ 6C1A43C589EE8011A1EBFD51C01B77CE ] RemoteAccess    C:\Windows\System32\mprdim.dll
16:21:46.0898 5068  RemoteAccess - ok
16:21:46.0912 5068  [ 9A043808667C8C1893DA7275AF373F0E ] RemoteRegistry  C:\Windows\system32\regsvc.dll
16:21:46.0920 5068  RemoteRegistry - ok
16:21:47.0010 5068  [ C1C132455200AD4704142442C89D0FA4 ] RichVideo       C:\Program Files\CyberLink\Shared Files\RichVideo.exe
16:21:47.0013 5068  RichVideo - ok
16:21:47.0035 5068  [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator      C:\Windows\system32\locator.exe
16:21:47.0039 5068  RpcLocator - ok
16:21:47.0062 5068  [ B1BB45E24717A7F790B4411C4446EF5E ] RpcSs           C:\Windows\system32\rpcss.dll
16:21:47.0070 5068  RpcSs - ok
16:21:47.0173 5068  [ 97E939D2128FEC5D5A3E6E79B290A2F4 ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
16:21:47.0176 5068  rspndr - ok
16:21:47.0213 5068  [ 904FD29EC1FF2709099AE2CD1C09A913 ] RTL8169         C:\Windows\system32\DRIVERS\Rtlh86.sys
16:21:47.0216 5068  RTL8169 - ok
16:21:47.0278 5068  [ D09A5DA84B7C9CA9B02EBCD7FAE41C8D ] SamSs           C:\Windows\system32\lsass.exe
16:21:47.0284 5068  SamSs - ok
16:21:47.0307 5068  [ 3CE8F073A557E172B330109436984E30 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
16:21:47.0312 5068  sbp2port - ok
16:21:47.0395 5068  [ 565B4B9E5AD2F2F18A4F8AAFA6C06BBB ] SCardSvr        C:\Windows\System32\SCardSvr.dll
16:21:47.0405 5068  SCardSvr - ok
16:21:47.0451 5068  [ BF17DA9F25A4F84C2577AC13EE126CB7 ] Schedule        C:\Windows\system32\schedsvc.dll
16:21:47.0531 5068  Schedule - ok
16:21:47.0552 5068  [ 0600E04315FE543802A379D5D23C8BE0 ] SCPolicySvc     C:\Windows\System32\certprop.dll
16:21:47.0555 5068  SCPolicySvc - ok
16:21:47.0566 5068  [ F7B6BF02240D0A764ADF8C8966735552 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
16:21:47.0579 5068  SDRSVC - ok
16:21:47.0622 5068  [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
16:21:47.0625 5068  secdrv - ok
16:21:47.0641 5068  [ 8388C4133DDBE62AD7BC3EC9F14271ED ] seclogon        C:\Windows\system32\seclogon.dll
16:21:47.0651 5068  seclogon - ok
16:21:47.0671 5068  [ 34350AE2C1D33D21C7305F861BD8DAD8 ] SENS            C:\Windows\System32\sens.dll
16:21:47.0682 5068  SENS - ok
16:21:47.0702 5068  [ 68E44E331D46F0FB38F0863A84CD1A31 ] Serenum         C:\Windows\system32\drivers\serenum.sys
16:21:47.0706 5068  Serenum - ok
16:21:47.0740 5068  [ C70D69A918B178D3C3B06339B40C2E1B ] Serial          C:\Windows\system32\drivers\serial.sys
16:21:47.0744 5068  Serial - ok
16:21:47.0800 5068  [ 2BAF2ABC0DA0D50EBE8289C720977052 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
16:21:47.0803 5068  sermouse - ok
16:21:47.0848 5068  [ 78878235DA4DF0D116E86837A0A21DF8 ] SessionEnv      C:\Windows\system32\sessenv.dll
16:21:47.0859 5068  SessionEnv - ok
16:21:47.0872 5068  [ 55B145D4248012D306DA8E92FA9FDC20 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
16:21:47.0875 5068  sffdisk - ok
16:21:47.0888 5068  [ B86DFCD55294A0495571A27B861E6EF3 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
16:21:47.0891 5068  sffp_mmc - ok
16:21:47.0900 5068  [ 5B327B59FAE2B01C34690D91ED03786E ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
16:21:47.0905 5068  sffp_sd - ok
16:21:47.0915 5068  [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
16:21:47.0919 5068  sfloppy - ok
16:21:47.0970 5068  [ 9A82BF4C90B00A63150A606A1E2FD82B ] SharedAccess    C:\Windows\System32\ipnathlp.dll
16:21:47.0978 5068  SharedAccess - ok
16:21:48.0018 5068  [ B264DFA21677728613267FE63802B332 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
16:21:48.0031 5068  ShellHWDetection - ok
16:21:48.0077 5068  [ E5773C4CFF310D00A59DB01EF4074135 ] sisagp          C:\Windows\system32\drivers\sisagp.sys
16:21:48.0081 5068  sisagp - ok
16:21:48.0130 5068  [ CEDD6F4E7D84E9F98B34B3FE988373AA ] SiSRaid2        C:\Windows\system32\drivers\sisraid2.sys
16:21:48.0133 5068  SiSRaid2 - ok
16:21:48.0167 5068  [ DF843C528C4F69D12CE41CE462E973A7 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
16:21:48.0172 5068  SiSRaid4 - ok
16:21:48.0277 5068  [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate     C:\Program Files\Skype\Updater\Updater.exe
16:21:48.0280 5068  SkypeUpdate - ok
16:21:48.0426 5068  [ A1DCD30534835CB67733AD00175125A6 ] slsvc           C:\Windows\system32\SLsvc.exe
16:21:48.0568 5068  slsvc - ok
16:21:48.0618 5068  [ 56DA296E7B376A727E7BDC5AC7FBEE02 ] SLUINotify      C:\Windows\system32\SLUINotify.dll
16:21:48.0630 5068  SLUINotify - ok
16:21:48.0646 5068  [ 46BAF398809A0F3B2D3300A1760E4B91 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
16:21:48.0650 5068  Smb - ok
16:21:48.0711 5068  [ C8A58FC905C9184FA70E37F71060C64D ] smserial        C:\Windows\system32\DRIVERS\smserial.sys
16:21:48.0766 5068  smserial - ok
16:21:48.0830 5068  [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
16:21:48.0841 5068  SNMPTRAP - ok
16:21:48.0898 5068  [ 426F9B029AA9162CECCF65369457D046 ] spldr           C:\Windows\system32\drivers\spldr.sys
16:21:48.0900 5068  spldr - ok
16:21:48.0921 5068  [ DA612EF2556776DF2630B68BF2D48935 ] Spooler         C:\Windows\System32\spoolsv.exe
16:21:48.0929 5068  Spooler - ok
16:21:48.0961 5068  [ 081BE0D7A95AF38D2AA238AFCFC103AA ] srv             C:\Windows\system32\DRIVERS\srv.sys
16:21:48.0967 5068  srv - ok
16:21:48.0990 5068  [ 6971A757AF8CB5E2CBCBB76CC530DB6C ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
16:21:48.0994 5068  srv2 - ok
16:21:49.0006 5068  [ 3D2CA9F958FB6E28447DA61F65B9DEBA ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
16:21:49.0009 5068  srvnet - ok
16:21:49.0031 5068  [ 8D3E4BAFF8B3997138C38EB1B600519A ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
16:21:49.0040 5068  SSDPSRV - ok
16:21:49.0093 5068  [ DF5C19F053EFF7F8BA25D73AEA899656 ] ssm_bus         C:\Windows\system32\DRIVERS\ssm_bus.sys
16:21:49.0096 5068  ssm_bus - ok
16:21:49.0128 5068  [ 7A95B5DEB594616F1693486B8161411E ] StillCam        C:\Windows\system32\DRIVERS\serscan.sys
16:21:49.0130 5068  StillCam - ok
16:21:49.0159 5068  [ A941E099EF46E3CC12F898CBE1C39910 ] stisvc          C:\Windows\System32\wiaservc.dll
16:21:49.0179 5068  stisvc - ok
16:21:49.0206 5068  [ 9C539AAFFB0B6D7BCE984C74317FF29F ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
16:21:49.0208 5068  swenum - ok
16:21:49.0225 5068  [ 749ADA8D6C18A08ADFEDE69CBF5DB2E0 ] swprv           C:\Windows\System32\swprv.dll
16:21:49.0236 5068  swprv - ok
16:21:49.0259 5068  [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx         C:\Windows\system32\drivers\symc8xx.sys
16:21:49.0261 5068  Symc8xx - ok
16:21:49.0296 5068  [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi          C:\Windows\system32\drivers\sym_hi.sys
16:21:49.0298 5068  Sym_hi - ok
16:21:49.0336 5068  [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3          C:\Windows\system32\drivers\sym_u3.sys
16:21:49.0338 5068  Sym_u3 - ok
16:21:49.0379 5068  [ 8F2B5FEDE18BD3C4C926CBF88E6F1264 ] SysMain         C:\Windows\system32\sysmain.dll
16:21:49.0401 5068  SysMain - ok
16:21:49.0451 5068  [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll
16:21:49.0458 5068  TabletInputService - ok
16:21:49.0536 5068  [ 9C574F1879936F5761F5322A5962E4F1 ] TapiSrv         C:\Windows\System32\tapisrv.dll
16:21:49.0542 5068  TapiSrv - ok
16:21:49.0568 5068  [ 68FA52794AE9ACC61BDE16FE0956B414 ] TBS             C:\Windows\System32\tbssvc.dll
16:21:49.0575 5068  TBS - ok
16:21:49.0633 5068  [ 2C1F7005AA3B62721BFDB307BD5F5010 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
16:21:49.0665 5068  Tcpip - ok
16:21:49.0689 5068  [ 2C1F7005AA3B62721BFDB307BD5F5010 ] Tcpip6          C:\Windows\system32\DRIVERS\tcpip.sys
16:21:49.0696 5068  Tcpip6 - ok
16:21:49.0729 5068  [ 5CE0C4A7B12D0067DAD527D72B68C726 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
16:21:49.0731 5068  tcpipreg - ok
16:21:49.0761 5068  [ 964248AEF49C31FA6A93201A73FFAF50 ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
16:21:49.0763 5068  TDPIPE - ok
16:21:49.0795 5068  [ 7D2C1AE1648A60FCE4AA0F7982E419D3 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
16:21:49.0797 5068  TDTCP - ok
16:21:49.0817 5068  [ 7973F7239486800CD79E4FDBAB6A07DF ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
16:21:49.0820 5068  tdx - ok
16:21:49.0949 5068  [ 0835A6C3C951A440AD03FB3DAB953D16 ] TeamViewer6     C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe
16:21:49.0968 5068  TeamViewer6 - ok
16:21:49.0986 5068  [ CFE870506361BAC80A549749116AD870 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
16:21:49.0988 5068  TermDD - ok
16:21:50.0032 5068  [ FAD71C1E8E4047B154E899AE31EB8CAA ] TermService     C:\Windows\System32\termsrv.dll
16:21:50.0054 5068  TermService - ok
16:21:50.0113 5068  [ 8C80A73A5D77B2208CA91E4FA269981D ] TestHandler     C:\firststeps\OnlineDiagnostic\TestManager\TestHandler.exe
16:21:50.0116 5068  TestHandler - ok
16:21:50.0131 5068  [ B264DFA21677728613267FE63802B332 ] Themes          C:\Windows\system32\shsvcs.dll
16:21:50.0138 5068  Themes - ok
16:21:50.0149 5068  [ 9DFA3A459AF0954AA85B4F7622AD87BB ] THREADORDER     C:\Windows\system32\mmcss.dll
16:21:50.0153 5068  THREADORDER - ok
16:21:50.0171 5068  [ 6BBA0582C0025D43729A1112D3B57897 ] TrkWks          C:\Windows\System32\trkwks.dll
16:21:50.0178 5068  TrkWks - ok
16:21:50.0237 5068  [ 34E388A395FEDBA1D0511ED39BBF4074 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
16:21:50.0238 5068  TrustedInstaller - ok
16:21:50.0260 5068  [ 29F0ECA726F0D51F7E048BDB0B372F29 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
16:21:50.0262 5068  tssecsrv - ok
16:21:50.0328 5068  [ 82E6EBF3AA91C54B86F8A0C4A010BDBD ] TuneUp.Defrag   C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe
16:21:50.0336 5068  TuneUp.Defrag - ok
16:21:50.0388 5068  [ D9230F155742E47EC7AD87FBCB070665 ] TuneUp.UtilitiesSvc C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
16:21:50.0421 5068  TuneUp.UtilitiesSvc - ok
16:21:50.0460 5068  [ F2107C9D85EC0DF116939CCCE06AE697 ] TuneUpUtilitiesDrv C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys
16:21:50.0462 5068  TuneUpUtilitiesDrv - ok
16:21:50.0507 5068  [ 65E953BC0084D44498B51F59784D2A82 ] tunmp           C:\Windows\system32\DRIVERS\tunmp.sys
16:21:50.0509 5068  tunmp - ok
16:21:50.0520 5068  [ 4A39BDA5E0FD30BDF4884F9D33AE6105 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
16:21:50.0522 5068  tunnel - ok
16:21:50.0555 5068  [ C3ADE15414120033A36C0F293D4A4121 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
16:21:50.0557 5068  uagp35 - ok
16:21:50.0580 5068  [ DEEA398A92952CCC421BA5B39662CABE ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
16:21:50.0586 5068  udfs - ok
16:21:50.0631 5068  [ 24A333F4F14DCFB6FF6D5A1B9E5D79DD ] UI0Detect       C:\Windows\system32\UI0Detect.exe
16:21:50.0638 5068  UI0Detect - ok
16:21:50.0668 5068  [ 5895EF4D0F1424392EE6439250E25677 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
16:21:50.0670 5068  uliagpkx - ok
16:21:50.0701 5068  [ 3CD4EA35A6221B85DCC25DAA46313F8D ] uliahci         C:\Windows\system32\drivers\uliahci.sys
16:21:50.0706 5068  uliahci - ok
16:21:50.0729 5068  [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata          C:\Windows\system32\drivers\ulsata.sys
16:21:50.0732 5068  UlSata - ok
16:21:50.0760 5068  [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2         C:\Windows\system32\drivers\ulsata2.sys
16:21:50.0764 5068  ulsata2 - ok
16:21:50.0787 5068  [ DC8828971D997DE009647FCE59E0CE8F ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
16:21:50.0789 5068  umbus - ok
16:21:50.0814 5068  [ 8EB871A3DEB6B3D5A85EB6DDFC390B59 ] upnphost        C:\Windows\System32\upnphost.dll
16:21:50.0825 5068  upnphost - ok
16:21:50.0862 5068  [ 3F795D59734259A00D385FBD65191BF4 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
16:21:50.0866 5068  usbccgp - ok
16:21:50.0878 5068  [ E9476E6C486E76BC4898074768FB7131 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
16:21:50.0881 5068  usbcir - ok
16:21:50.0912 5068  [ 5555F6DF13A1A1C327D67E9DA7B99AEE ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
16:21:50.0914 5068  usbehci - ok
16:21:50.0929 5068  [ 8DABB8CB47E0736930CF6492AED361A6 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
16:21:50.0934 5068  usbhub - ok
16:21:50.0959 5068  [ 38DBC7DD6CC5A72011F187425384388B ] usbohci         C:\Windows\system32\drivers\usbohci.sys
16:21:50.0961 5068  usbohci - ok
16:21:51.0000 5068  [ B51E52ACF758BE00EF3A58EA452FE360 ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
16:21:51.0002 5068  usbprint - ok
16:21:51.0060 5068  [ B1F95285C08DDFE00C0B955462637EC7 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
16:21:51.0062 5068  usbscan - ok
16:21:51.0105 5068  [ 7887CE56934E7F104E98C975F47353C5 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
16:21:51.0107 5068  USBSTOR - ok
16:21:51.0136 5068  [ 718FDF0B0F16E1D3B992F95EADF1AF75 ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
16:21:51.0137 5068  usbuhci - ok
16:21:51.0179 5068  [ 9392A75BB21F22391C28274DBCAAD410 ] usbvideo        C:\Windows\system32\Drivers\usbvideo.sys
16:21:51.0183 5068  usbvideo - ok
16:21:51.0226 5068  [ EF1DB5ED65199A8A75D06F965DF25F32 ] UxSms           C:\Windows\System32\uxsms.dll
16:21:51.0232 5068  UxSms - ok
16:21:51.0268 5068  [ E3EA22C677D1F808D833862422D09702 ] UxTuneUp        C:\Windows\System32\uxtuneup.dll
16:21:51.0275 5068  UxTuneUp - ok
16:21:51.0307 5068  [ C9D0BAFEE0D0A2681F048CA61BC0DA96 ] vds             C:\Windows\System32\vds.exe
16:21:51.0328 5068  vds - ok
16:21:51.0373 5068  [ 7D92BE0028ECDEDEC74617009084B5EF ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
16:21:51.0375 5068  vga - ok
16:21:51.0403 5068  [ 17A8F877314E4067F8C8172CC6D9101C ] VgaSave         C:\Windows\System32\drivers\vga.sys
16:21:51.0406 5068  VgaSave - ok
16:21:51.0444 5068  [ 66E64D5CBEB047C90E65F0962483A5B2 ] viaagp          C:\Windows\system32\drivers\viaagp.sys
16:21:51.0446 5068  viaagp - ok
16:21:51.0474 5068  [ 56A4DE5F02F2E88182B0981119B4DD98 ] ViaC7           C:\Windows\system32\drivers\viac7.sys
16:21:51.0476 5068  ViaC7 - ok
16:21:51.0500 5068  [ 7100B56688C5D6D7695D18FD001F0CD6 ] viaide          C:\Windows\system32\drivers\viaide.sys
16:21:51.0502 5068  viaide - ok
16:21:51.0527 5068  [ 7DC3E1DC6E4F8BE381C31BFEA578412A ] viamraid        C:\Windows\system32\drivers\viamraid.sys
16:21:51.0530 5068  viamraid - ok
16:21:51.0558 5068  [ CC8A64A532FD2844EE68F4061ED8A7FD ] volmgr          C:\Windows\system32\drivers\volmgr.sys
16:21:51.0561 5068  volmgr - ok
16:21:51.0576 5068  [ 294DA8D3F965F6A8DB934A83C7B461FF ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
16:21:51.0583 5068  volmgrx - ok
16:21:51.0603 5068  [ 11EF6C1CAEF76B685233450A126125D6 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
16:21:51.0608 5068  volsnap - ok
16:21:51.0630 5068  [ D984439746D42B30FC65A4C3546C6829 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
16:21:51.0633 5068  vsmraid - ok
16:21:51.0692 5068  [ E0E29D9EF2524ABD11749C7C2FD7F607 ] VSS             C:\Windows\system32\vssvc.exe
16:21:51.0729 5068  VSS - ok
16:21:51.0756 5068  [ 62B0D0F6F5580D9D0DFA5E0B466FF2ED ] W32Time         C:\Windows\system32\w32time.dll
16:21:51.0767 5068  W32Time - ok
16:21:51.0796 5068  [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
16:21:51.0798 5068  WacomPen - ok
16:21:51.0831 5068  [ 6798C1209A53B5A0DED8D437C45145FF ] Wanarp          C:\Windows\system32\DRIVERS\wanarp.sys
16:21:51.0834 5068  Wanarp - ok
16:21:51.0844 5068  [ 6798C1209A53B5A0DED8D437C45145FF ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
16:21:51.0847 5068  Wanarpv6 - ok
16:21:51.0868 5068  [ C1B19162E0509CEAB4CDF664E139D956 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
16:21:51.0879 5068  wcncsvc - ok
16:21:51.0895 5068  [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
16:21:51.0902 5068  WcsPlugInService - ok
16:21:51.0923 5068  [ AFC5AD65B991C1E205CF25CFDBF7A6F4 ] Wd              C:\Windows\system32\drivers\wd.sys
16:21:51.0925 5068  Wd - ok
16:21:51.0954 5068  [ 7B5F66E4A2219C7D9DAF9E738480E534 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
16:21:51.0965 5068  Wdf01000 - ok
16:21:51.0983 5068  [ 2A424B89B14EF17A3D06BCB5A8F79601 ] WdiServiceHost  C:\Windows\system32\wdi.dll
16:21:51.0989 5068  WdiServiceHost - ok
16:21:51.0994 5068  [ 2A424B89B14EF17A3D06BCB5A8F79601 ] WdiSystemHost   C:\Windows\system32\wdi.dll
16:21:52.0001 5068  WdiSystemHost - ok
16:21:52.0025 5068  [ E6D41C3809FEE6473090F3200DF95680 ] WebClient       C:\Windows\System32\webclnt.dll
16:21:52.0032 5068  WebClient - ok
16:21:52.0052 5068  [ 9CF67FF7F8D34CBF115D0C278B9F74AA ] Wecsvc          C:\Windows\system32\wecsvc.dll
16:21:52.0059 5068  Wecsvc - ok
16:21:52.0074 5068  [ B68CAB45DB1DAB59D92ACADFAD6364A8 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
16:21:52.0082 5068  wercplsupport - ok
16:21:52.0095 5068  [ 36BA0707680EF4236FD752BEE982CC25 ] WerSvc          C:\Windows\System32\WerSvc.dll
16:21:52.0104 5068  WerSvc - ok
16:21:52.0152 5068  [ 0D5AD0E71FF5DDAC5DD2F443B499ABD0 ] WinDefend       C:\Program Files\Windows Defender\mpsvc.dll
16:21:52.0158 5068  WinDefend - ok
16:21:52.0172 5068  WinHttpAutoProxySvc - ok
16:21:52.0219 5068  [ 38A7B89DE4E3417C122317949667FDD8 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
16:21:52.0223 5068  Winmgmt - ok
16:21:52.0254 5068  [ 3F6823040030C3E4DA1CF11CD40B7534 ] WinRM           C:\Windows\system32\WsmSvc.dll
16:21:52.0263 5068  WinRM - ok
16:21:52.0313 5068  [ B410476A00961BF3FC368A346D8EA6A7 ] Wlansvc         C:\Windows\System32\wlansvc.dll
16:21:52.0322 5068  Wlansvc - ok
16:21:52.0349 5068  [ 17EAC0D023A65FA9B02114CC2BAACAD5 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
16:21:52.0351 5068  WmiAcpi - ok
16:21:52.0385 5068  [ A279323BEE5FFFAFDA222910BCE92132 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
16:21:52.0389 5068  wmiApSrv - ok
16:21:52.0466 5068  [ ACB2E63D50157E3EA7140F29D9E76A48 ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
16:21:52.0496 5068  WMPNetworkSvc - ok
16:21:52.0525 5068  [ 3D3B3B80C12ABE506F56930C46422C28 ] WPCSvc          C:\Windows\System32\wpcsvc.dll
16:21:52.0535 5068  WPCSvc - ok
16:21:52.0555 5068  [ C24844A1D0D9528B19D5BC266B8CD572 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
16:21:52.0562 5068  WPDBusEnum - ok
16:21:52.0619 5068  [ 2D27171B16A577EF14C1273668753485 ] WpdUsb          C:\Windows\system32\DRIVERS\wpdusb.sys
16:21:52.0621 5068  WpdUsb - ok
16:21:52.0655 5068  [ 84620AECDCFD2A7A14E6263927D8C0ED ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
16:21:52.0657 5068  ws2ifsl - ok
16:21:52.0678 5068  [ F97CBB919AF6D0A6643D1A59C15014D1 ] wscsvc          C:\Windows\System32\wscsvc.dll
16:21:52.0684 5068  wscsvc - ok
16:21:52.0689 5068  WSearch - ok
16:21:52.0768 5068  [ 6298277B73C77FA99106B271A7525163 ] wuauserv        C:\Windows\system32\wuaueng.dll
16:21:52.0788 5068  wuauserv - ok
16:21:52.0812 5068  [ EE0974D4042DA9CF4C569AC4ECA8C9C0 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
16:21:52.0815 5068  WUDFRd - ok
16:21:52.0832 5068  [ BCBF4873ECC317A6FC950E36383FC082 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
16:21:52.0840 5068  wudfsvc - ok
16:21:52.0863 5068  ZTEusbmdm6k - ok
16:21:52.0884 5068  ZTEusbnmea - ok
16:21:52.0896 5068  ZTEusbser6k - ok
16:21:52.0910 5068  ================ Scan global ===============================
16:21:52.0947 5068  [ 8CD98A8EC9CADAF4E051CDCAC15C96C4 ] C:\Windows\system32\basesrv.dll
16:21:52.0967 5068  [ E3F137ADC0A9D7F3A2E4F557272FE6B3 ] C:\Windows\system32\winsrv.dll
16:21:53.0001 5068  [ E3F137ADC0A9D7F3A2E4F557272FE6B3 ] C:\Windows\system32\winsrv.dll
16:21:53.0033 5068  [ 329CF3C97CE4C19375C8ABCABAE258B0 ] C:\Windows\system32\services.exe
16:21:53.0043 5068  [Global] - ok
16:21:53.0047 5068  ================ Scan MBR ==================================
16:21:53.0060 5068  [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
16:21:53.0443 5068  \Device\Harddisk0\DR0 - ok
16:21:53.0446 5068  ================ Scan VBR ==================================
16:21:53.0450 5068  [ 53111F4321985347925FED138DF74E93 ] \Device\Harddisk0\DR0\Partition1
16:21:53.0452 5068  \Device\Harddisk0\DR0\Partition1 - ok
16:21:53.0481 5068  [ AF75E230717B96EFE6AC65236F47CE46 ] \Device\Harddisk0\DR0\Partition2
16:21:53.0483 5068  \Device\Harddisk0\DR0\Partition2 - ok
16:21:53.0487 5068  ============================================================
16:21:53.0487 5068  Scan finished
16:21:53.0487 5068  ============================================================
16:21:53.0500 3216  Detected object count: 0
16:21:53.0500 3216  Actual detected object count: 0
16:22:31.0818 1380  ============================================================
16:22:31.0818 1380  Scan started
16:22:31.0818 1380  Mode: Manual; SigCheck; TDLFS; 
16:22:31.0818 1380  ============================================================
16:22:32.0058 1380  ================ Scan system memory ========================
16:22:32.0058 1380  System memory - ok
16:22:32.0059 1380  ================ Scan services =============================
16:22:32.0213 1380  [ 84FC6DF81212D16BE5C4F441682FECCC ] ACPI            C:\Windows\system32\drivers\acpi.sys
16:22:32.0359 1380  ACPI - ok
16:22:32.0448 1380  [ 3FD8DC2C9735C2AA70155102CFB93EDA ] AdobeActiveFileMonitor7.0 C:\Program Files\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe
16:22:32.0460 1380  AdobeActiveFileMonitor7.0 - ok
16:22:32.0570 1380  [ B2B64AF436FACCFA854DD397027C5360 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
16:22:32.0589 1380  AdobeFlashPlayerUpdateSvc - ok
16:22:32.0637 1380  [ 2EDC5BBAC6C651ECE337BDE8ED97C9FB ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
16:22:32.0664 1380  adp94xx - ok
16:22:32.0726 1380  [ B84088CA3CDCA97DA44A984C6CE1CCAD ] adpahci         C:\Windows\system32\drivers\adpahci.sys
16:22:32.0741 1380  adpahci - ok
16:22:32.0778 1380  [ 7880C67BCCC27C86FD05AA2AFB5EA469 ] adpu160m        C:\Windows\system32\drivers\adpu160m.sys
16:22:32.0790 1380  adpu160m - ok
16:22:32.0820 1380  [ 9AE713F8E30EFC2ABCCD84904333DF4D ] adpu320         C:\Windows\system32\drivers\adpu320.sys
16:22:32.0833 1380  adpu320 - ok
16:22:32.0864 1380  [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
16:22:32.0971 1380  AeLookupSvc - ok
16:22:33.0019 1380  [ 5D24CAF8EFD924A875698FF28384DB8B ] AFD             C:\Windows\system32\drivers\afd.sys
16:22:33.0087 1380  AFD - ok
16:22:33.0109 1380  [ 198636E76971EBC96404547EC0FD5E75 ] agp440          C:\Windows\system32\drivers\agp440.sys
16:22:33.0123 1380  agp440 - ok
16:22:33.0149 1380  [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx         C:\Windows\system32\drivers\djsvs.sys
16:22:33.0160 1380  aic78xx - ok
16:22:33.0176 1380  [ E69FB0E3112C40FDC0EF7D21A52DC951 ] ALG             C:\Windows\System32\alg.exe
16:22:33.0207 1380  ALG - ok
16:22:33.0237 1380  [ 0B3B337A68D9A75CC8D787DC98B53D79 ] aliide          C:\Windows\system32\drivers\aliide.sys
16:22:33.0251 1380  aliide - ok
16:22:33.0279 1380  [ 2363ABC8989A14FD7247CA6F4E89D397 ] amdagp          C:\Windows\system32\drivers\amdagp.sys
16:22:33.0290 1380  amdagp - ok
16:22:33.0315 1380  [ 468A204966D09F327A662C35F4B15DD3 ] amdide          C:\Windows\system32\drivers\amdide.sys
16:22:33.0326 1380  amdide - ok
16:22:33.0354 1380  [ DC487885BCEF9F28EECE6FAC0E5DDFC5 ] AmdK7           C:\Windows\system32\drivers\amdk7.sys
16:22:33.0426 1380  AmdK7 - ok
16:22:33.0447 1380  [ 0CA0071DA4315B00FC1328CA86B425DA ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
16:22:33.0519 1380  AmdK8 - ok
16:22:33.0554 1380  [ CFA455816879F06F1C4E5BBF9E8AEF7D ] Appinfo         C:\Windows\System32\appinfo.dll
16:22:33.0616 1380  Appinfo - ok
16:22:33.0724 1380  [ 7EF47644B74EBE721CC32211D3C35E76 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
16:22:33.0733 1380  Apple Mobile Device - ok
16:22:33.0755 1380  [ 5F673180268BB1FDB69C99B6619FE379 ] arc             C:\Windows\system32\drivers\arc.sys
16:22:33.0766 1380  arc - ok
16:22:33.0791 1380  [ 957F7540B5E7F602E44648C7DE5A1C05 ] arcsas          C:\Windows\system32\drivers\arcsas.sys
16:22:33.0806 1380  arcsas - ok
16:22:33.0841 1380  [ F5DC168BF77572D51BE28BA261B30CB4 ] aswFsBlk        C:\Windows\system32\drivers\aswFsBlk.sys
16:22:33.0890 1380  aswFsBlk - ok
16:22:33.0941 1380  [ F76E51561562AC4105DBBE53FC99BC10 ] aswMonFlt       C:\Windows\system32\drivers\aswMonFlt.sys
16:22:33.0952 1380  aswMonFlt - ok
16:22:33.0972 1380  [ B7D5E4486BA658ED08624D8084ABB830 ] aswRdr          C:\Windows\system32\drivers\aswRdr.sys
16:22:33.0983 1380  aswRdr - ok
16:22:34.0092 1380  [ 30E45AF8B4D83176CA850FC9699E860B ] aswSnx          C:\Windows\system32\drivers\aswSnx.sys
16:22:34.0128 1380  aswSnx - ok
16:22:34.0179 1380  [ F04BDBCB965C05C51F4A7DE7B62063D6 ] aswSP           C:\Windows\system32\drivers\aswSP.sys
16:22:34.0195 1380  aswSP - ok
16:22:34.0212 1380  [ DFE9152ABFA89BB8CFDC057409B2D4DA ] aswTdi          C:\Windows\system32\drivers\aswTdi.sys
16:22:34.0222 1380  aswTdi - ok
16:22:34.0259 1380  [ E86CF7CE67D5DE898F27EF884DC357D8 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
16:22:34.0331 1380  AsyncMac - ok
16:22:34.0374 1380  [ 0B77F93AB73798F97E8E0A0AA4CCBEEF ] atapi           C:\Windows\system32\drivers\atapi.sys
16:22:34.0385 1380  atapi - ok
16:22:34.0478 1380  [ ADFD93663D3BAE4FADC19AD1AE519EE4 ] Ati External Event Utility C:\Windows\system32\Ati2evxx.exe
16:22:34.0523 1380  Ati External Event Utility - ok
16:22:34.0669 1380  [ 389A2668E0C0C6698A6B565632C7F43A ] atikmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
16:22:34.0858 1380  atikmdag - ok
16:22:34.0900 1380  [ 0B5302314A77100A930249F0BE9AB2D2 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
16:22:34.0958 1380  AudioEndpointBuilder - ok
16:22:34.0978 1380  [ 0B5302314A77100A930249F0BE9AB2D2 ] Audiosrv        C:\Windows\System32\Audiosrv.dll
16:22:35.0000 1380  Audiosrv - ok
16:22:35.0112 1380  [ 04AC21E821F259845BD7367CEE057290 ] avast! Antivirus C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
16:22:35.0131 1380  avast! Antivirus - ok
16:22:35.0157 1380  [ AC3DD1708B22761EBD7CBE14DCC3B5D7 ] Beep            C:\Windows\system32\drivers\Beep.sys
16:22:35.0275 1380  Beep - ok
16:22:35.0310 1380  [ 96B73CC64BD905EA6CC4E44384ABD8C9 ] BFE             C:\Windows\System32\bfe.dll
16:22:35.0363 1380  BFE - ok
16:22:35.0425 1380  [ DA551697E34D2B9943C8B1C8EAFFE89A ] BITS            C:\Windows\System32\qmgr.dll
16:22:35.0492 1380  BITS - ok
16:22:35.0510 1380  blbdrive - ok
16:22:35.0583 1380  [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
16:22:35.0614 1380  Bonjour Service - ok
16:22:35.0637 1380  [ 913CD06FBE9105CE6077E90FD4418561 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
16:22:35.0710 1380  bowser - ok
16:22:35.0728 1380  [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo        C:\Windows\system32\drivers\brfiltlo.sys
16:22:35.0873 1380  BrFiltLo - ok
16:22:35.0937 1380  [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp        C:\Windows\system32\drivers\brfiltup.sys
16:22:36.0048 1380  BrFiltUp - ok
16:22:36.0082 1380  [ BEB6470532B7461D7BB426E3FACB424F ] Browser         C:\Windows\System32\browser.dll
16:22:36.0155 1380  Browser - ok
16:22:36.0209 1380  [ B304E75CFF293029EDDF094246747113 ] Brserid         C:\Windows\system32\drivers\brserid.sys
16:22:36.0292 1380  Brserid - ok
16:22:36.0310 1380  [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm        C:\Windows\system32\drivers\brserwdm.sys
16:22:36.0398 1380  BrSerWdm - ok
16:22:36.0419 1380  [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm        C:\Windows\system32\drivers\brusbmdm.sys
16:22:36.0507 1380  BrUsbMdm - ok
16:22:36.0525 1380  [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer        C:\Windows\system32\drivers\brusbser.sys
16:22:36.0608 1380  BrUsbSer - ok
16:22:36.0627 1380  [ AD07C1EC6665B8B35741AB91200C6B68 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
16:22:36.0711 1380  BTHMODEM - ok
16:22:36.0773 1380  [ 6C3A437FC873C6F6A4FC620B6888CB86 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
16:22:36.0864 1380  cdfs - ok
16:22:36.0900 1380  [ 8D1866E61AF096AE8B582454F5E4D303 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
16:22:36.0982 1380  cdrom - ok
16:22:37.0030 1380  [ 0600E04315FE543802A379D5D23C8BE0 ] CertPropSvc     C:\Windows\System32\certprop.dll
16:22:37.0092 1380  CertPropSvc - ok
16:22:37.0099 1380  [ DA8E0AFC7BAA226C538EF53AC2F90897 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
16:22:37.0156 1380  circlass - ok
16:22:37.0206 1380  [ 1B84FD0937D3B99AF9BA38DDFF3DAF54 ] CLFS            C:\Windows\system32\CLFS.sys
16:22:37.0222 1380  CLFS - ok
16:22:37.0301 1380  [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:22:37.0311 1380  clr_optimization_v2.0.50727_32 - ok
16:22:37.0345 1380  CLTNetCnService - ok
16:22:37.0373 1380  [ ED97AD3DF1B9005989EAF149BF06C821 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
16:22:37.0402 1380  CmBatt - ok
16:22:37.0430 1380  [ 2AC0C92B29EC21838F4CB46ADB26BCC0 ] cmdide          C:\Windows\system32\drivers\cmdide.sys
16:22:37.0444 1380  cmdide - ok
16:22:37.0468 1380  [ 722936AFB75A7F509662B69B5632F48A ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
16:22:37.0488 1380  Compbatt - ok
16:22:37.0499 1380  COMSysApp - ok
16:22:37.0511 1380  [ 2A213AE086BBEC5E937553C7D9A2B22C ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
16:22:37.0532 1380  crcdisk - ok
16:22:37.0554 1380  [ 22A7F883508176489F559EE745B5BF5D ] Crusoe          C:\Windows\system32\drivers\crusoe.sys
16:22:37.0633 1380  Crusoe - ok
16:22:37.0686 1380  [ 1C26FB097170A2A91066D1E3A24366E3 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
16:22:37.0740 1380  CryptSvc - ok
16:22:37.0786 1380  [ B1BB45E24717A7F790B4411C4446EF5E ] DcomLaunch      C:\Windows\system32\rpcss.dll
16:22:37.0817 1380  DcomLaunch - ok
16:22:37.0834 1380  [ A7179DE59AE269AB70345527894CCD7C ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
16:22:37.0906 1380  DfsC - ok
16:22:37.0989 1380  [ E0D584AA76C7D845BA9F3A788260528F ] DFSR            C:\Windows\system32\DFSR.exe
16:22:38.0138 1380  DFSR - ok
16:22:38.0181 1380  [ DC45739BC22D528D2B3E50D3F6761750 ] Dhcp            C:\Windows\System32\dhcpcsvc.dll
16:22:38.0212 1380  Dhcp - ok
16:22:38.0223 1380  [ 841AF4C4D41D3E3B2F244E976B0F7963 ] disk            C:\Windows\system32\drivers\disk.sys
16:22:38.0234 1380  disk - ok
16:22:38.0270 1380  [ 05D7E62FD2EABAD579EB4D0C29245EEC ] Dnscache        C:\Windows\System32\dnsrslvr.dll
16:22:38.0285 1380  Dnscache - ok
16:22:38.0303 1380  [ 32A15AF277E287E5A3AAEC67EDDB258C ] dot3svc         C:\Windows\System32\dot3svc.dll
16:22:38.0332 1380  dot3svc - ok
16:22:38.0386 1380  [ 57B2D433A08B95E4F1B53A919937F3E5 ] Dot4            C:\Windows\system32\DRIVERS\Dot4.sys
16:22:38.0476 1380  Dot4 - ok
16:22:38.0500 1380  [ D93FA484BB62FBE7E5EF335C5415D3CF ] Dot4Print       C:\Windows\system32\DRIVERS\Dot4Prt.sys
16:22:38.0579 1380  Dot4Print - ok
16:22:38.0598 1380  [ 599742C4260FB3E8EDB3BE148B8CE856 ] dot4usb         C:\Windows\system32\DRIVERS\dot4usb.sys
16:22:38.0668 1380  dot4usb - ok
16:22:38.0696 1380  [ 032C90AD677BF7B7A8013D6087C7A921 ] DPS             C:\Windows\system32\dps.dll
16:22:38.0730 1380  DPS - ok
16:22:38.0764 1380  [ EE472CD2C01F6F8E8AA1FA06FFEF61B6 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
16:22:38.0841 1380  drmkaud - ok
16:22:38.0877 1380  [ 2D13D9E98CAF6321F219B28921AF214C ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
16:22:38.0932 1380  DXGKrnl - ok
16:22:38.0968 1380  [ F88FB26547FD2CE6D0A5AF2985892C48 ] E1G60           C:\Windows\system32\DRIVERS\E1G60I32.sys
16:22:39.0040 1380  E1G60 - ok
16:22:39.0090 1380  [ 90A0A875642E18618010645311B4E89E ] EapHost         C:\Windows\System32\eapsvc.dll
16:22:39.0162 1380  EapHost - ok
16:22:39.0188 1380  [ 38573398F734B71B06CD2411494F234A ] Ecache          C:\Windows\system32\drivers\ecache.sys
16:22:39.0201 1380  Ecache - ok
16:22:39.0257 1380  [ 8EA277BDA2730C9B34ADD67CDD593D64 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
16:22:39.0289 1380  ehRecvr - ok
16:22:39.0309 1380  [ AD1870C8E5D6DD340C829E6074BF3C3F ] ehSched         C:\Windows\ehome\ehsched.exe
16:22:39.0325 1380  ehSched - ok
16:22:39.0341 1380  [ C27C4EE8926E74AA72EFCAB24C5242C3 ] ehstart         C:\Windows\ehome\ehstart.dll
16:22:39.0355 1380  ehstart - ok
16:22:39.0399 1380  [ E8F3F21A71720C84BCF423B80028359F ] elxstor         C:\Windows\system32\drivers\elxstor.sys
16:22:39.0414 1380  elxstor - ok
16:22:39.0462 1380  [ 902CDDD9CD94AD1B4688D96FF8F2EDB8 ] EMDMgmt         C:\Windows\system32\emdmgmt.dll
16:22:39.0501 1380  EMDMgmt - ok
16:22:39.0558 1380  [ 7B4971C3D43525175A4EA0D143E0412E ] EventSystem     C:\Windows\system32\es.dll
16:22:39.0582 1380  EventSystem - ok
16:22:39.0588 1380  ewusbnet - ok
16:22:39.0618 1380  [ 84A317CB0B3954D3768CDCD018DBF670 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
16:22:39.0742 1380  fastfat - ok
16:22:39.0767 1380  [ 63BDADA84951B9C03E641800E176898A ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
16:22:39.0874 1380  fdc - ok
16:22:39.0890 1380  [ E43BCE1A77D6FD4ED5F8E0482B9E7DF1 ] fdPHost         C:\Windows\system32\fdPHost.dll
16:22:39.0956 1380  fdPHost - ok
16:22:40.0058 1380  [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub        C:\Windows\system32\fdrespub.dll
16:22:40.0117 1380  FDResPub - ok
16:22:40.0134 1380  [ 65773D6115C037FFD7EF8280AE85EB9D ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
16:22:40.0145 1380  FileInfo - ok
16:22:40.0195 1380  [ C226DD0DE060745F3E042F58DCF78402 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
16:22:40.0271 1380  Filetrace - ok
16:22:40.0339 1380  [ F76D04F7413B07DAA029F6520B64B4E8 ] FLEXnet Licensing Service C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
16:22:40.0405 1380  FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - warning
16:22:40.0405 1380  FLEXnet Licensing Service - detected UnsignedFile.Multi.Generic (1)
16:22:40.0448 1380  [ 6603957EFF5EC62D25075EA8AC27DE68 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
16:22:40.0550 1380  flpydisk - ok
16:22:40.0605 1380  [ A6A8DA7AE4D53394AB22AC3AB6D3F5D3 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
16:22:40.0618 1380  FltMgr - ok
16:22:40.0720 1380  [ C9BE08664611DDAF98E2331E9288B00B ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
16:22:40.0729 1380  FontCache3.0.0.0 - ok
16:22:40.0805 1380  [ 6A4125EDBE6D5907D4B1E4514F1F5675 ] FSCLBaseUpdaterService C:\Program Files\Fujitsu Siemens Computers\FSCLounge\FSCWBaseUpdaterService\2\FSCWBaseUpdaterService.exe
16:22:40.0826 1380  FSCLBaseUpdaterService ( UnsignedFile.Multi.Generic ) - warning
16:22:40.0826 1380  FSCLBaseUpdaterService - detected UnsignedFile.Multi.Generic (1)
16:22:40.0946 1380  [ 66A078591208BAA210C7634B11EB392C ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
16:22:40.0969 1380  Fs_Rec - ok
16:22:41.0120 1380  [ 4E1CD0A45C50A8882616CAE5BF82F3C5 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
16:22:41.0134 1380  gagp30kx - ok
16:22:41.0303 1380  [ 8182FF89C65E4D38B2DE4BB0FB18564E ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
16:22:41.0311 1380  GEARAspiWDM - ok
16:22:41.0379 1380  [ AD0C777CD05A4CA30100000AB9B3E30B ] gpsvc           C:\Windows\System32\gpsvc.dll
16:22:41.0410 1380  gpsvc - ok
16:22:41.0506 1380  [ F02A533F517EB38333CB12A9E8963773 ] gupdate         C:\Program Files\Google\Update\GoogleUpdate.exe
16:22:41.0519 1380  gupdate - ok
16:22:41.0539 1380  [ F02A533F517EB38333CB12A9E8963773 ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe
16:22:41.0551 1380  gupdatem - ok
16:22:41.0588 1380  [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc           C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
16:22:41.0603 1380  gusvc - ok
16:22:41.0649 1380  [ CB04C744BE0A61B1D648FAED182C3B59 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
16:22:41.0742 1380  HdAudAddService - ok
16:22:41.0775 1380  [ 0DB613A7E427B5663563677796FD5258 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
16:22:41.0806 1380  HDAudBus - ok
16:22:41.0828 1380  [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth          C:\Windows\system32\drivers\hidbth.sys
16:22:41.0893 1380  HidBth - ok
16:22:41.0912 1380  [ F24393C44FDFE2E5E9F416FD3BDF98E2 ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
16:22:41.0925 1380  HidIr - ok
16:22:41.0946 1380  [ 8FA640195279ACE21BEA91396A0054FC ] hidserv         C:\Windows\system32\hidserv.dll
16:22:42.0007 1380  hidserv - ok
16:22:42.0019 1380  [ 01E7971E9F4BD6AC6A08DB52D0EA0418 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
16:22:42.0043 1380  HidUsb - ok
16:22:42.0070 1380  [ D40AA05E29BF6ED29B139F044B461E9B ] hkmsvc          C:\Windows\system32\kmsvc.dll
16:22:42.0128 1380  hkmsvc - ok
16:22:42.0179 1380  [ DF353B401001246853763C4B7AAA6F50 ] HpCISSs         C:\Windows\system32\drivers\hpcisss.sys
16:22:42.0189 1380  HpCISSs - ok
16:22:42.0308 1380  [ 0A3C6AA4A9FC38C20BA4EAC2C3351C05 ] hpqcxs08        C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
16:22:42.0333 1380  hpqcxs08 ( UnsignedFile.Multi.Generic ) - warning
16:22:42.0333 1380  hpqcxs08 - detected UnsignedFile.Multi.Generic (1)
16:22:42.0366 1380  [ EE4C7A4CF2316701FFDE90F404520265 ] hpqddsvc        C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
16:22:42.0375 1380  hpqddsvc ( UnsignedFile.Multi.Generic ) - warning
16:22:42.0375 1380  hpqddsvc - detected UnsignedFile.Multi.Generic (1)
16:22:42.0411 1380  [ 6F9CB6539A1B2508BD1C53D29334431A ] HPSLPSVC        C:\Program Files\HP\Digital Imaging\bin\HPSLPSVC32.DLL
16:22:42.0462 1380  HPSLPSVC ( UnsignedFile.Multi.Generic ) - warning
16:22:42.0462 1380  HPSLPSVC - detected UnsignedFile.Multi.Generic (1)
16:22:42.0493 1380  [ 481B86E8939289F77FBCEA1B24CEC687 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
16:22:42.0523 1380  HTTP - ok
16:22:42.0536 1380  hwdatacard - ok
16:22:42.0548 1380  hwusbdev - ok
16:22:42.0592 1380  [ 324C2152FF2C61ABAE92D09F3CCA4D63 ] i2omp           C:\Windows\system32\drivers\i2omp.sys
16:22:42.0603 1380  i2omp - ok
16:22:42.0618 1380  [ BEA9838CD25D36BEBA3F94386A761D60 ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
16:22:42.0632 1380  i8042prt - ok
16:22:42.0679 1380  [ FD7F9D74C2B35DBDA400804A3F5ED5D8 ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
16:22:42.0692 1380  iaStor - ok
16:22:42.0717 1380  [ C957BF4B5D80B46C5017BF0101E6C906 ] iaStorV         C:\Windows\system32\drivers\iastorv.sys
16:22:42.0731 1380  iaStorV - ok
16:22:42.0808 1380  [ 7B630ACAED64FEF0C3E1CF255CB56686 ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
16:22:42.0871 1380  idsvc - ok
16:22:42.0890 1380  [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
16:22:42.0903 1380  iirsp - ok
16:22:42.0951 1380  [ 4456E314E60177B03E5CBE64CD6A337E ] IKEEXT          C:\Windows\System32\ikeext.dll
16:22:43.0007 1380  IKEEXT - ok
16:22:43.0127 1380  [ 4FA59A84069D9D0991BAE34CC4AFF99C ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
16:22:43.0253 1380  IntcAzAudAddService - ok
16:22:43.0275 1380  [ 4A6B4C4FAB7716C869FA9D19AC8CA5A5 ] intelide        C:\Windows\system32\drivers\intelide.sys
16:22:43.0295 1380  intelide - ok
16:22:43.0320 1380  [ CE44CC04262F28216DD4341E9E36A16F ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
16:22:43.0437 1380  intelppm - ok
16:22:43.0568 1380  [ A6D67306A3E9E526A8AEFEB9680A90EA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
16:22:43.0584 1380  IPBusEnum - ok
16:22:43.0601 1380  [ 880C6F86CC3F551B8FEA2C11141268C0 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:22:43.0675 1380  IpFilterDriver - ok
16:22:43.0709 1380  [ ECC9AD72CFC4AB41CF6A9BCC11F9FEF6 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
16:22:43.0735 1380  iphlpsvc - ok
16:22:43.0740 1380  IpInIp - ok
16:22:43.0765 1380  [ 40F34F8ABA2A015D780E4B09138B6C17 ] IPMIDRV         C:\Windows\system32\drivers\ipmidrv.sys
16:22:43.0849 1380  IPMIDRV - ok
16:22:43.0924 1380  [ 10077C35845101548037DF04FD1A420B ] IPNAT           C:\Windows\system32\DRIVERS\ipnat.sys
16:22:43.0993 1380  IPNAT - ok
16:22:44.0091 1380  [ 49918803B661367023BF325CF602AFDC ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
16:22:44.0126 1380  iPod Service - ok
16:22:44.0175 1380  [ A82F328F4792304184642D6D397BB1E3 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
16:22:44.0297 1380  IRENUM - ok
16:22:44.0323 1380  [ CE2997A0C3B0049A3188C4F0C7A04BC9 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
16:22:44.0346 1380  isapnp - ok
16:22:44.0379 1380  [ 4DCA456D4D5723F8FA9C6760D240B0DF ] iScsiPrt        C:\Windows\system32\DRIVERS\msiscsi.sys
16:22:44.0403 1380  iScsiPrt - ok
16:22:44.0427 1380  [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi        C:\Windows\system32\drivers\iteatapi.sys
16:22:44.0447 1380  iteatapi - ok
16:22:44.0480 1380  [ E4B04A0D8B237ECF026D849439F1BCCE ] itecir          C:\Windows\system32\DRIVERS\itecir.sys
16:22:44.0520 1380  itecir - ok
16:22:44.0541 1380  [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid         C:\Windows\system32\drivers\iteraid.sys
16:22:44.0561 1380  iteraid - ok
16:22:44.0584 1380  [ C1632FE31D1824A43DEA29725312E3FA ] JRAID           C:\Windows\system32\drivers\jraid.sys
16:22:44.0611 1380  JRAID - ok
16:22:44.0632 1380  [ C9B0CF786D5F151A43C7BE8E243F2819 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
16:22:44.0654 1380  kbdclass - ok
16:22:44.0671 1380  [ 97AB2FB84E8E77D93CEE85550F4CF7F9 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
16:22:44.0697 1380  kbdhid - ok
16:22:44.0734 1380  [ D09A5DA84B7C9CA9B02EBCD7FAE41C8D ] KeyIso          C:\Windows\system32\lsass.exe
16:22:44.0769 1380  KeyIso - ok
16:22:44.0810 1380  [ B6FAC1FF7D4A05C06DA9E53DBF5E9E7A ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
16:22:44.0855 1380  KSecDD - ok
16:22:44.0908 1380  [ 45C537FE5DDE9A0146AEFF76E615737D ] KtmRm           C:\Windows\system32\msdtckrm.dll
16:22:45.0036 1380  KtmRm - ok
16:22:45.0235 1380  [ 53D1482FC1AA36AC015A85E6CF2146BD ] LanmanServer    C:\Windows\system32\srvsvc.dll
16:22:45.0376 1380  LanmanServer - ok
16:22:45.0436 1380  [ 435F0F6DC87A4B5DA78F1FA309884189 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
16:22:45.0470 1380  LanmanWorkstation - ok
16:22:45.0523 1380  [ FD015B4F95DAA2B712F0E372A116FBAD ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
16:22:45.0594 1380  lltdio - ok
16:22:45.0643 1380  [ 7450DBCF754391DD6363FFFD5EF0E789 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
16:22:45.0728 1380  lltdsvc - ok
16:22:45.0749 1380  [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts         C:\Windows\System32\lmhsvc.dll
16:22:45.0830 1380  lmhosts - ok
16:22:45.0852 1380  [ A2262FB9F28935E862B4DB46438C80D2 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
16:22:45.0867 1380  LSI_FC - ok
16:22:45.0908 1380  [ 30D73327D390F72A62F32C103DAF1D6D ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
16:22:45.0919 1380  LSI_SAS - ok
16:22:45.0962 1380  [ E1E36FEFD45849A95F1AB81DE0159FE3 ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
16:22:45.0973 1380  LSI_SCSI - ok
16:22:45.0997 1380  [ 42885BB44B6E065B8575A8DD6C430C52 ] luafv           C:\Windows\system32\drivers\luafv.sys
16:22:46.0050 1380  luafv - ok
16:22:46.0192 1380  [ 65E794E86468B61F2BC79ABC48BC4433 ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
16:22:46.0203 1380  MBAMProtector - ok
16:22:46.0534 1380  [ 0DCF16B1449811EFA47AB52CAC84093C ] MBAMScheduler   C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
16:22:46.0565 1380  MBAMScheduler - ok
16:22:46.0626 1380  [ 9EAABA4D601004BEA4DAA6E146E19A96 ] MBAMService     C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
16:22:46.0671 1380  MBAMService - ok
16:22:46.0750 1380  [ 22A7776C5D8EB5930EDF9C8DD0884259 ] McComponentHostService C:\Program Files\McAfee Security Scan\3.0.207\McCHSvc.exe
16:22:46.0773 1380  McComponentHostService - ok
16:22:46.0832 1380  [ BF8426A8E3F3856389E26E94A8F1B588 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
16:22:46.0900 1380  Mcx2Svc - ok
16:22:46.0949 1380  [ D153B14FC6598EAE8422A2037553ADCE ] megasas         C:\Windows\system32\drivers\megasas.sys
16:22:46.0969 1380  megasas - ok
16:22:46.0993 1380  [ 9DFA3A459AF0954AA85B4F7622AD87BB ] MMCSS           C:\Windows\system32\mmcss.dll
16:22:47.0139 1380  MMCSS - ok
16:22:47.0167 1380  [ 21755967298A46FB6ADFEC9DB6012211 ] Modem           C:\Windows\system32\drivers\modem.sys
16:22:47.0219 1380  Modem - ok
16:22:47.0256 1380  [ EE05F7A5E2CEFB275B08F3E3FCC2A8EB ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
16:22:47.0285 1380  monitor - ok
16:22:47.0291 1380  [ 4A00B3CF90AD075193CA5AEECE71154C ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
16:22:47.0302 1380  mouclass - ok
16:22:47.0319 1380  [ 8D9B701D716843C39E93B3432CB721FC ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
16:22:47.0333 1380  mouhid - ok
16:22:47.0378 1380  [ 01F1E5A3E4877C931CBB31613FEC16A6 ] MountMgr        C:\Windows\system32\drivers\mountmgr.sys
16:22:47.0388 1380  MountMgr - ok
16:22:47.0474 1380  [ CB8AF049AC9BE419A77ADAE288673359 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
16:22:47.0485 1380  MozillaMaintenance - ok
16:22:47.0518 1380  [ 583A41F26278D9E0EA548163D6139397 ] mpio            C:\Windows\system32\drivers\mpio.sys
16:22:47.0529 1380  mpio - ok
16:22:47.0547 1380  [ 6E7A7F0C1193EE5648443FE2D4B789EC ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
16:22:47.0578 1380  mpsdrv - ok
16:22:47.0605 1380  [ 563ED845885C6A7C09A7715D8BD0585C ] MpsSvc          C:\Windows\system32\mpssvc.dll
16:22:47.0661 1380  MpsSvc - ok
16:22:47.0683 1380  [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x        C:\Windows\system32\drivers\mraid35x.sys
16:22:47.0693 1380  Mraid35x - ok
16:22:47.0715 1380  [ 08F0C494A69CF3106EE7FFC48D8E5AC7 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
16:22:47.0731 1380  MRxDAV - ok
16:22:47.0769 1380  [ BBB0D31B477CFF3B4F737ED0367F635F ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
16:22:47.0804 1380  mrxsmb - ok
16:22:47.0828 1380  [ A6130566AC4178473B5DAC8F8F74407D ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:22:47.0859 1380  mrxsmb10 - ok
16:22:47.0885 1380  [ 3D475E770D3AB2D0C5E3E1386871F9DA ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:22:47.0913 1380  mrxsmb20 - ok
16:22:47.0942 1380  [ 13FA01D10C95762E3E191BB023DFA8CC ] msahci          C:\Windows\system32\drivers\msahci.sys
16:22:47.0956 1380  msahci - ok
16:22:47.0980 1380  [ 3FC82A2AE4CC149165A94699183D3028 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
16:22:47.0996 1380  msdsm - ok
16:22:48.0034 1380  [ BC64A92D821EFEA8BAB8E8CAF1B668BC ] MSDTC           C:\Windows\System32\msdtc.exe
16:22:48.0056 1380  MSDTC - ok
16:22:48.0080 1380  [ 729EAFEFD4E7417165F353A18DBE947D ] Msfs            C:\Windows\system32\drivers\Msfs.sys
16:22:48.0162 1380  Msfs - ok
16:22:48.0182 1380  [ 0A64168B63535520ADFD6B959695404A ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
16:22:48.0196 1380  msisadrv - ok
16:22:48.0237 1380  [ 8ACF956D9154E893E789881430C12632 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
16:22:48.0332 1380  MSiSCSI - ok
16:22:48.0337 1380  msiserver - ok
16:22:48.0398 1380  [ 892CEDEFA7E0FFE7BE8DA651B651D047 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
16:22:48.0464 1380  MSKSSRV - ok
16:22:48.0480 1380  [ AE2CB1DA69B2676B4CEE2A501AF5871C ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
16:22:48.0539 1380  MSPCLOCK - ok
16:22:48.0554 1380  [ F910DA84FA90C44A3ADDB7CD874463FD ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
16:22:48.0607 1380  MSPQM - ok
16:22:48.0637 1380  [ 84571C0AE07647BA38D493F5F0015DF7 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
16:22:48.0649 1380  MsRPC - ok
16:22:48.0686 1380  [ E09CEDB1BCA303B7F6AE22F512E56969 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
16:22:48.0697 1380  mssmbios - ok
16:22:48.0714 1380  [ C826DD1373F38AFD9CA46EC3C436A14E ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
16:22:48.0776 1380  MSTEE - ok
16:22:48.0795 1380  [ FA7AA70050CF5E2D15DE00941E5665E5 ] Mup             C:\Windows\system32\Drivers\mup.sys
16:22:48.0805 1380  Mup - ok
16:22:48.0837 1380  [ 1CDBB5D002FE2BC5300AA20550D8A52E ] napagent        C:\Windows\system32\qagentRT.dll
16:22:48.0897 1380  napagent - ok
16:22:48.0942 1380  [ BE8C26E61BE5C5A49A6BABD17AEED1B7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
16:22:48.0964 1380  NativeWifiP - ok
16:22:49.0025 1380  [ 6E8DFFACE597629CEF5DF7D69217628F ] NDIS            C:\Windows\system32\drivers\ndis.sys
16:22:49.0047 1380  NDIS - ok
16:22:49.0072 1380  [ 81659CDCBD0F9A9E07E6878AD8C78D3F ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
16:22:49.0090 1380  NdisTapi - ok
16:22:49.0107 1380  [ 5DE5EE546BF40838EBE0E01CB629DF64 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
16:22:49.0185 1380  Ndisuio - ok
16:22:49.0210 1380  [ 397402ADCBB8946223A1950101F6CD94 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
16:22:49.0278 1380  NdisWan - ok
16:22:49.0290 1380  [ 1B24FA907AF283199A81B3BB37E5E526 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
16:22:49.0315 1380  NDProxy - ok
16:22:49.0360 1380  [ 949941E4DE88DF1FAF49A4B3CFFB756F ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
16:22:49.0379 1380  Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
16:22:49.0380 1380  Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
16:22:49.0385 1380  [ 356DBB9F98E8DC1028DD3092FCEEB877 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
16:22:49.0438 1380  NetBIOS - ok
16:22:49.0461 1380  [ 231F6CCFDB7A604221F18FB0852C8560 ] netbt           C:\Windows\system32\DRIVERS\netbt.sys
16:22:49.0478 1380  netbt - ok
16:22:49.0485 1380  [ D09A5DA84B7C9CA9B02EBCD7FAE41C8D ] Netlogon        C:\Windows\system32\lsass.exe
16:22:49.0501 1380  Netlogon - ok
16:22:49.0544 1380  [ 90A4DAE28B94497F83BEA0F2A3B77092 ] Netman          C:\Windows\System32\netman.dll
16:22:49.0621 1380  Netman - ok
16:22:49.0663 1380  [ 7C5C3D9CEEE838856B828AB6F98A2857 ] netprofm        C:\Windows\System32\netprofm.dll
16:22:49.0734 1380  netprofm - ok
16:22:49.0791 1380  [ 0AD5876EF4E9EB77C8F93EB5B2FFF386 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
16:22:49.0802 1380  NetTcpPortSharing - ok
16:22:49.0880 1380  [ A15F219208843A5A210C8CB391384453 ] NETw3v32        C:\Windows\system32\DRIVERS\NETw3v32.sys
16:22:50.0001 1380  NETw3v32 - ok
         

Alt 24.09.2012, 21:06   #20
dibbel91
 
Avast blockiert URL bei Google Chrome - Standard

Avast blockiert URL bei Google Chrome



Code:
ATTFilter
 16:22:50.0106 1380  [ 1D73499A6664B4DA05D750FF83FDB274 ] NETw4v32        C:\Windows\system32\DRIVERS\NETw4v32.sys
16:22:50.0218 1380  NETw4v32 - ok
16:22:50.0243 1380  [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
16:22:50.0257 1380  nfrd960 - ok
16:22:50.0291 1380  [ C424117A562F2DE37A42266894C79AEB ] NlaSvc          C:\Windows\System32\nlasvc.dll
16:22:50.0348 1380  NlaSvc - ok
16:22:50.0423 1380  [ 7B273501C59D52978B761F82BEBADB06 ] NMIndexingService C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
16:22:50.0435 1380  NMIndexingService - ok
16:22:50.0448 1380  [ 4F9832BEB9FAFD8CEB0E541F1323B26E ] Npfs            C:\Windows\system32\drivers\Npfs.sys
16:22:50.0510 1380  Npfs - ok
16:22:50.0530 1380  [ 23B8201A363DE0E649FC75EE9874DEE2 ] nsi             C:\Windows\system32\nsisvc.dll
16:22:50.0586 1380  nsi - ok
16:22:50.0603 1380  [ B488DFEC274DE1FC9D653870EF2587BE ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
16:22:50.0659 1380  nsiproxy - ok
16:22:50.0737 1380  [ F08824715CA6076F5E73E005AB83B9C8 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
16:22:50.0801 1380  Ntfs - ok
16:22:50.0840 1380  [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi       C:\Windows\system32\drivers\ntrigdigi.sys
16:22:50.0948 1380  ntrigdigi - ok
16:22:50.0978 1380  [ EC5EFB3C60F1B624648344A328BCE596 ] Null            C:\Windows\system32\drivers\Null.sys
16:22:51.0042 1380  Null - ok
16:22:51.0049 1380  [ E69E946F80C1C31C53003BFBF50CBB7C ] nvraid          C:\Windows\system32\drivers\nvraid.sys
16:22:51.0060 1380  nvraid - ok
16:22:51.0088 1380  [ ED399014A8029DE02BA5AE01DA8CC9EE ] nvrd32          C:\Windows\system32\drivers\nvrd32.sys
16:22:51.0099 1380  nvrd32 - ok
16:22:51.0113 1380  [ 9E0BA19A28C498A6D323D065DB76DFFC ] nvstor          C:\Windows\system32\drivers\nvstor.sys
16:22:51.0125 1380  nvstor - ok
16:22:51.0161 1380  [ 703E3A7093B0FAC0EEBADBB8E931ECAF ] nvstor32        C:\Windows\system32\drivers\nvstor32.sys
16:22:51.0170 1380  nvstor32 - ok
16:22:51.0199 1380  [ 925EB9E53ECA4473A2D156A02B7418E3 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
16:22:51.0212 1380  nv_agp - ok
16:22:51.0217 1380  NwlnkFlt - ok
16:22:51.0224 1380  NwlnkFwd - ok
16:22:51.0322 1380  [ 1F0E05DFF4F5A833168E49BE1256F002 ] odserv          C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
16:22:51.0347 1380  odserv - ok
16:22:51.0373 1380  [ BE32DA025A0BE1878F0EE8D6D9386CD5 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
16:22:51.0495 1380  ohci1394 - ok
16:22:51.0534 1380  [ 5A432A042DAE460ABE7199B758E8606C ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
16:22:51.0567 1380  ose - ok
16:22:51.0609 1380  [ 016D01D3B8FB976A193C7434BED8DCCF ] p2pimsvc        C:\Windows\system32\p2psvc.dll
16:22:51.0640 1380  p2pimsvc - ok
16:22:51.0664 1380  [ 016D01D3B8FB976A193C7434BED8DCCF ] p2psvc          C:\Windows\system32\p2psvc.dll
16:22:51.0694 1380  p2psvc - ok
16:22:51.0720 1380  [ 0FA9B5055484649D63C303FE404E5F4D ] Parport         C:\Windows\system32\drivers\parport.sys
16:22:51.0789 1380  Parport - ok
16:22:51.0873 1380  [ 555A5B2C8022983BC7467BC925B222EE ] partmgr         C:\Windows\system32\drivers\partmgr.sys
16:22:51.0884 1380  partmgr - ok
16:22:51.0927 1380  [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm          C:\Windows\system32\drivers\parvdm.sys
16:22:51.0981 1380  Parvdm - ok
16:22:52.0004 1380  [ D8C5C215C932233A4F1D7F368F4E4E65 ] PcaSvc          C:\Windows\System32\pcasvc.dll
16:22:52.0039 1380  PcaSvc - ok
16:22:52.0073 1380  [ A48C4D0ACC933F7A37E52AB0761811AD ] pci             C:\Windows\system32\drivers\pci.sys
16:22:52.0086 1380  pci - ok
16:22:52.0120 1380  [ 353968946BCB766F6C5C01717686B382 ] pciide          C:\Windows\system32\drivers\pciide.sys
16:22:52.0131 1380  pciide - ok
16:22:52.0174 1380  [ E6F3FB1B86AA519E7698AD05E58B04E5 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
16:22:52.0187 1380  pcmcia - ok
16:22:52.0234 1380  [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
16:22:52.0348 1380  PEAUTH - ok
16:22:52.0431 1380  [ CD05A38D166BEADE18030BAFC0C0A939 ] pla             C:\Windows\system32\pla.dll
16:22:52.0575 1380  pla - ok
16:22:52.0607 1380  [ 747BB4C31F3B6E8D1B5ED0AD61518CB5 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
16:22:52.0629 1380  PlugPlay - ok
16:22:52.0666 1380  [ 2F4CA141A609CAF5C98F6E4760EF1B9B ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
16:22:52.0674 1380  Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
16:22:52.0674 1380  Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
16:22:52.0710 1380  [ 016D01D3B8FB976A193C7434BED8DCCF ] PNRPAutoReg     C:\Windows\system32\p2psvc.dll
16:22:52.0740 1380  PNRPAutoReg - ok
16:22:52.0800 1380  [ 016D01D3B8FB976A193C7434BED8DCCF ] PNRPsvc         C:\Windows\system32\p2psvc.dll
16:22:52.0837 1380  PNRPsvc - ok
16:22:52.0863 1380  [ 5EBDEC613BD377CE9A85382BE5C6B83B ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
16:22:52.0920 1380  PolicyAgent - ok
16:22:52.0961 1380  [ C04DEC5ACE67C5247B150C4223970BB7 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
16:22:52.0994 1380  PptpMiniport - ok
16:22:53.0022 1380  [ 0E3CEF5D28B40CF273281D620C50700A ] Processor       C:\Windows\system32\drivers\processr.sys
16:22:53.0112 1380  Processor - ok
16:22:53.0148 1380  [ 8B8E8F4734C5C576E3B910DB73756CF1 ] ProfSvc         C:\Windows\system32\profsvc.dll
16:22:53.0183 1380  ProfSvc - ok
16:22:53.0201 1380  [ D09A5DA84B7C9CA9B02EBCD7FAE41C8D ] ProtectedStorage C:\Windows\system32\lsass.exe
16:22:53.0218 1380  ProtectedStorage - ok
16:22:53.0229 1380  [ 2C8BAE55247C4E09352E870292E4D1AB ] PSched          C:\Windows\system32\DRIVERS\pacer.sys
16:22:53.0243 1380  PSched - ok
16:22:53.0253 1380  [ D86B4A68565E444D76457F14172C875A ] PxHelp20        C:\Windows\system32\Drivers\PxHelp20.sys
16:22:53.0262 1380  PxHelp20 - ok
16:22:53.0298 1380  [ CCDAC889326317792480C0A67156A1EC ] ql2300          C:\Windows\system32\drivers\ql2300.sys
16:22:53.0343 1380  ql2300 - ok
16:22:53.0364 1380  [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
16:22:53.0376 1380  ql40xx - ok
16:22:53.0398 1380  [ CA61BDFD3713A7CE75F2812AFC431594 ] QWAVE           C:\Windows\system32\qwave.dll
16:22:53.0430 1380  QWAVE - ok
16:22:53.0443 1380  [ D2B3E2B7426DC23E185FBC73C8936C12 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
16:22:53.0469 1380  QWAVEdrv - ok
16:22:53.0488 1380  [ BD7B30F55B3649506DD8B3D38F571D2A ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
16:22:53.0541 1380  RasAcd - ok
16:22:53.0555 1380  [ F14F4AAB9F54D099FE99192BDB100AC9 ] RasAuto         C:\Windows\System32\rasauto.dll
16:22:53.0627 1380  RasAuto - ok
16:22:53.0646 1380  [ 68B0019FEE429EC49D29017AF937E482 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
16:22:53.0690 1380  Rasl2tp - ok
16:22:53.0715 1380  [ 6A43A313B384CA0B1ACCBA47EE504764 ] RasMan          C:\Windows\System32\rasmans.dll
16:22:53.0735 1380  RasMan - ok
16:22:53.0749 1380  [ CCF4E9C6CBBAC81437F88CB2AE0B6C96 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
16:22:53.0803 1380  RasPppoe - ok
16:22:53.0828 1380  [ 54129C5D9581BBEC8BD1EBD3BA813F47 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
16:22:53.0884 1380  rdbss - ok
16:22:53.0897 1380  [ 794585276B5D7FCA9F3FC15543F9F0B9 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
16:22:53.0952 1380  RDPCDD - ok
16:22:53.0981 1380  [ 87EE019FE9FBFF071D76CCF9EC794646 ] rdpdr           C:\Windows\system32\drivers\rdpdr.sys
16:22:54.0013 1380  rdpdr - ok
16:22:54.0018 1380  [ 980B56E2E273E19D3A9D72D5C420F008 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
16:22:54.0070 1380  RDPENCDD - ok
16:22:54.0094 1380  [ E2AFAC98FC6CA2AD2D09F2DE1BC71AD9 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
16:22:54.0122 1380  RDPWD - ok
16:22:54.0140 1380  [ 6C1A43C589EE8011A1EBFD51C01B77CE ] RemoteAccess    C:\Windows\System32\mprdim.dll
16:22:54.0195 1380  RemoteAccess - ok
16:22:54.0226 1380  [ 9A043808667C8C1893DA7275AF373F0E ] RemoteRegistry  C:\Windows\system32\regsvc.dll
16:22:54.0283 1380  RemoteRegistry - ok
16:22:54.0346 1380  [ C1C132455200AD4704142442C89D0FA4 ] RichVideo       C:\Program Files\CyberLink\Shared Files\RichVideo.exe
16:22:54.0354 1380  RichVideo ( UnsignedFile.Multi.Generic ) - warning
16:22:54.0354 1380  RichVideo - detected UnsignedFile.Multi.Generic (1)
16:22:54.0382 1380  [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator      C:\Windows\system32\locator.exe
16:22:54.0414 1380  RpcLocator - ok
16:22:54.0442 1380  [ B1BB45E24717A7F790B4411C4446EF5E ] RpcSs           C:\Windows\system32\rpcss.dll
16:22:54.0471 1380  RpcSs - ok
16:22:54.0509 1380  [ 97E939D2128FEC5D5A3E6E79B290A2F4 ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
16:22:54.0564 1380  rspndr - ok
16:22:54.0604 1380  [ 904FD29EC1FF2709099AE2CD1C09A913 ] RTL8169         C:\Windows\system32\DRIVERS\Rtlh86.sys
16:22:54.0643 1380  RTL8169 - ok
16:22:54.0659 1380  [ D09A5DA84B7C9CA9B02EBCD7FAE41C8D ] SamSs           C:\Windows\system32\lsass.exe
16:22:54.0677 1380  SamSs - ok
16:22:54.0698 1380  [ 3CE8F073A557E172B330109436984E30 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
16:22:54.0710 1380  sbp2port - ok
16:22:54.0763 1380  [ 565B4B9E5AD2F2F18A4F8AAFA6C06BBB ] SCardSvr        C:\Windows\System32\SCardSvr.dll
16:22:54.0840 1380  SCardSvr - ok
16:22:54.0873 1380  [ BF17DA9F25A4F84C2577AC13EE126CB7 ] Schedule        C:\Windows\system32\schedsvc.dll
16:22:54.0904 1380  Schedule - ok
16:22:54.0921 1380  [ 0600E04315FE543802A379D5D23C8BE0 ] SCPolicySvc     C:\Windows\System32\certprop.dll
16:22:54.0976 1380  SCPolicySvc - ok
16:22:54.0983 1380  [ F7B6BF02240D0A764ADF8C8966735552 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
16:22:55.0001 1380  SDRSVC - ok
16:22:55.0025 1380  [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
16:22:55.0096 1380  secdrv - ok
16:22:55.0122 1380  [ 8388C4133DDBE62AD7BC3EC9F14271ED ] seclogon        C:\Windows\system32\seclogon.dll
16:22:55.0185 1380  seclogon - ok
16:22:55.0196 1380  [ 34350AE2C1D33D21C7305F861BD8DAD8 ] SENS            C:\Windows\System32\sens.dll
16:22:55.0267 1380  SENS - ok
16:22:55.0283 1380  [ 68E44E331D46F0FB38F0863A84CD1A31 ] Serenum         C:\Windows\system32\drivers\serenum.sys
16:22:55.0349 1380  Serenum - ok
16:22:55.0376 1380  [ C70D69A918B178D3C3B06339B40C2E1B ] Serial          C:\Windows\system32\drivers\serial.sys
16:22:55.0431 1380  Serial - ok
16:22:55.0447 1380  [ 2BAF2ABC0DA0D50EBE8289C720977052 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
16:22:55.0478 1380  sermouse - ok
16:22:55.0506 1380  [ 78878235DA4DF0D116E86837A0A21DF8 ] SessionEnv      C:\Windows\system32\sessenv.dll
16:22:55.0571 1380  SessionEnv - ok
16:22:55.0577 1380  [ 55B145D4248012D306DA8E92FA9FDC20 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
16:22:55.0591 1380  sffdisk - ok
16:22:55.0599 1380  [ B86DFCD55294A0495571A27B861E6EF3 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
16:22:55.0618 1380  sffp_mmc - ok
16:22:55.0631 1380  [ 5B327B59FAE2B01C34690D91ED03786E ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
16:22:55.0652 1380  sffp_sd - ok
16:22:55.0659 1380  [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
16:22:55.0713 1380  sfloppy - ok
16:22:55.0749 1380  [ 9A82BF4C90B00A63150A606A1E2FD82B ] SharedAccess    C:\Windows\System32\ipnathlp.dll
16:22:55.0768 1380  SharedAccess - ok
16:22:55.0820 1380  [ B264DFA21677728613267FE63802B332 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
16:22:55.0861 1380  ShellHWDetection - ok
16:22:55.0891 1380  [ E5773C4CFF310D00A59DB01EF4074135 ] sisagp          C:\Windows\system32\drivers\sisagp.sys
16:22:55.0902 1380  sisagp - ok
16:22:55.0922 1380  [ CEDD6F4E7D84E9F98B34B3FE988373AA ] SiSRaid2        C:\Windows\system32\drivers\sisraid2.sys
16:22:55.0932 1380  SiSRaid2 - ok
16:22:55.0959 1380  [ DF843C528C4F69D12CE41CE462E973A7 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
16:22:55.0970 1380  SiSRaid4 - ok
16:22:56.0035 1380  [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate     C:\Program Files\Skype\Updater\Updater.exe
16:22:56.0045 1380  SkypeUpdate - ok
16:22:56.0141 1380  [ A1DCD30534835CB67733AD00175125A6 ] slsvc           C:\Windows\system32\SLsvc.exe
16:22:56.0269 1380  slsvc - ok
16:22:56.0299 1380  [ 56DA296E7B376A727E7BDC5AC7FBEE02 ] SLUINotify      C:\Windows\system32\SLUINotify.dll
16:22:56.0317 1380  SLUINotify - ok
16:22:56.0326 1380  [ 46BAF398809A0F3B2D3300A1760E4B91 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
16:22:56.0351 1380  Smb - ok
16:22:56.0397 1380  [ C8A58FC905C9184FA70E37F71060C64D ] smserial        C:\Windows\system32\DRIVERS\smserial.sys
16:22:56.0505 1380  smserial - ok
16:22:56.0521 1380  [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
16:22:56.0557 1380  SNMPTRAP - ok
16:22:56.0579 1380  [ 426F9B029AA9162CECCF65369457D046 ] spldr           C:\Windows\system32\drivers\spldr.sys
16:22:56.0589 1380  spldr - ok
16:22:56.0613 1380  [ DA612EF2556776DF2630B68BF2D48935 ] Spooler         C:\Windows\System32\spoolsv.exe
16:22:56.0633 1380  Spooler - ok
16:22:56.0664 1380  [ 081BE0D7A95AF38D2AA238AFCFC103AA ] srv             C:\Windows\system32\DRIVERS\srv.sys
16:22:56.0712 1380  srv - ok
16:22:56.0769 1380  [ 6971A757AF8CB5E2CBCBB76CC530DB6C ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
16:22:56.0800 1380  srv2 - ok
16:22:56.0808 1380  [ 3D2CA9F958FB6E28447DA61F65B9DEBA ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
16:22:56.0837 1380  srvnet - ok
16:22:56.0857 1380  [ 8D3E4BAFF8B3997138C38EB1B600519A ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
16:22:56.0916 1380  SSDPSRV - ok
16:22:56.0974 1380  [ DF5C19F053EFF7F8BA25D73AEA899656 ] ssm_bus         C:\Windows\system32\DRIVERS\ssm_bus.sys
16:22:57.0003 1380  ssm_bus - ok
16:22:57.0031 1380  [ 7A95B5DEB594616F1693486B8161411E ] StillCam        C:\Windows\system32\DRIVERS\serscan.sys
16:22:57.0083 1380  StillCam - ok
16:22:57.0129 1380  [ A941E099EF46E3CC12F898CBE1C39910 ] stisvc          C:\Windows\System32\wiaservc.dll
16:22:57.0159 1380  stisvc - ok
16:22:57.0187 1380  [ 9C539AAFFB0B6D7BCE984C74317FF29F ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
16:22:57.0201 1380  swenum - ok
16:22:57.0214 1380  [ 749ADA8D6C18A08ADFEDE69CBF5DB2E0 ] swprv           C:\Windows\System32\swprv.dll
16:22:57.0303 1380  swprv - ok
16:22:57.0329 1380  [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx         C:\Windows\system32\drivers\symc8xx.sys
16:22:57.0343 1380  Symc8xx - ok
16:22:57.0377 1380  [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi          C:\Windows\system32\drivers\sym_hi.sys
16:22:57.0391 1380  Sym_hi - ok
16:22:57.0417 1380  [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3          C:\Windows\system32\drivers\sym_u3.sys
16:22:57.0431 1380  Sym_u3 - ok
16:22:57.0461 1380  [ 8F2B5FEDE18BD3C4C926CBF88E6F1264 ] SysMain         C:\Windows\system32\sysmain.dll
16:22:57.0496 1380  SysMain - ok
16:22:57.0521 1380  [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll
16:22:57.0559 1380  TabletInputService - ok
16:22:57.0583 1380  [ 9C574F1879936F5761F5322A5962E4F1 ] TapiSrv         C:\Windows\System32\tapisrv.dll
16:22:57.0611 1380  TapiSrv - ok
16:22:57.0635 1380  [ 68FA52794AE9ACC61BDE16FE0956B414 ] TBS             C:\Windows\System32\tbssvc.dll
16:22:57.0701 1380  TBS - ok
16:22:57.0748 1380  [ 2C1F7005AA3B62721BFDB307BD5F5010 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
16:22:57.0779 1380  Tcpip - ok
16:22:57.0825 1380  [ 2C1F7005AA3B62721BFDB307BD5F5010 ] Tcpip6          C:\Windows\system32\DRIVERS\tcpip.sys
16:22:57.0857 1380  Tcpip6 - ok
16:22:57.0889 1380  [ 5CE0C4A7B12D0067DAD527D72B68C726 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
16:22:57.0949 1380  tcpipreg - ok
16:22:57.0976 1380  [ 964248AEF49C31FA6A93201A73FFAF50 ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
16:22:58.0029 1380  TDPIPE - ok
16:22:58.0055 1380  [ 7D2C1AE1648A60FCE4AA0F7982E419D3 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
16:22:58.0121 1380  TDTCP - ok
16:22:58.0143 1380  [ 7973F7239486800CD79E4FDBAB6A07DF ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
16:22:58.0157 1380  tdx - ok
16:22:58.0275 1380  [ 0835A6C3C951A440AD03FB3DAB953D16 ] TeamViewer6     C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe
16:22:58.0382 1380  TeamViewer6 - ok
16:22:58.0412 1380  [ CFE870506361BAC80A549749116AD870 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
16:22:58.0427 1380  TermDD - ok
16:22:58.0469 1380  [ FAD71C1E8E4047B154E899AE31EB8CAA ] TermService     C:\Windows\System32\termsrv.dll
16:22:58.0535 1380  TermService - ok
16:22:58.0595 1380  [ 8C80A73A5D77B2208CA91E4FA269981D ] TestHandler     C:\firststeps\OnlineDiagnostic\TestManager\TestHandler.exe
16:22:58.0603 1380  TestHandler ( UnsignedFile.Multi.Generic ) - warning
16:22:58.0603 1380  TestHandler - detected UnsignedFile.Multi.Generic (1)
16:22:58.0625 1380  [ B264DFA21677728613267FE63802B332 ] Themes          C:\Windows\system32\shsvcs.dll
16:22:58.0648 1380  Themes - ok
16:22:58.0664 1380  [ 9DFA3A459AF0954AA85B4F7622AD87BB ] THREADORDER     C:\Windows\system32\mmcss.dll
16:22:58.0739 1380  THREADORDER - ok
16:22:58.0764 1380  [ 6BBA0582C0025D43729A1112D3B57897 ] TrkWks          C:\Windows\System32\trkwks.dll
16:22:58.0858 1380  TrkWks - ok
16:22:58.0942 1380  [ 34E388A395FEDBA1D0511ED39BBF4074 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
16:22:58.0963 1380  TrustedInstaller - ok
16:22:58.0987 1380  [ 29F0ECA726F0D51F7E048BDB0B372F29 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
16:22:59.0040 1380  tssecsrv - ok
16:22:59.0099 1380  [ 82E6EBF3AA91C54B86F8A0C4A010BDBD ] TuneUp.Defrag   C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe
16:22:59.0118 1380  TuneUp.Defrag - ok
16:22:59.0192 1380  [ D9230F155742E47EC7AD87FBCB070665 ] TuneUp.UtilitiesSvc C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
16:22:59.0227 1380  TuneUp.UtilitiesSvc - ok
16:22:59.0254 1380  [ F2107C9D85EC0DF116939CCCE06AE697 ] TuneUpUtilitiesDrv C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys
16:22:59.0262 1380  TuneUpUtilitiesDrv - ok
16:22:59.0312 1380  [ 65E953BC0084D44498B51F59784D2A82 ] tunmp           C:\Windows\system32\DRIVERS\tunmp.sys
16:22:59.0331 1380  tunmp - ok
16:22:59.0339 1380  [ 4A39BDA5E0FD30BDF4884F9D33AE6105 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
16:22:59.0375 1380  tunnel - ok
16:22:59.0404 1380  [ C3ADE15414120033A36C0F293D4A4121 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
16:22:59.0418 1380  uagp35 - ok
16:22:59.0452 1380  [ DEEA398A92952CCC421BA5B39662CABE ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
16:22:59.0490 1380  udfs - ok
16:22:59.0524 1380  [ 24A333F4F14DCFB6FF6D5A1B9E5D79DD ] UI0Detect       C:\Windows\system32\UI0Detect.exe
16:22:59.0548 1380  UI0Detect - ok
16:22:59.0572 1380  [ 5895EF4D0F1424392EE6439250E25677 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
16:22:59.0584 1380  uliagpkx - ok
16:22:59.0605 1380  [ 3CD4EA35A6221B85DCC25DAA46313F8D ] uliahci         C:\Windows\system32\drivers\uliahci.sys
16:22:59.0619 1380  uliahci - ok
16:22:59.0645 1380  [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata          C:\Windows\system32\drivers\ulsata.sys
16:22:59.0656 1380  UlSata - ok
16:22:59.0676 1380  [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2         C:\Windows\system32\drivers\ulsata2.sys
16:22:59.0688 1380  ulsata2 - ok
16:22:59.0703 1380  [ DC8828971D997DE009647FCE59E0CE8F ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
16:22:59.0718 1380  umbus - ok
16:22:59.0741 1380  [ 8EB871A3DEB6B3D5A85EB6DDFC390B59 ] upnphost        C:\Windows\System32\upnphost.dll
16:22:59.0807 1380  upnphost - ok
16:22:59.0867 1380  [ 3F795D59734259A00D385FBD65191BF4 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
16:22:59.0901 1380  usbccgp - ok
16:22:59.0950 1380  [ E9476E6C486E76BC4898074768FB7131 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
16:23:00.0044 1380  usbcir - ok
16:23:00.0072 1380  [ 5555F6DF13A1A1C327D67E9DA7B99AEE ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
16:23:00.0091 1380  usbehci - ok
16:23:00.0134 1380  [ 8DABB8CB47E0736930CF6492AED361A6 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
16:23:00.0155 1380  usbhub - ok
16:23:00.0186 1380  [ 38DBC7DD6CC5A72011F187425384388B ] usbohci         C:\Windows\system32\drivers\usbohci.sys
16:23:00.0256 1380  usbohci - ok
16:23:00.0283 1380  [ B51E52ACF758BE00EF3A58EA452FE360 ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
16:23:00.0372 1380  usbprint - ok
16:23:00.0410 1380  [ B1F95285C08DDFE00C0B955462637EC7 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
16:23:00.0493 1380  usbscan - ok
16:23:00.0521 1380  [ 7887CE56934E7F104E98C975F47353C5 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
16:23:00.0540 1380  USBSTOR - ok
16:23:00.0574 1380  [ 718FDF0B0F16E1D3B992F95EADF1AF75 ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
16:23:00.0592 1380  usbuhci - ok
16:23:00.0629 1380  [ 9392A75BB21F22391C28274DBCAAD410 ] usbvideo        C:\Windows\system32\Drivers\usbvideo.sys
16:23:00.0670 1380  usbvideo - ok
16:23:00.0698 1380  [ EF1DB5ED65199A8A75D06F965DF25F32 ] UxSms           C:\Windows\System32\uxsms.dll
16:23:00.0723 1380  UxSms - ok
16:23:00.0751 1380  [ E3EA22C677D1F808D833862422D09702 ] UxTuneUp        C:\Windows\System32\uxtuneup.dll
16:23:00.0767 1380  UxTuneUp - ok
16:23:00.0791 1380  [ C9D0BAFEE0D0A2681F048CA61BC0DA96 ] vds             C:\Windows\System32\vds.exe
16:23:00.0849 1380  vds - ok
16:23:00.0901 1380  [ 7D92BE0028ECDEDEC74617009084B5EF ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
16:23:00.0973 1380  vga - ok
16:23:00.0998 1380  [ 17A8F877314E4067F8C8172CC6D9101C ] VgaSave         C:\Windows\System32\drivers\vga.sys
16:23:01.0069 1380  VgaSave - ok
16:23:01.0105 1380  [ 66E64D5CBEB047C90E65F0962483A5B2 ] viaagp          C:\Windows\system32\drivers\viaagp.sys
16:23:01.0121 1380  viaagp - ok
16:23:01.0146 1380  [ 56A4DE5F02F2E88182B0981119B4DD98 ] ViaC7           C:\Windows\system32\drivers\viac7.sys
16:23:01.0209 1380  ViaC7 - ok
16:23:01.0228 1380  [ 7100B56688C5D6D7695D18FD001F0CD6 ] viaide          C:\Windows\system32\drivers\viaide.sys
16:23:01.0239 1380  viaide - ok
16:23:01.0277 1380  [ 7DC3E1DC6E4F8BE381C31BFEA578412A ] viamraid        C:\Windows\system32\drivers\viamraid.sys
16:23:01.0290 1380  viamraid - ok
16:23:01.0309 1380  [ CC8A64A532FD2844EE68F4061ED8A7FD ] volmgr          C:\Windows\system32\drivers\volmgr.sys
16:23:01.0320 1380  volmgr - ok
16:23:01.0330 1380  [ 294DA8D3F965F6A8DB934A83C7B461FF ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
16:23:01.0346 1380  volmgrx - ok
16:23:01.0364 1380  [ 11EF6C1CAEF76B685233450A126125D6 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
16:23:01.0378 1380  volsnap - ok
16:23:01.0389 1380  [ D984439746D42B30FC65A4C3546C6829 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
16:23:01.0401 1380  vsmraid - ok
16:23:01.0454 1380  [ E0E29D9EF2524ABD11749C7C2FD7F607 ] VSS             C:\Windows\system32\vssvc.exe
16:23:01.0520 1380  VSS - ok
16:23:01.0551 1380  [ 62B0D0F6F5580D9D0DFA5E0B466FF2ED ] W32Time         C:\Windows\system32\w32time.dll
16:23:01.0612 1380  W32Time - ok
16:23:01.0635 1380  [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
16:23:01.0705 1380  WacomPen - ok
16:23:01.0726 1380  [ 6798C1209A53B5A0DED8D437C45145FF ] Wanarp          C:\Windows\system32\DRIVERS\wanarp.sys
16:23:01.0740 1380  Wanarp - ok
16:23:01.0746 1380  [ 6798C1209A53B5A0DED8D437C45145FF ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
16:23:01.0760 1380  Wanarpv6 - ok
16:23:01.0785 1380  [ C1B19162E0509CEAB4CDF664E139D956 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
16:23:01.0817 1380  wcncsvc - ok
16:23:01.0834 1380  [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
16:23:01.0892 1380  WcsPlugInService - ok
16:23:01.0907 1380  [ AFC5AD65B991C1E205CF25CFDBF7A6F4 ] Wd              C:\Windows\system32\drivers\wd.sys
16:23:01.0917 1380  Wd - ok
16:23:01.0971 1380  [ 7B5F66E4A2219C7D9DAF9E738480E534 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
16:23:01.0994 1380  Wdf01000 - ok
16:23:02.0033 1380  [ 2A424B89B14EF17A3D06BCB5A8F79601 ] WdiServiceHost  C:\Windows\system32\wdi.dll
16:23:02.0054 1380  WdiServiceHost - ok
16:23:02.0059 1380  [ 2A424B89B14EF17A3D06BCB5A8F79601 ] WdiSystemHost   C:\Windows\system32\wdi.dll
16:23:02.0082 1380  WdiSystemHost - ok
16:23:02.0110 1380  [ E6D41C3809FEE6473090F3200DF95680 ] WebClient       C:\Windows\System32\webclnt.dll
16:23:02.0131 1380  WebClient - ok
16:23:02.0147 1380  [ 9CF67FF7F8D34CBF115D0C278B9F74AA ] Wecsvc          C:\Windows\system32\wecsvc.dll
16:23:02.0206 1380  Wecsvc - ok
16:23:02.0225 1380  [ B68CAB45DB1DAB59D92ACADFAD6364A8 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
16:23:02.0297 1380  wercplsupport - ok
16:23:02.0313 1380  [ 36BA0707680EF4236FD752BEE982CC25 ] WerSvc          C:\Windows\System32\WerSvc.dll
16:23:02.0384 1380  WerSvc - ok
16:23:02.0437 1380  [ 0D5AD0E71FF5DDAC5DD2F443B499ABD0 ] WinDefend       C:\Program Files\Windows Defender\mpsvc.dll
16:23:02.0453 1380  WinDefend - ok
16:23:02.0462 1380  WinHttpAutoProxySvc - ok
16:23:02.0503 1380  [ 38A7B89DE4E3417C122317949667FDD8 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
16:23:02.0566 1380  Winmgmt - ok
16:23:02.0594 1380  [ 3F6823040030C3E4DA1CF11CD40B7534 ] WinRM           C:\Windows\system32\WsmSvc.dll
16:23:02.0682 1380  WinRM - ok
16:23:02.0732 1380  [ B410476A00961BF3FC368A346D8EA6A7 ] Wlansvc         C:\Windows\System32\wlansvc.dll
16:23:02.0770 1380  Wlansvc - ok
16:23:02.0811 1380  [ 17EAC0D023A65FA9B02114CC2BAACAD5 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
16:23:02.0848 1380  WmiAcpi - ok
16:23:02.0861 1380  [ A279323BEE5FFFAFDA222910BCE92132 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
16:23:02.0882 1380  wmiApSrv - ok
16:23:02.0960 1380  [ ACB2E63D50157E3EA7140F29D9E76A48 ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
16:23:03.0049 1380  WMPNetworkSvc - ok
16:23:03.0088 1380  [ 3D3B3B80C12ABE506F56930C46422C28 ] WPCSvc          C:\Windows\System32\wpcsvc.dll
16:23:03.0163 1380  WPCSvc - ok
16:23:03.0184 1380  [ C24844A1D0D9528B19D5BC266B8CD572 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
16:23:03.0212 1380  WPDBusEnum - ok
16:23:03.0259 1380  [ 2D27171B16A577EF14C1273668753485 ] WpdUsb          C:\Windows\system32\DRIVERS\wpdusb.sys
16:23:03.0313 1380  WpdUsb - ok
16:23:03.0340 1380  [ 84620AECDCFD2A7A14E6263927D8C0ED ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
16:23:03.0394 1380  ws2ifsl - ok
16:23:03.0418 1380  [ F97CBB919AF6D0A6643D1A59C15014D1 ] wscsvc          C:\Windows\System32\wscsvc.dll
16:23:03.0455 1380  wscsvc - ok
16:23:03.0461 1380  WSearch - ok
16:23:03.0542 1380  [ 6298277B73C77FA99106B271A7525163 ] wuauserv        C:\Windows\system32\wuaueng.dll
16:23:03.0663 1380  wuauserv - ok
16:23:03.0686 1380  [ EE0974D4042DA9CF4C569AC4ECA8C9C0 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
16:23:03.0718 1380  WUDFRd - ok
16:23:03.0739 1380  [ BCBF4873ECC317A6FC950E36383FC082 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
16:23:03.0782 1380  wudfsvc - ok
16:23:03.0799 1380  ZTEusbmdm6k - ok
16:23:03.0831 1380  ZTEusbnmea - ok
16:23:03.0844 1380  ZTEusbser6k - ok
16:23:03.0864 1380  ================ Scan global ===============================
16:23:03.0888 1380  [ 8CD98A8EC9CADAF4E051CDCAC15C96C4 ] C:\Windows\system32\basesrv.dll
16:23:03.0908 1380  [ E3F137ADC0A9D7F3A2E4F557272FE6B3 ] C:\Windows\system32\winsrv.dll
16:23:03.0942 1380  [ E3F137ADC0A9D7F3A2E4F557272FE6B3 ] C:\Windows\system32\winsrv.dll
16:23:03.0985 1380  [ 329CF3C97CE4C19375C8ABCABAE258B0 ] C:\Windows\system32\services.exe
16:23:03.0991 1380  [Global] - ok
16:23:03.0992 1380  ================ Scan MBR ==================================
16:23:04.0012 1380  [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
16:23:04.0623 1380  \Device\Harddisk0\DR0 - ok
16:23:04.0624 1380  ================ Scan VBR ==================================
16:23:04.0627 1380  [ 53111F4321985347925FED138DF74E93 ] \Device\Harddisk0\DR0\Partition1
16:23:04.0629 1380  \Device\Harddisk0\DR0\Partition1 - ok
16:23:04.0656 1380  [ AF75E230717B96EFE6AC65236F47CE46 ] \Device\Harddisk0\DR0\Partition2
16:23:04.0658 1380  \Device\Harddisk0\DR0\Partition2 - ok
16:23:04.0658 1380  ============================================================
16:23:04.0658 1380  Scan finished
16:23:04.0658 1380  ============================================================
16:23:04.0670 2240  Detected object count: 9
16:23:04.0670 2240  Actual detected object count: 9
16:23:34.0731 2240  FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - skipped by user
16:23:34.0731 2240  FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - User select action: Skip 
16:23:34.0735 2240  FSCLBaseUpdaterService ( UnsignedFile.Multi.Generic ) - skipped by user
16:23:34.0735 2240  FSCLBaseUpdaterService ( UnsignedFile.Multi.Generic ) - User select action: Skip 
16:23:34.0738 2240  hpqcxs08 ( UnsignedFile.Multi.Generic ) - skipped by user
16:23:34.0738 2240  hpqcxs08 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
16:23:34.0741 2240  hpqddsvc ( UnsignedFile.Multi.Generic ) - skipped by user
16:23:34.0741 2240  hpqddsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
16:23:34.0744 2240  HPSLPSVC ( UnsignedFile.Multi.Generic ) - skipped by user
16:23:34.0744 2240  HPSLPSVC ( UnsignedFile.Multi.Generic ) - User select action: Skip 
16:23:34.0747 2240  Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
16:23:34.0747 2240  Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
16:23:34.0751 2240  Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
16:23:34.0751 2240  Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
16:23:34.0754 2240  RichVideo ( UnsignedFile.Multi.Generic ) - skipped by user
16:23:34.0754 2240  RichVideo ( UnsignedFile.Multi.Generic ) - User select action: Skip 
16:23:34.0755 2240  TestHandler ( UnsignedFile.Multi.Generic ) - skipped by user
16:23:34.0755 2240  TestHandler ( UnsignedFile.Multi.Generic ) - User select action: Skip
         


Alt 25.09.2012, 10:54   #21
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Avast blockiert URL bei Google Chrome - Standard

Avast blockiert URL bei Google Chrome



Dann bitte jetzt CF ausführen:

ComboFix

Ein Leitfaden und Tutorium zur Nutzung von ComboFix
  • Schliesse alle Programme, vor allem dein Antivirenprogramm und andere Hintergrundwächter sowie deinen Internetbrowser.
  • Starte combofix.exe von deinem Desktop aus, bestätige die Warnmeldungen, führe die Updates durch (falls vorgeschlagen), installiere die Wiederherstellungskonsole (falls vorgeschlagen) und lass dein System durchsuchen.
    Vermeide es auch während Combofix läuft die Maus und Tastatur zu benutzen.
  • Im Anschluss öffnet sich automatisch eine combofix.txt, diesen Inhalt bitte kopieren ([Strg]a, [Strg]c) und in deinen Beitrag einfügen ([Strg]v). Die Datei findest du außerdem unter: C:\ComboFix.txt.
Wichtiger Hinweis:
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat!

Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich ziehen und eine Bereinigung der Infektion noch erschweren.

Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie

Zitat:
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
startest du Windows dann manuell neu und die Fehlermeldungen sollten nicht mehr auftauchen.
__________________
--> Avast blockiert URL bei Google Chrome

Alt 25.09.2012, 12:26   #22
dibbel91
 
Avast blockiert URL bei Google Chrome - Standard

Avast blockiert URL bei Google Chrome



Combofix Logfile:
Code:
ATTFilter
ComboFix 12-09-24.03 - Possehl 25.09.2012  13:08:16.1.2 - x86
Microsoft® Windows Vista™ Home Premium   6.0.6000.0.1252.49.1031.18.2046.1107 [GMT 2:00]
ausgeführt von:: c:\users\Possehl\Downloads\ComboFix.exe
 * Neuer Wiederherstellungspunkt wurde erstellt
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\prefs.js
c:\program files\Incredibar.com
c:\program files\Incredibar.com\incredibar\1.5.3.27\bh\incredibar.dll
c:\program files\Incredibar.com\incredibar\1.5.3.27\incredibar.crx
c:\program files\Incredibar.com\incredibar\1.5.3.27\incredibarApp.dll
c:\program files\Incredibar.com\incredibar\1.5.3.27\incredibarEng.dll
c:\program files\Incredibar.com\incredibar\1.5.3.27\incredibarsrv.exe
c:\program files\Incredibar.com\incredibar\1.5.3.27\incredibarTlbr.dll
c:\program files\Incredibar.com\incredibar\1.5.3.27\uninstall.exe
c:\programdata\100
c:\programdata\ntuser.dat
c:\windows\system32\DEBUG.log
.
.
(((((((((((((((((((((((   Dateien erstellt von 2012-08-25 bis 2012-09-25  ))))))))))))))))))))))))))))))
.
.
2012-09-25 11:17 . 2012-09-25 11:18	--------	d-----w-	c:\users\Possehl\AppData\Local\temp
2012-09-25 11:17 . 2012-09-25 11:17	--------	d-----w-	c:\users\Default\AppData\Local\temp
2012-09-23 20:47 . 2012-09-23 20:47	--------	d-----w-	C:\_OTL
2012-09-19 22:13 . 2012-09-19 22:13	--------	d-----w-	c:\program files\ESET
2012-09-17 23:18 . 2012-09-17 23:18	73696	----a-w-	c:\program files\Mozilla Firefox\breakpadinjector.dll
2012-09-17 21:28 . 2012-09-17 21:28	--------	d-----w-	c:\users\Possehl\AppData\Roaming\Malwarebytes
2012-09-17 21:28 . 2012-09-17 21:28	--------	d-----w-	c:\programdata\Malwarebytes
2012-09-17 21:28 . 2012-09-07 15:04	22856	----a-w-	c:\windows\system32\drivers\mbam.sys
2012-09-17 21:28 . 2012-09-17 21:28	--------	d-----w-	c:\program files\Malwarebytes' Anti-Malware
2012-09-17 18:34 . 2012-09-17 18:34	--------	d-----w-	c:\programdata\McAfee Security Scan
2012-09-17 18:33 . 2012-09-17 19:13	--------	d-----w-	c:\program files\McAfee Security Scan
2012-08-31 14:21 . 2012-08-31 14:21	--------	d-----w-	c:\program files\Common Files\Java
2012-08-31 14:21 . 2012-08-31 14:19	821736	----a-w-	c:\windows\system32\npDeployJava1.dll
2012-08-31 14:20 . 2012-08-31 14:20	93672	----a-w-	c:\windows\system32\WindowsAccessBridge.dll
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-09-17 18:33 . 2012-04-30 10:32	696520	----a-w-	c:\windows\system32\FlashPlayerApp.exe
2012-09-17 18:33 . 2011-08-02 14:29	73416	----a-w-	c:\windows\system32\FlashPlayerCPLApp.cpl
2012-08-31 14:19 . 2010-10-06 17:39	746984	----a-w-	c:\windows\system32\deployJava1.dll
2012-08-21 09:13 . 2011-05-17 13:41	729752	----a-w-	c:\windows\system32\drivers\aswSnx.sys
2012-08-21 09:13 . 2010-08-02 12:07	355632	----a-w-	c:\windows\system32\drivers\aswSP.sys
2012-08-21 09:13 . 2010-08-02 12:07	54232	----a-w-	c:\windows\system32\drivers\aswTdi.sys
2012-08-21 09:13 . 2010-08-02 12:07	35928	----a-w-	c:\windows\system32\drivers\aswRdr.sys
2012-08-21 09:13 . 2010-08-02 12:07	58680	----a-w-	c:\windows\system32\drivers\aswMonFlt.sys
2012-08-21 09:13 . 2010-08-02 12:07	21256	----a-w-	c:\windows\system32\drivers\aswFsBlk.sys
2012-08-21 09:12 . 2010-08-02 12:07	41224	----a-w-	c:\windows\avastSS.scr
2012-08-21 09:12 . 2010-08-02 12:07	227648	----a-w-	c:\windows\system32\aswBoot.exe
2012-09-17 23:18 . 2011-09-27 18:40	266720	----a-w-	c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-08-21 09:12	121528	----a-w-	c:\program files\Alwil Software\Avast5\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Facebook Update"="c:\users\Possehl\AppData\Local\Facebook\Update\FacebookUpdate.exe" [2012-08-26 138096]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2006-11-02 125440]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="RtHDVCpl.exe" [2007-04-10 4431872]
"NBAgent"="c:\program files\Nero\Nero BackItUp & Burn\Nero BackItUp\NBAgent.exe" [2010-06-08 1086760]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-20 59240]
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2008-3-25 214360]
McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\3.0.207\SSScheduler.exe [2011-6-17 272528]
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"fsc-reg"=c:\programdata\fsc-reg\fscreg.exe 20101230
"ehTray.exe"=c:\windows\ehome\ehTray.exe
"Skype"="c:\program files\Skype\\Phone\Skype.exe" /nosplash /minimized
"Sidebar"=c:\program files\Windows Sidebar\sidebar.exe /autoRun
"Google Update"="c:\users\Possehl\AppData\Local\Google\Update\GoogleUpdate.exe" /c
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"HP Software Update"=c:\program files\HP\HP Software Update\HPWuSchd2.exe
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe"
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
"NeroFilterCheck"=c:\program files\Common Files\Ahead\Lib\NeroCheck.exe
"recinfo409"=c:\recinfo\RecInfo.exe
"Windows Defender"=%ProgramFiles%\Windows Defender\MSASCui.exe -hide
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
.
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [x]
S2 AdobeActiveFileMonitor7.0;Adobe Active File Monitor V7;c:\program files\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe [x]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12	REG_MULTI_SZ   	Pml Driver HPZ12 Net Driver HPZ12
HPService	REG_MULTI_SZ   	HPSLPSVC
hpdevmgmt	REG_MULTI_SZ   	hpqcxs08 hpqddsvc
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost  - NetSvcs
UxTuneUp
.
Inhalt des "geplante Tasks" Ordners
.
2012-09-25 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-30 18:33]
.
2012-09-23 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-314716326-1652771346-1621271911-1000Core.job
- c:\users\Possehl\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-09-29 15:31]
.
2012-09-23 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-314716326-1652771346-1621271911-1000UA.job
- c:\users\Possehl\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-09-29 15:31]
.
2012-09-25 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-08-02 12:07]
.
2012-09-25 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-08-02 12:07]
.
2012-09-24 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-314716326-1652771346-1621271911-1000Core.job
- c:\users\Possehl\AppData\Local\Google\Update\GoogleUpdate.exe [2012-09-17 14:59]
.
2012-09-25 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-314716326-1652771346-1621271911-1000UA.job
- c:\users\Possehl\AppData\Local\Google\Update\GoogleUpdate.exe [2012-09-17 14:59]
.
2012-09-25 c:\windows\Tasks\User_Feed_Synchronization-{07D65CD1-F8C0-49BB-8F7A-9619CFE32AEA}.job
- c:\windows\system32\msfeedssync.exe [2010-08-14 04:56]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.google.com/
mStart Page = hxxp://www.google.com
uInternet Settings,ProxyOverride = *.local
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Free YouTube to Mp3 Converter - c:\users\Possehl\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: Nach Microsoft E&xel exportieren - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.2.1
TCP: Interfaces\{0D890DC5-25F4-4637-9D85-AD800ECA6428}: NameServer = 192.168.200.126,212.49.70.22
FF - ProfilePath - c:\users\Possehl\AppData\Roaming\Mozilla\Firefox\Profiles\hr5jdbu4.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.de/
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
AddRemove-vShare.tv plugin - c:\program files\vShare.tv plugin\uninst.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, hxxp://www.gmer.net
Rootkit scan 2012-09-25 13:17
Windows 6.0.6000  NTFS
.
Scanne versteckte Prozesse... 
.
Scanne versteckte Autostarteinträge... 
.
Scanne versteckte Dateien... 
.
Scan erfolgreich abgeschlossen
versteckte Dateien: 0
.
**************************************************************************
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_4_402_265_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_4_402_265_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
Zeit der Fertigstellung: 2012-09-25  13:23:29
ComboFix-quarantined-files.txt  2012-09-25 11:23
.
Vor Suchlauf: 8.384.245.760 Bytes frei
Nach Suchlauf: 8.211.611.648 Bytes frei
.
- - End Of File - - 9E36CDEE7E92BF22493F2AA33914A1DA
         
--- --- ---

Alt 25.09.2012, 14:42   #23
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Avast blockiert URL bei Google Chrome - Standard

Avast blockiert URL bei Google Chrome



Bitte nun Logs mit GMER und OSAM erstellen und posten.
GMER stürzt häufiger ab, wenn das Tool auch beim 2. Mal nicht will, lass es einfach weg und führ nur OSAM aus - die Online-Abfrage durch OSAM bitte überspringen.
Bei OSAM bitte darauf auch achten, dass Du das Log auch als *.log und nicht *.html oder so abspeicherst.

Hinweis: Zum Entpacken von OSAM bitte WinRAR oder 7zip verwenden! Stell auch unbedingt den Virenscanner ab, besonders der Scanner von McAfee meldet oft einen Fehalarm in OSAM!

Downloade dir bitte aswMBR.exe und speichere die Datei auf deinem Desktop.
  • Starte die aswMBR.exe - (aswMBR.exe Anleitung)
    Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten".
  • Das Tool wird dich fragen, ob Du mit der aktuellen Virendefinition von AVAST! dein System scannen willst. Beantworte diese Frage bitte mit Ja. (Sollte deine Firewall fragen, bitte den Zugriff auf das Internet zulassen )
    Der Download der Definitionen kann je nach Verbindung eine Weile dauern.
  • Klicke auf Scan.
  • Warte bitte bis Scan finished successfully im DOS-Fenster steht.
  • Drücke auf Save Log und speichere diese auf dem Desktop.
Poste mir die aswMBR.txt in deiner nächsten Antwort.

Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung

Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none).



Noch ein Hinweis: Sollte aswMBR abstürzen und es kommt eine Meldung wie "aswMBR.exe funktioniert nicht mehr, dann mach Folgendes:
Starte aswMBR neu, wähle unten links im Drop-Down-Menü (unten links im Fenster von aswMBR) bei "AV scan" (none) aus und klick nochmal auf den Scan-Button.
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 25.09.2012, 23:25   #24
dibbel91
 
Avast blockiert URL bei Google Chrome - Standard

Avast blockiert URL bei Google Chrome



GMER logfile

Code:
ATTFilter
 GMER 1.0.15.15641 - hxxp://www.gmer.net
Rootkit scan 2012-09-26 00:10:54
Windows 6.0.6000  Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0 WDC_WD25 rev.01.0
Running: 7fvpumgp.exe; Driver: C:\Users\Possehl\AppData\Local\Temp\uftdyfoc.sys


---- System - GMER 1.0.15 ----

SSDT            \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)                                                          ZwAddBootEntry [0x8D961708]
SSDT            \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)                                                          ZwAllocateVirtualMemory [0x8DC347C8]
SSDT            \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)                                                          ZwAssignProcessToJobObject [0x8D96211C]
SSDT            \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)                                                          ZwCreateEvent [0x8D96CF28]
SSDT            \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)                                                          ZwCreateEventPair [0x8D96CF74]
SSDT            \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)                                                          ZwCreateIoCompletion [0x8D96D0F6]
SSDT            \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)                                                          ZwCreateMutant [0x8D96CE96]
SSDT            \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)                                                          ZwCreateSection [0x8DC34BBA]
SSDT            \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)                                                          ZwCreateSemaphore [0x8D96CEDE]
SSDT            \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)                                                          ZwCreateThread [0x8D962310]
SSDT            \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)                                                          ZwCreateTimer [0x8D96D0B0]
SSDT            \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)                                                          ZwDebugActiveProcess [0x8D962A9C]
SSDT            \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)                                                          ZwDeleteBootEntry [0x8D961756]
SSDT            \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)                                                          ZwDuplicateObject [0x8DC3F808]
SSDT            \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)                                                          ZwFreeVirtualMemory [0x8DC348AC]
SSDT            \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)                                                          ZwLoadDriver [0x8D9613BE]
SSDT            \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)                                                          ZwModifyBootEntry [0x8D9617A4]
SSDT            \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)                                                          ZwNotifyChangeKey [0x8D966456]
SSDT            \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)                                                          ZwNotifyChangeMultipleKeys [0x8D963464]
SSDT            \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)                                                          ZwOpenEvent [0x8D96CF52]
SSDT            \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)                                                          ZwOpenEventPair [0x8D96CF96]
SSDT            \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)                                                          ZwOpenIoCompletion [0x8D96D11A]
SSDT            \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)                                                          ZwOpenMutant [0x8D96CEBC]
SSDT            \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)                                                          ZwOpenProcess [0x8DC3F70C]
SSDT            \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)                                                          ZwOpenSection [0x8D96D03A]
SSDT            \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)                                                          ZwOpenSemaphore [0x8D96CF06]
SSDT            \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)                                                          ZwOpenThread [0x8DC3F78A]
SSDT            \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)                                                          ZwOpenTimer [0x8D96D0D4]
SSDT            \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)                                                          ZwProtectVirtualMemory [0x8DC34A2C]
SSDT            \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)                                                          ZwQueryObject [0x8D963330]
SSDT            \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)                                                          ZwQueueApcThread [0x8D962EDA]
SSDT            \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)                                                          ZwSetBootEntryOrder [0x8D9617F2]
SSDT            \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)                                                          ZwSetBootOptions [0x8D961840]
SSDT            \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)                                                          ZwSetContextThread [0x8D96291C]
SSDT            \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)                                                          ZwSetSystemInformation [0x8D961448]
SSDT            \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)                                                          ZwSetSystemPowerState [0x8D9615F8]
SSDT            \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)                                                          ZwShutdownSystem [0x8D96159E]
SSDT            \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)                                                          ZwSuspendProcess [0x8D962BFE]
SSDT            \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)                                                          ZwSuspendThread [0x8D962D5A]
SSDT            \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)                                                          ZwSystemDebugControl [0x8D961668]
SSDT            \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)                                                          ZwTerminateProcess [0x8DC34AF6]
SSDT            \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)                                                          ZwTerminateThread [0x8D962794]
SSDT            \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)                                                          ZwVdmControl [0x8D96188E]
SSDT            \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)                                                          ZwWriteVirtualMemory [0x8DC34962]
SSDT            \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)                                                          ZwCreateThreadEx [0x8D962498]

Code            \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)                                                          ZwCreateProcessEx [0x8DC4C966]
Code            \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)                                                          ObInsertObject
Code            \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)                                                          ObMakeTemporaryObject

---- Kernel code sections - GMER 1.0.15 ----

.text           ntkrnlpa.exe!ZwCallbackReturn + 734                                                                                                            824811B8 12 Bytes  [F2, 17, 96, 8D, 40, 18, 96, ...]
.text           ntkrnlpa.exe!ZwCallbackReturn + 7E0                                                                                                            82481264 12 Bytes  [FE, 2B, 96, 8D, 5A, 2D, 96, ...]
PAGE            ntkrnlpa.exe!ZwReplyWaitReceivePortEx + 110                                                                                                    825BFD69 4 Bytes  CALL 8D963B07 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
PAGE            ntkrnlpa.exe!ZwAlpcSendWaitReceivePort + 121                                                                                                   825C77DC 4 Bytes  CALL 8D963B1D \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
PAGE            ntkrnlpa.exe!ObMakeTemporaryObject                                                                                                             825F2D4B 5 Bytes  JMP 8DC49806 \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)
PAGE            ntkrnlpa.exe!ObInsertObject                                                                                                                    825F8882 5 Bytes  JMP 8DC4B320 \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)
PAGE            ntkrnlpa.exe!ZwCreateProcessEx                                                                                                                 8261381D 7 Bytes  JMP 8DC4C96A \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)
.text           win32k.sys!EngMultiByteToUnicodeN + 2B73                                                                                                       95A210FF 1 Byte  [E9]
.text           win32k.sys!EngMultiByteToUnicodeN + 2B73                                                                                                       95A210FF 5 Bytes  JMP 8D966F20 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text           win32k.sys!EngGetRgnData + C9D                                                                                                                 95A24F75 5 Bytes  JMP 8D966DDA \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text           win32k.sys!EngSetRectRgn + 3DB                                                                                                                 95A25536 5 Bytes  JMP 8D966C00 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text           win32k.sys!EngTransparentBlt + 4E6                                                                                                             95A52E56 5 Bytes  JMP 8D967D3E \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text           win32k.sys!EngTransparentBlt + 37CC                                                                                                            95A5613C 5 Bytes  JMP 8D966592 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text           win32k.sys!XFORMOBJ_iGetXform + 323E                                                                                                           95A5BADD 5 Bytes  JMP 8D966FB2 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text           win32k.sys!XFORMOBJ_iGetXform + 33D0                                                                                                           95A5BC6F 5 Bytes  JMP 8D9670A4 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text           win32k.sys!EngStretchBltROP + 273B                                                                                                             95A5EA94 5 Bytes  JMP 8D966866 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text           win32k.sys!EngStretchBltROP + A684                                                                                                             95A669DD 5 Bytes  JMP 8D9679A8 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text           win32k.sys!EngStretchBltROP + 11666                                                                                                            95A6D9BF 5 Bytes  JMP 8D96648C \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text           win32k.sys!EngStretchBltROP + 118A7                                                                                                            95A6DC00 5 Bytes  JMP 8D966B40 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text           win32k.sys!EngStretchBltROP + 1197A                                                                                                            95A6DCD3 5 Bytes  JMP 8D966E06 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text           ...                                                                                                                                            
.text           win32k.sys!EngMapFontFileFD + F726                                                                                                             95A80E8E 5 Bytes  JMP 8D9666E6 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text           win32k.sys!EngPaint + 3291                                                                                                                     95A865F3 5 Bytes  JMP 8D967BD8 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text           win32k.sys!EngPaint + 69B2                                                                                                                     95A89D14 5 Bytes  JMP 8D966756 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text           win32k.sys!EngEraseSurface + 5C5                                                                                                               95A8D88B 5 Bytes  JMP 8D96708C \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text           win32k.sys!XLATEOBJ_iXlate + 44F5                                                                                                              95AAD01C 5 Bytes  JMP 8D9665AA \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text           win32k.sys!EngLpkInstalled + FD1                                                                                                               95AC5B69 5 Bytes  JMP 8D96795E \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text           win32k.sys!EngStretchBlt + 3BF8                                                                                                                95AD2D59 5 Bytes  JMP 8D967DE0 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text           win32k.sys!EngStretchBlt + 5E54                                                                                                                95AD4FB5 5 Bytes  JMP 8D966FCA \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text           win32k.sys!PATHOBJ_bEnum + AA                                                                                                                  95AD57BE 5 Bytes  JMP 8D967B20 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text           win32k.sys!EngStrokePath + CE82                                                                                                                95AE2DC9 5 Bytes  JMP 8D967918 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text           win32k.sys!EngCopyBits + 1DC3                                                                                                                  95AE9FE1 5 Bytes  JMP 8D967A6E \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text           win32k.sys!EngFindImageProcAddress + 1A09                                                                                                      95AF585B 5 Bytes  JMP 8D966A6A \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text           win32k.sys!EngDeleteClip + 5A16                                                                                                                95B0B735 5 Bytes  JMP 8D966812 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text           win32k.sys!PATHOBJ_bPolyBezierTo + 62D                                                                                                         95B13A3F 5 Bytes  JMP 8D96693E \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text           win32k.sys!EngFillPath + 1661                                                                                                                  95B2959C 5 Bytes  JMP 8D966FE2 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text           win32k.sys!EngDeleteSemaphore + 3868                                                                                                           95B313B1 5 Bytes  JMP 8D966682 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text           win32k.sys!EngDeleteSemaphore + 658D                                                                                                           95B340D6 5 Bytes  JMP 8D9669D4 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text           win32k.sys!EngPlgBlt + 1A89                                                                                                                    95B6F6AA 5 Bytes  JMP 8D967C96 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)

---- User code sections - GMER 1.0.15 ----

.text           C:\Program Files\Fujitsu Siemens Computers\FSCLounge\FSCWBaseUpdaterService\2\FSCWBaseUpdaterService.exe[12] KERNEL32.dll!GetBinaryTypeW + 70  76E8714D 1 Byte  [62]
.text           C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[288] kernel32.dll!GetBinaryTypeW + 70                   76E8714D 1 Byte  [62]
.text           C:\Program Files\Bonjour\mDNSResponder.exe[408] kernel32.dll!GetBinaryTypeW + 70                                                               76E8714D 1 Byte  [62]
.text           C:\Windows\system32\csrss.exe[580] KERNEL32.dll!GetBinaryTypeW + 70                                                                            76E8714D 1 Byte  [62]
.text           C:\Windows\system32\wininit.exe[636] kernel32.dll!GetBinaryTypeW + 70                                                                          76E8714D 1 Byte  [62]
.text           ...                                                                                                                                            
.text           C:\Program Files\McAfee Security Scan\3.0.207\SSScheduler.exe[964] ntdll.dll!LdrLoadDll                                                        775CEB00 5 Bytes  JMP 001501F8 
.text           C:\Program Files\McAfee Security Scan\3.0.207\SSScheduler.exe[964] ntdll.dll!LdrUnloadDll                                                      775DBF0A 5 Bytes  JMP 001503FC 
.text           C:\Program Files\McAfee Security Scan\3.0.207\SSScheduler.exe[964] kernel32.dll!GetBinaryTypeW + 70                                            76E8714D 1 Byte  [62]
.text           C:\Program Files\McAfee Security Scan\3.0.207\SSScheduler.exe[964] USER32.dll!UnhookWindowsHookEx                                              77507CE7 5 Bytes  JMP 00170A08 
.text           C:\Program Files\McAfee Security Scan\3.0.207\SSScheduler.exe[964] USER32.dll!SetWindowsHookExA                                                7750891A 5 Bytes  JMP 00170600 
.text           C:\Program Files\McAfee Security Scan\3.0.207\SSScheduler.exe[964] USER32.dll!SetWindowsHookExW                                                7750913D 5 Bytes  JMP 00170804 
.text           C:\Program Files\McAfee Security Scan\3.0.207\SSScheduler.exe[964] USER32.dll!UnhookWinEvent                                                   77512C03 5 Bytes  JMP 001703FC 
.text           C:\Program Files\McAfee Security Scan\3.0.207\SSScheduler.exe[964] USER32.dll!SetWinEventHook                                                  77519BFD 5 Bytes  JMP 001701F8 
.text           C:\Program Files\McAfee Security Scan\3.0.207\SSScheduler.exe[964] ADVAPI32.dll!CreateServiceW                                                 77768686 5 Bytes  JMP 001803FC 
.text           C:\Program Files\McAfee Security Scan\3.0.207\SSScheduler.exe[964] ADVAPI32.dll!DeleteService                                                  77768788 5 Bytes  JMP 00180600 
.text           C:\Program Files\McAfee Security Scan\3.0.207\SSScheduler.exe[964] ADVAPI32.dll!ChangeServiceConfigW                                           7776A26A 5 Bytes  JMP 00180A08 
.text           C:\Program Files\McAfee Security Scan\3.0.207\SSScheduler.exe[964] ADVAPI32.dll!SetServiceObjectSecurity                                       777A3791 5 Bytes  JMP 00181014 
.text           C:\Program Files\McAfee Security Scan\3.0.207\SSScheduler.exe[964] ADVAPI32.dll!ChangeServiceConfigA                                           777A3891 5 Bytes  JMP 00180804 
.text           C:\Program Files\McAfee Security Scan\3.0.207\SSScheduler.exe[964] ADVAPI32.dll!ChangeServiceConfig2A                                          777A3A39 5 Bytes  JMP 00180C0C 
.text           C:\Program Files\McAfee Security Scan\3.0.207\SSScheduler.exe[964] ADVAPI32.dll!ChangeServiceConfig2W                                          777A3B81 5 Bytes  JMP 00180E10 
.text           C:\Program Files\McAfee Security Scan\3.0.207\SSScheduler.exe[964] ADVAPI32.dll!CreateServiceA                                                 777A3C41 5 Bytes  JMP 001801F8 
.text           C:\Windows\system32\svchost.exe[968] kernel32.dll!GetBinaryTypeW + 70                                                                          76E8714D 1 Byte  [62]
.text           C:\Windows\system32\Ati2evxx.exe[1004] kernel32.dll!GetBinaryTypeW + 70                                                                        76E8714D 1 Byte  [62]
.text           C:\Windows\System32\svchost.exe[1048] kernel32.dll!GetBinaryTypeW + 70                                                                         76E8714D 1 Byte  [62]
.text           C:\Windows\System32\svchost.exe[1076] kernel32.dll!GetBinaryTypeW + 70                                                                         76E8714D 1 Byte  [62]
.text           C:\Windows\system32\svchost.exe[1092] kernel32.dll!GetBinaryTypeW + 70                                                                         76E8714D 1 Byte  [62]
.text           ...                                                                                                                                            
.text           C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[1556] kernel32.dll!SetUnhandledExceptionFilter                                             76E8D177 4 Bytes  [C2, 04, 00, 90] {RET 0x4; NOP }
.text           C:\Windows\ehome\ehtray.exe[1584] ntdll.dll!LdrLoadDll                                                                                         775CEB00 5 Bytes  JMP 000501F8 
.text           C:\Windows\ehome\ehtray.exe[1584] ntdll.dll!LdrUnloadDll                                                                                       775DBF0A 5 Bytes  JMP 000503FC 
.text           C:\Windows\ehome\ehtray.exe[1584] kernel32.dll!GetBinaryTypeW + 70                                                                             76E8714D 1 Byte  [62]
.text           C:\Windows\ehome\ehtray.exe[1584] ADVAPI32.dll!CreateServiceW                                                                                  77768686 5 Bytes  JMP 000703FC 
.text           C:\Windows\ehome\ehtray.exe[1584] ADVAPI32.dll!DeleteService                                                                                   77768788 5 Bytes  JMP 00070600 
.text           C:\Windows\ehome\ehtray.exe[1584] ADVAPI32.dll!ChangeServiceConfigW                                                                            7776A26A 5 Bytes  JMP 00070A08 
.text           C:\Windows\ehome\ehtray.exe[1584] ADVAPI32.dll!SetServiceObjectSecurity                                                                        777A3791 5 Bytes  JMP 00071014 
.text           C:\Windows\ehome\ehtray.exe[1584] ADVAPI32.dll!ChangeServiceConfigA                                                                            777A3891 5 Bytes  JMP 00070804 
.text           C:\Windows\ehome\ehtray.exe[1584] ADVAPI32.dll!ChangeServiceConfig2A                                                                           777A3A39 5 Bytes  JMP 00070C0C 
.text           C:\Windows\ehome\ehtray.exe[1584] ADVAPI32.dll!ChangeServiceConfig2W                                                                           777A3B81 5 Bytes  JMP 00070E10 
.text           C:\Windows\ehome\ehtray.exe[1584] ADVAPI32.dll!CreateServiceA                                                                                  777A3C41 5 Bytes  JMP 000701F8 
.text           C:\Windows\ehome\ehtray.exe[1584] USER32.dll!UnhookWindowsHookEx                                                                               77507CE7 5 Bytes  JMP 00080A08 
.text           C:\Windows\ehome\ehtray.exe[1584] USER32.dll!SetWindowsHookExA                                                                                 7750891A 5 Bytes  JMP 00080600 
.text           C:\Windows\ehome\ehtray.exe[1584] USER32.dll!SetWindowsHookExW                                                                                 7750913D 5 Bytes  JMP 00080804 
.text           C:\Windows\ehome\ehtray.exe[1584] USER32.dll!UnhookWinEvent                                                                                    77512C03 5 Bytes  JMP 000803FC 
.text           C:\Windows\ehome\ehtray.exe[1584] USER32.dll!SetWinEventHook                                                                                   77519BFD 5 Bytes  JMP 000801F8 
.text           C:\Windows\system32\Ati2evxx.exe[1624] kernel32.dll!GetBinaryTypeW + 70                                                                        76E8714D 1 Byte  [62]
.text           C:\Windows\System32\mobsync.exe[1720] ntdll.dll!LdrLoadDll                                                                                     775CEB00 5 Bytes  JMP 000501F8 
.text           C:\Windows\System32\mobsync.exe[1720] ntdll.dll!LdrUnloadDll                                                                                   775DBF0A 5 Bytes  JMP 000503FC 
.text           C:\Windows\System32\mobsync.exe[1720] kernel32.dll!GetBinaryTypeW + 70                                                                         76E8714D 1 Byte  [62]
.text           C:\Windows\System32\mobsync.exe[1720] ADVAPI32.dll!CreateServiceW                                                                              77768686 5 Bytes  JMP 000703FC 
.text           C:\Windows\System32\mobsync.exe[1720] ADVAPI32.dll!DeleteService                                                                               77768788 5 Bytes  JMP 00070600 
.text           C:\Windows\System32\mobsync.exe[1720] ADVAPI32.dll!ChangeServiceConfigW                                                                        7776A26A 5 Bytes  JMP 00070A08 
.text           C:\Windows\System32\mobsync.exe[1720] ADVAPI32.dll!SetServiceObjectSecurity                                                                    777A3791 5 Bytes  JMP 00071014 
.text           C:\Windows\System32\mobsync.exe[1720] ADVAPI32.dll!ChangeServiceConfigA                                                                        777A3891 5 Bytes  JMP 00070804 
.text           C:\Windows\System32\mobsync.exe[1720] ADVAPI32.dll!ChangeServiceConfig2A                                                                       777A3A39 5 Bytes  JMP 00070C0C 
.text           C:\Windows\System32\mobsync.exe[1720] ADVAPI32.dll!ChangeServiceConfig2W                                                                       777A3B81 5 Bytes  JMP 00070E10 
.text           C:\Windows\System32\mobsync.exe[1720] ADVAPI32.dll!CreateServiceA                                                                              777A3C41 5 Bytes  JMP 000701F8 
.text           C:\Windows\System32\mobsync.exe[1720] USER32.dll!UnhookWindowsHookEx                                                                           77507CE7 5 Bytes  JMP 000A0A08 
.text           C:\Windows\System32\mobsync.exe[1720] USER32.dll!SetWindowsHookExA                                                                             7750891A 5 Bytes  JMP 000A0600 
.text           C:\Windows\System32\mobsync.exe[1720] USER32.dll!SetWindowsHookExW                                                                             7750913D 5 Bytes  JMP 000A0804 
.text           C:\Windows\System32\mobsync.exe[1720] USER32.dll!UnhookWinEvent                                                                                77512C03 5 Bytes  JMP 000A03FC 
.text           C:\Windows\System32\mobsync.exe[1720] USER32.dll!SetWinEventHook                                                                               77519BFD 5 Bytes  JMP 000A01F8 
.text           C:\Windows\System32\spoolsv.exe[1764] kernel32.dll!GetBinaryTypeW + 70                                                                         76E8714D 1 Byte  [62]
.text           C:\Windows\system32\svchost.exe[1788] kernel32.dll!GetBinaryTypeW + 70                                                                         76E8714D 1 Byte  [62]
.text           C:\Program Files\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe[1988] kernel32.dll!GetBinaryTypeW + 70                            76E8714D 1 Byte  [62]
.text           C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe[2056] kernel32.dll!GetBinaryTypeW + 70                                           76E8714D 1 Byte  [62]
.text           C:\Windows\system32\svchost.exe[2160] ntdll.dll!LdrLoadDll                                                                                     775CEB00 5 Bytes  JMP 000501F8 
.text           C:\Windows\system32\svchost.exe[2160] ntdll.dll!LdrUnloadDll                                                                                   775DBF0A 5 Bytes  JMP 000503FC 
.text           C:\Windows\system32\svchost.exe[2160] kernel32.dll!GetBinaryTypeW + 70                                                                         76E8714D 1 Byte  [62]
.text           C:\Windows\system32\svchost.exe[2160] ADVAPI32.dll!CreateServiceW                                                                              77768686 5 Bytes  JMP 000703FC 
.text           C:\Windows\system32\svchost.exe[2160] ADVAPI32.dll!DeleteService                                                                               77768788 5 Bytes  JMP 00070600 
.text           C:\Windows\system32\svchost.exe[2160] ADVAPI32.dll!ChangeServiceConfigW                                                                        7776A26A 5 Bytes  JMP 00070A08 
.text           C:\Windows\system32\svchost.exe[2160] ADVAPI32.dll!SetServiceObjectSecurity                                                                    777A3791 5 Bytes  JMP 00071014 
.text           C:\Windows\system32\svchost.exe[2160] ADVAPI32.dll!ChangeServiceConfigA                                                                        777A3891 5 Bytes  JMP 00070804 
.text           C:\Windows\system32\svchost.exe[2160] ADVAPI32.dll!ChangeServiceConfig2A                                                                       777A3A39 5 Bytes  JMP 00070C0C 
.text           C:\Windows\system32\svchost.exe[2160] ADVAPI32.dll!ChangeServiceConfig2W                                                                       777A3B81 5 Bytes  JMP 00070E10 
.text           C:\Windows\system32\svchost.exe[2160] ADVAPI32.dll!CreateServiceA                                                                              777A3C41 5 Bytes  JMP 000701F8 
.text           C:\Windows\system32\svchost.exe[2160] USER32.dll!UnhookWindowsHookEx                                                                           77507CE7 5 Bytes  JMP 002A0A08 
.text           C:\Windows\system32\svchost.exe[2160] USER32.dll!SetWindowsHookExA                                                                             7750891A 5 Bytes  JMP 002A0600 
.text           C:\Windows\system32\svchost.exe[2160] USER32.dll!SetWindowsHookExW                                                                             7750913D 5 Bytes  JMP 002A0804 
.text           C:\Windows\system32\svchost.exe[2160] USER32.dll!UnhookWinEvent                                                                                77512C03 5 Bytes  JMP 002A03FC 
.text           C:\Windows\system32\svchost.exe[2160] USER32.dll!SetWinEventHook                                                                               77519BFD 5 Bytes  JMP 002A01F8 
.text           C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[2268] ntdll.dll!LdrLoadDll                                                         775CEB00 5 Bytes  JMP 000501F8 
.text           C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[2268] ntdll.dll!LdrUnloadDll                                                       775DBF0A 5 Bytes  JMP 000503FC 
.text           C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[2268] kernel32.dll!GetBinaryTypeW + 70                                             76E8714D 1 Byte  [62]
.text           C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[2268] ADVAPI32.dll!CreateServiceW                                                  77768686 5 Bytes  JMP 001A03FC 
.text           C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[2268] ADVAPI32.dll!DeleteService                                                   77768788 5 Bytes  JMP 001A0600 
.text           C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[2268] ADVAPI32.dll!ChangeServiceConfigW                                            7776A26A 5 Bytes  JMP 001A0A08 
.text           C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[2268] ADVAPI32.dll!SetServiceObjectSecurity                                        777A3791 5 Bytes  JMP 001A1014 
.text           C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[2268] ADVAPI32.dll!ChangeServiceConfigA                                            777A3891 5 Bytes  JMP 001A0804 
.text           C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[2268] ADVAPI32.dll!ChangeServiceConfig2A                                           777A3A39 5 Bytes  JMP 001A0C0C 
.text           C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[2268] ADVAPI32.dll!ChangeServiceConfig2W                                           777A3B81 5 Bytes  JMP 001A0E10 
.text           C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[2268] ADVAPI32.dll!CreateServiceA                                                  777A3C41 5 Bytes  JMP 001A01F8 
.text           C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[2268] USER32.dll!UnhookWindowsHookEx                                               77507CE7 5 Bytes  JMP 001B0A08 
.text           C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[2268] USER32.dll!SetWindowsHookExA                                                 7750891A 5 Bytes  JMP 001B0600 
.text           C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[2268] USER32.dll!SetWindowsHookExW                                                 7750913D 5 Bytes  JMP 001B0804 
.text           C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[2268] USER32.dll!UnhookWinEvent                                                    77512C03 5 Bytes  JMP 001B03FC 
.text           C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[2268] USER32.dll!SetWinEventHook                                                   77519BFD 5 Bytes  JMP 001B01F8 
.text           C:\Windows\System32\svchost.exe[2284] ntdll.dll!LdrLoadDll                                                                                     775CEB00 5 Bytes  JMP 000501F8 
.text           C:\Windows\System32\svchost.exe[2284] ntdll.dll!LdrUnloadDll                                                                                   775DBF0A 5 Bytes  JMP 000503FC 
.text           C:\Windows\System32\svchost.exe[2284] kernel32.dll!GetBinaryTypeW + 70                                                                         76E8714D 1 Byte  [62]
.text           C:\Windows\System32\svchost.exe[2284] ADVAPI32.dll!CreateServiceW                                                                              77768686 5 Bytes  JMP 000703FC 
.text           C:\Windows\System32\svchost.exe[2284] ADVAPI32.dll!DeleteService                                                                               77768788 5 Bytes  JMP 00070600 
.text           C:\Windows\System32\svchost.exe[2284] ADVAPI32.dll!ChangeServiceConfigW                                                                        7776A26A 5 Bytes  JMP 00070A08 
.text           C:\Windows\System32\svchost.exe[2284] ADVAPI32.dll!SetServiceObjectSecurity                                                                    777A3791 5 Bytes  JMP 00071014 
.text           C:\Windows\System32\svchost.exe[2284] ADVAPI32.dll!ChangeServiceConfigA                                                                        777A3891 5 Bytes  JMP 00070804 
.text           C:\Windows\System32\svchost.exe[2284] ADVAPI32.dll!ChangeServiceConfig2A                                                                       777A3A39 5 Bytes  JMP 00070C0C 
.text           C:\Windows\System32\svchost.exe[2284] ADVAPI32.dll!ChangeServiceConfig2W                                                                       777A3B81 5 Bytes  JMP 00070E10 
.text           C:\Windows\System32\svchost.exe[2284] ADVAPI32.dll!CreateServiceA                                                                              777A3C41 5 Bytes  JMP 000701F8 
.text           C:\Windows\System32\svchost.exe[2284] USER32.dll!UnhookWindowsHookEx                                                                           77507CE7 5 Bytes  JMP 000C0A08 
.text           C:\Windows\System32\svchost.exe[2284] USER32.dll!SetWindowsHookExA                                                                             7750891A 5 Bytes  JMP 000C0600 
.text           C:\Windows\System32\svchost.exe[2284] USER32.dll!SetWindowsHookExW                                                                             7750913D 5 Bytes  JMP 000C0804 
.text           C:\Windows\System32\svchost.exe[2284] USER32.dll!UnhookWinEvent                                                                                77512C03 5 Bytes  JMP 000C03FC 
.text           C:\Windows\System32\svchost.exe[2284] USER32.dll!SetWinEventHook                                                                               77519BFD 5 Bytes  JMP 000C01F8 
.text           C:\Windows\System32\svchost.exe[2316] ntdll.dll!LdrLoadDll                                                                                     775CEB00 5 Bytes  JMP 000501F8 
.text           C:\Windows\System32\svchost.exe[2316] ntdll.dll!LdrUnloadDll                                                                                   775DBF0A 5 Bytes  JMP 000503FC 
.text           C:\Windows\System32\svchost.exe[2316] kernel32.dll!GetBinaryTypeW + 70                                                                         76E8714D 1 Byte  [62]
.text           C:\Windows\System32\svchost.exe[2316] ADVAPI32.dll!CreateServiceW                                                                              77768686 5 Bytes  JMP 000703FC 
.text           C:\Windows\System32\svchost.exe[2316] ADVAPI32.dll!DeleteService                                                                               77768788 5 Bytes  JMP 00070600 
.text           C:\Windows\System32\svchost.exe[2316] ADVAPI32.dll!ChangeServiceConfigW                                                                        7776A26A 5 Bytes  JMP 00070A08 
.text           C:\Windows\System32\svchost.exe[2316] ADVAPI32.dll!SetServiceObjectSecurity                                                                    777A3791 5 Bytes  JMP 00071014 
.text           C:\Windows\System32\svchost.exe[2316] ADVAPI32.dll!ChangeServiceConfigA                                                                        777A3891 5 Bytes  JMP 00070804 
.text           C:\Windows\System32\svchost.exe[2316] ADVAPI32.dll!ChangeServiceConfig2A                                                                       777A3A39 5 Bytes  JMP 00070C0C 
.text           C:\Windows\System32\svchost.exe[2316] ADVAPI32.dll!ChangeServiceConfig2W                                                                       777A3B81 5 Bytes  JMP 00070E10 
.text           C:\Windows\System32\svchost.exe[2316] ADVAPI32.dll!CreateServiceA                                                                              777A3C41 5 Bytes  JMP 000701F8 
.text           C:\Windows\system32\svchost.exe[2328] ntdll.dll!LdrLoadDll                                                                                     775CEB00 5 Bytes  JMP 000901F8 
.text           C:\Windows\system32\svchost.exe[2328] ntdll.dll!LdrUnloadDll                                                                                   775DBF0A 5 Bytes  JMP 000903FC 
.text           C:\Windows\system32\svchost.exe[2328] kernel32.dll!GetBinaryTypeW + 70                                                                         76E8714D 1 Byte  [62]
.text           C:\Windows\system32\svchost.exe[2328] ADVAPI32.dll!CreateServiceW                                                                              77768686 5 Bytes  JMP 000B03FC 
.text           C:\Windows\system32\svchost.exe[2328] ADVAPI32.dll!DeleteService                                                                               77768788 5 Bytes  JMP 000B0600 
.text           C:\Windows\system32\svchost.exe[2328] ADVAPI32.dll!ChangeServiceConfigW                                                                        7776A26A 5 Bytes  JMP 000B0A08 
.text           C:\Windows\system32\svchost.exe[2328] ADVAPI32.dll!SetServiceObjectSecurity                                                                    777A3791 5 Bytes  JMP 000B1014 
.text           C:\Windows\system32\svchost.exe[2328] ADVAPI32.dll!ChangeServiceConfigA                                                                        777A3891 5 Bytes  JMP 000B0804 
.text           C:\Windows\system32\svchost.exe[2328] ADVAPI32.dll!ChangeServiceConfig2A                                                                       777A3A39 5 Bytes  JMP 000B0C0C 
.text           C:\Windows\system32\svchost.exe[2328] ADVAPI32.dll!ChangeServiceConfig2W                                                                       777A3B81 5 Bytes  JMP 000B0E10 
.text           C:\Windows\system32\svchost.exe[2328] ADVAPI32.dll!CreateServiceA                                                                              777A3C41 5 Bytes  JMP 000B01F8 
.text           C:\Windows\system32\svchost.exe[2328] USER32.dll!UnhookWindowsHookEx                                                                           77507CE7 5 Bytes  JMP 000E0A08 
.text           C:\Windows\system32\svchost.exe[2328] USER32.dll!SetWindowsHookExA                                                                             7750891A 5 Bytes  JMP 000E0600 
.text           C:\Windows\system32\svchost.exe[2328] USER32.dll!SetWindowsHookExW                                                                             7750913D 5 Bytes  JMP 000E0804 
.text           C:\Windows\system32\svchost.exe[2328] USER32.dll!UnhookWinEvent                                                                                77512C03 5 Bytes  JMP 000E03FC 
.text           C:\Windows\system32\svchost.exe[2328] USER32.dll!SetWinEventHook                                                                               77519BFD 5 Bytes  JMP 000E01F8 
.text           C:\Program Files\CyberLink\Shared Files\RichVideo.exe[2340] ntdll.dll!LdrLoadDll                                                               775CEB00 5 Bytes  JMP 001401F8 
.text           C:\Program Files\CyberLink\Shared Files\RichVideo.exe[2340] ntdll.dll!LdrUnloadDll                                                             775DBF0A 5 Bytes  JMP 001403FC 
.text           C:\Program Files\CyberLink\Shared Files\RichVideo.exe[2340] kernel32.dll!GetBinaryTypeW + 70                                                   76E8714D 1 Byte  [62]
.text           C:\Program Files\CyberLink\Shared Files\RichVideo.exe[2340] USER32.dll!UnhookWindowsHookEx                                                     77507CE7 5 Bytes  JMP 00260A08 
.text           C:\Program Files\CyberLink\Shared Files\RichVideo.exe[2340] USER32.dll!SetWindowsHookExA                                                       7750891A 5 Bytes  JMP 00260600 
.text           C:\Program Files\CyberLink\Shared Files\RichVideo.exe[2340] USER32.dll!SetWindowsHookExW                                                       7750913D 5 Bytes  JMP 00260804 
.text           C:\Program Files\CyberLink\Shared Files\RichVideo.exe[2340] USER32.dll!UnhookWinEvent                                                          77512C03 5 Bytes  JMP 002603FC 
.text           C:\Program Files\CyberLink\Shared Files\RichVideo.exe[2340] USER32.dll!SetWinEventHook                                                         77519BFD 5 Bytes  JMP 002601F8 
.text           C:\Program Files\CyberLink\Shared Files\RichVideo.exe[2340] ADVAPI32.dll!CreateServiceW                                                        77768686 5 Bytes  JMP 002703FC 
.text           C:\Program Files\CyberLink\Shared Files\RichVideo.exe[2340] ADVAPI32.dll!DeleteService                                                         77768788 5 Bytes  JMP 00270600 
.text           C:\Program Files\CyberLink\Shared Files\RichVideo.exe[2340] ADVAPI32.dll!ChangeServiceConfigW                                                  7776A26A 5 Bytes  JMP 00270A08 
.text           C:\Program Files\CyberLink\Shared Files\RichVideo.exe[2340] ADVAPI32.dll!SetServiceObjectSecurity                                              777A3791 5 Bytes  JMP 00271014 
.text           C:\Program Files\CyberLink\Shared Files\RichVideo.exe[2340] ADVAPI32.dll!ChangeServiceConfigA                                                  777A3891 5 Bytes  JMP 00270804 
.text           C:\Program Files\CyberLink\Shared Files\RichVideo.exe[2340] ADVAPI32.dll!ChangeServiceConfig2A                                                 777A3A39 5 Bytes  JMP 00270C0C 
.text           C:\Program Files\CyberLink\Shared Files\RichVideo.exe[2340] ADVAPI32.dll!ChangeServiceConfig2W                                                 777A3B81 5 Bytes  JMP 00270E10 
.text           C:\Program Files\CyberLink\Shared Files\RichVideo.exe[2340] ADVAPI32.dll!CreateServiceA                                                        777A3C41 5 Bytes  JMP 002701F8 
.text           C:\Windows\system32\svchost.exe[2612] ntdll.dll!LdrLoadDll                                                                                     775CEB00 5 Bytes  JMP 000501F8 
.text           C:\Windows\system32\svchost.exe[2612] ntdll.dll!LdrUnloadDll                                                                                   775DBF0A 5 Bytes  JMP 000503FC 
.text           C:\Windows\system32\svchost.exe[2612] kernel32.dll!GetBinaryTypeW + 70                                                                         76E8714D 1 Byte  [62]
.text           C:\Windows\system32\svchost.exe[2612] ADVAPI32.dll!CreateServiceW                                                                              77768686 5 Bytes  JMP 000703FC 
.text           C:\Windows\system32\svchost.exe[2612] ADVAPI32.dll!DeleteService                                                                               77768788 5 Bytes  JMP 00070600 
.text           C:\Windows\system32\svchost.exe[2612] ADVAPI32.dll!ChangeServiceConfigW                                                                        7776A26A 5 Bytes  JMP 00070A08 
.text           C:\Windows\system32\svchost.exe[2612] ADVAPI32.dll!SetServiceObjectSecurity                                                                    777A3791 5 Bytes  JMP 00071014 
.text           C:\Windows\system32\svchost.exe[2612] ADVAPI32.dll!ChangeServiceConfigA                                                                        777A3891 5 Bytes  JMP 00070804 
.text           C:\Windows\system32\svchost.exe[2612] ADVAPI32.dll!ChangeServiceConfig2A                                                                       777A3A39 5 Bytes  JMP 00070C0C 
.text           C:\Windows\system32\svchost.exe[2612] ADVAPI32.dll!ChangeServiceConfig2W                                                                       777A3B81 5 Bytes  JMP 00070E10 
.text           C:\Windows\system32\svchost.exe[2612] ADVAPI32.dll!CreateServiceA                                                                              777A3C41 5 Bytes  JMP 000701F8 
.text           C:\Windows\system32\svchost.exe[2612] USER32.dll!UnhookWindowsHookEx                                                                           77507CE7 5 Bytes  JMP 00C00A08 
.text           C:\Windows\system32\svchost.exe[2612] USER32.dll!SetWindowsHookExA                                                                             7750891A 5 Bytes  JMP 00C00600 
.text           C:\Windows\system32\svchost.exe[2612] USER32.dll!SetWindowsHookExW                                                                             7750913D 5 Bytes  JMP 00C00804 
.text           C:\Windows\system32\svchost.exe[2612] USER32.dll!UnhookWinEvent                                                                                77512C03 5 Bytes  JMP 00C003FC 
.text           C:\Windows\system32\svchost.exe[2612] USER32.dll!SetWinEventHook                                                                               77519BFD 5 Bytes  JMP 00C001F8 
.text           C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe[2700] ntdll.dll!LdrLoadDll                                                         775CEB00 5 Bytes  JMP 001501F8 
.text           C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe[2700] ntdll.dll!LdrUnloadDll                                                       775DBF0A 5 Bytes  JMP 001503FC 
.text           C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe[2700] kernel32.dll!GetBinaryTypeW + 70                                             76E8714D 1 Byte  [62]
.text           C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe[2700] ADVAPI32.dll!CreateServiceW                                                  77768686 5 Bytes  JMP 001703FC 
.text           C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe[2700] ADVAPI32.dll!DeleteService                                                   77768788 5 Bytes  JMP 00170600 
.text           C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe[2700] ADVAPI32.dll!ChangeServiceConfigW                                            7776A26A 5 Bytes  JMP 00170A08 
.text           C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe[2700] ADVAPI32.dll!SetServiceObjectSecurity                                        777A3791 5 Bytes  JMP 00171014 
.text           C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe[2700] ADVAPI32.dll!ChangeServiceConfigA                                            777A3891 5 Bytes  JMP 00170804 
.text           C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe[2700] ADVAPI32.dll!ChangeServiceConfig2A                                           777A3A39 5 Bytes  JMP 00170C0C 
.text           C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe[2700] ADVAPI32.dll!ChangeServiceConfig2W                                           777A3B81 5 Bytes  JMP 00170E10 
.text           C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe[2700] ADVAPI32.dll!CreateServiceA                                                  777A3C41 5 Bytes  JMP 001701F8 
.text           C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe[2700] USER32.dll!UnhookWindowsHookEx                                               77507CE7 5 Bytes  JMP 00180A08 
.text           C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe[2700] USER32.dll!SetWindowsHookExA                                                 7750891A 5 Bytes  JMP 00180600 
.text           C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe[2700] USER32.dll!SetWindowsHookExW                                                 7750913D 5 Bytes  JMP 00180804 
.text           C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe[2700] USER32.dll!UnhookWinEvent                                                    77512C03 5 Bytes  JMP 001803FC 
.text           C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe[2700] USER32.dll!SetWinEventHook                                                   77519BFD 5 Bytes  JMP 001801F8 
.text           C:\firststeps\OnlineDiagnostic\TestManager\TestHandler.exe[2768] ntdll.dll!LdrLoadDll                                                          775CEB00 5 Bytes  JMP 001501F8 
.text           C:\firststeps\OnlineDiagnostic\TestManager\TestHandler.exe[2768] ntdll.dll!LdrUnloadDll                                                        775DBF0A 5 Bytes  JMP 001503FC 
.text           C:\firststeps\OnlineDiagnostic\TestManager\TestHandler.exe[2768] kernel32.dll!GetBinaryTypeW + 70                                              76E8714D 1 Byte  [62]
.text           C:\firststeps\OnlineDiagnostic\TestManager\TestHandler.exe[2768] USER32.dll!UnhookWindowsHookEx                                                77507CE7 5 Bytes  JMP 00170A08 
.text           C:\firststeps\OnlineDiagnostic\TestManager\TestHandler.exe[2768] USER32.dll!SetWindowsHookExA                                                  7750891A 5 Bytes  JMP 00170600 
.text           C:\firststeps\OnlineDiagnostic\TestManager\TestHandler.exe[2768] USER32.dll!SetWindowsHookExW                                                  7750913D 5 Bytes  JMP 00170804 
.text           C:\firststeps\OnlineDiagnostic\TestManager\TestHandler.exe[2768] USER32.dll!UnhookWinEvent                                                     77512C03 5 Bytes  JMP 001703FC 
.text           C:\firststeps\OnlineDiagnostic\TestManager\TestHandler.exe[2768] USER32.dll!SetWinEventHook                                                    77519BFD 5 Bytes  JMP 001701F8 
.text           C:\firststeps\OnlineDiagnostic\TestManager\TestHandler.exe[2768] ADVAPI32.dll!CreateServiceW                                                   77768686 5 Bytes  JMP 001803FC 
.text           C:\firststeps\OnlineDiagnostic\TestManager\TestHandler.exe[2768] ADVAPI32.dll!DeleteService                                                    77768788 5 Bytes  JMP 00180600 
.text           C:\firststeps\OnlineDiagnostic\TestManager\TestHandler.exe[2768] ADVAPI32.dll!ChangeServiceConfigW                                             7776A26A 5 Bytes  JMP 00180A08 
.text           C:\firststeps\OnlineDiagnostic\TestManager\TestHandler.exe[2768] ADVAPI32.dll!SetServiceObjectSecurity                                         777A3791 5 Bytes  JMP 00181014 
.text           C:\firststeps\OnlineDiagnostic\TestManager\TestHandler.exe[2768] ADVAPI32.dll!ChangeServiceConfigA                                             777A3891 5 Bytes  JMP 00180804 
.text           C:\firststeps\OnlineDiagnostic\TestManager\TestHandler.exe[2768] ADVAPI32.dll!ChangeServiceConfig2A                                            777A3A39 5 Bytes  JMP 00180C0C 
.text           C:\firststeps\OnlineDiagnostic\TestManager\TestHandler.exe[2768] ADVAPI32.dll!ChangeServiceConfig2W                                            777A3B81 5 Bytes  JMP 00180E10 
.text           C:\firststeps\OnlineDiagnostic\TestManager\TestHandler.exe[2768] ADVAPI32.dll!CreateServiceA                                                   777A3C41 5 Bytes  JMP 001801F8 
.text           C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe[2800] ntdll.dll!LdrLoadDll                                                 775CEB00 5 Bytes  JMP 000501F8 
.text           C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe[2800] ntdll.dll!LdrUnloadDll                                               775DBF0A 5 Bytes  JMP 000503FC 
.text           C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe[2800] kernel32.dll!GetBinaryTypeW + 70                                     76E8714D 1 Byte  [62]
.text           C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe[2800] USER32.dll!UnhookWindowsHookEx                                       77507CE7 5 Bytes  JMP 00070A08 
.text           C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe[2800] USER32.dll!SetWindowsHookExA                                         7750891A 5 Bytes  JMP 00070600 
.text           C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe[2800] USER32.dll!SetWindowsHookExW                                         7750913D 5 Bytes  JMP 00070804 
.text           C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe[2800] USER32.dll!UnhookWinEvent                                            77512C03 5 Bytes  JMP 000703FC 
.text           C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe[2800] USER32.dll!SetWinEventHook                                           77519BFD 5 Bytes  JMP 000701F8 
.text           C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe[2800] ADVAPI32.dll!CreateServiceW                                          77768686 5 Bytes  JMP 000803FC 
.text           C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe[2800] ADVAPI32.dll!DeleteService                                           77768788 5 Bytes  JMP 00080600 
.text           C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe[2800] ADVAPI32.dll!ChangeServiceConfigW                                    7776A26A 5 Bytes  JMP 00080A08 
.text           C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe[2800] ADVAPI32.dll!SetServiceObjectSecurity                                777A3791 5 Bytes  JMP 00081014 
.text           C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe[2800] ADVAPI32.dll!ChangeServiceConfigA                                    777A3891 5 Bytes  JMP 00080804 
.text           C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe[2800] ADVAPI32.dll!ChangeServiceConfig2A                                   777A3A39 5 Bytes  JMP 00080C0C 
.text           C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe[2800] ADVAPI32.dll!ChangeServiceConfig2W                                   777A3B81 5 Bytes  JMP 00080E10 
.text           C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe[2800] ADVAPI32.dll!CreateServiceA                                          777A3C41 5 Bytes  JMP 000801F8 
.text           C:\Windows\System32\svchost.exe[2844] ntdll.dll!LdrLoadDll                                                                                     775CEB00 5 Bytes  JMP 000501F8 
.text           C:\Windows\System32\svchost.exe[2844] ntdll.dll!LdrUnloadDll                                                                                   775DBF0A 5 Bytes  JMP 000503FC 
.text           C:\Windows\System32\svchost.exe[2844] kernel32.dll!GetBinaryTypeW + 70                                                                         76E8714D 1 Byte  [62]
.text           C:\Windows\System32\svchost.exe[2844] ADVAPI32.dll!CreateServiceW                                                                              77768686 5 Bytes  JMP 000B03FC 
.text           C:\Windows\System32\svchost.exe[2844] ADVAPI32.dll!DeleteService                                                                               77768788 5 Bytes  JMP 000B0600 
.text           C:\Windows\System32\svchost.exe[2844] ADVAPI32.dll!ChangeServiceConfigW                                                                        7776A26A 5 Bytes  JMP 000B0A08 
.text           C:\Windows\System32\svchost.exe[2844] ADVAPI32.dll!SetServiceObjectSecurity                                                                    777A3791 5 Bytes  JMP 000B1014 
.text           C:\Windows\System32\svchost.exe[2844] ADVAPI32.dll!ChangeServiceConfigA                                                                        777A3891 5 Bytes  JMP 000B0804 
.text           C:\Windows\System32\svchost.exe[2844] ADVAPI32.dll!ChangeServiceConfig2A                                                                       777A3A39 5 Bytes  JMP 000B0C0C 
.text           C:\Windows\System32\svchost.exe[2844] ADVAPI32.dll!ChangeServiceConfig2W                                                                       777A3B81 5 Bytes  JMP 000B0E10 
.text           C:\Windows\System32\svchost.exe[2844] ADVAPI32.dll!CreateServiceA                                                                              777A3C41 5 Bytes  JMP 000B01F8 
.text           C:\Windows\system32\SearchIndexer.exe[2864] ntdll.dll!LdrLoadDll                                                                               775CEB00 5 Bytes  JMP 000501F8 
.text           C:\Windows\system32\SearchIndexer.exe[2864] ntdll.dll!LdrUnloadDll                                                                             775DBF0A 5 Bytes  JMP 000503FC 
.text           C:\Windows\system32\SearchIndexer.exe[2864] kernel32.dll!GetBinaryTypeW + 70                                                                   76E8714D 1 Byte  [62]
.text           C:\Windows\system32\SearchIndexer.exe[2864] ADVAPI32.dll!CreateServiceW                                                                        77768686 5 Bytes  JMP 000703FC 
.text           C:\Windows\system32\SearchIndexer.exe[2864] ADVAPI32.dll!DeleteService                                                                         77768788 5 Bytes  JMP 00070600 
.text           C:\Windows\system32\SearchIndexer.exe[2864] ADVAPI32.dll!ChangeServiceConfigW                                                                  7776A26A 5 Bytes  JMP 00070A08 
.text           C:\Windows\system32\SearchIndexer.exe[2864] ADVAPI32.dll!SetServiceObjectSecurity                                                              777A3791 5 Bytes  JMP 00071014 
.text           C:\Windows\system32\SearchIndexer.exe[2864] ADVAPI32.dll!ChangeServiceConfigA                                                                  777A3891 5 Bytes  JMP 00070804 
.text           C:\Windows\system32\SearchIndexer.exe[2864] ADVAPI32.dll!ChangeServiceConfig2A                                                                 777A3A39 5 Bytes  JMP 00070C0C 
.text           C:\Windows\system32\SearchIndexer.exe[2864] ADVAPI32.dll!ChangeServiceConfig2W                                                                 777A3B81 5 Bytes  JMP 00070E10 
.text           C:\Windows\system32\SearchIndexer.exe[2864] ADVAPI32.dll!CreateServiceA                                                                        777A3C41 5 Bytes  JMP 000701F8 
.text           C:\Windows\system32\SearchIndexer.exe[2864] USER32.dll!UnhookWindowsHookEx                                                                     77507CE7 5 Bytes  JMP 00080A08 
.text           C:\Windows\system32\SearchIndexer.exe[2864] USER32.dll!SetWindowsHookExA                                                                       7750891A 5 Bytes  JMP 00080600 
.text           C:\Windows\system32\SearchIndexer.exe[2864] USER32.dll!SetWindowsHookExW                                                                       7750913D 5 Bytes  JMP 00080804 
.text           C:\Windows\system32\SearchIndexer.exe[2864] USER32.dll!UnhookWinEvent                                                                          77512C03 5 Bytes  JMP 000803FC 
.text           C:\Windows\system32\SearchIndexer.exe[2864] USER32.dll!SetWinEventHook                                                                         77519BFD 5 Bytes  JMP 000801F8 
.text           C:\Windows\system32\taskeng.exe[2972] ntdll.dll!LdrLoadDll                                                                                     775CEB00 5 Bytes  JMP 000501F8 
.text           C:\Windows\system32\taskeng.exe[2972] ntdll.dll!LdrUnloadDll                                                                                   775DBF0A 5 Bytes  JMP 000503FC 
.text           C:\Windows\system32\taskeng.exe[2972] kernel32.dll!GetBinaryTypeW + 70                                                                         76E8714D 1 Byte  [62]
.text           C:\Windows\system32\taskeng.exe[2972] ADVAPI32.dll!CreateServiceW                                                                              77768686 5 Bytes  JMP 000703FC 
.text           C:\Windows\system32\taskeng.exe[2972] ADVAPI32.dll!DeleteService                                                                               77768788 5 Bytes  JMP 00070600 
.text           C:\Windows\system32\taskeng.exe[2972] ADVAPI32.dll!ChangeServiceConfigW                                                                        7776A26A 5 Bytes  JMP 00070A08 
.text           C:\Windows\system32\taskeng.exe[2972] ADVAPI32.dll!SetServiceObjectSecurity                                                                    777A3791 5 Bytes  JMP 00071014 
.text           C:\Windows\system32\taskeng.exe[2972] ADVAPI32.dll!ChangeServiceConfigA                                                                        777A3891 5 Bytes  JMP 00070804 
.text           C:\Windows\system32\taskeng.exe[2972] ADVAPI32.dll!ChangeServiceConfig2A                                                                       777A3A39 5 Bytes  JMP 00070C0C 
.text           C:\Windows\system32\taskeng.exe[2972] ADVAPI32.dll!ChangeServiceConfig2W                                                                       777A3B81 5 Bytes  JMP 00070E10 
.text           C:\Windows\system32\taskeng.exe[2972] ADVAPI32.dll!CreateServiceA                                                                              777A3C41 5 Bytes  JMP 000701F8 
.text           C:\Windows\system32\taskeng.exe[2972] USER32.dll!UnhookWindowsHookEx                                                                           77507CE7 5 Bytes  JMP 00080A08 
.text           C:\Windows\system32\taskeng.exe[2972] USER32.dll!SetWindowsHookExA                                                                             7750891A 5 Bytes  JMP 00080600 
.text           C:\Windows\system32\taskeng.exe[2972] USER32.dll!SetWindowsHookExW                                                                             7750913D 5 Bytes  JMP 00080804 
.text           C:\Windows\system32\taskeng.exe[2972] USER32.dll!UnhookWinEvent                                                                                77512C03 5 Bytes  JMP 000803FC 
.text           C:\Windows\system32\taskeng.exe[2972] USER32.dll!SetWinEventHook                                                                               77519BFD 5 Bytes  JMP 000801F8 
.text           C:\Windows\system32\Dwm.exe[2976] ntdll.dll!LdrLoadDll                                                                                         775CEB00 5 Bytes  JMP 000501F8 
.text           C:\Windows\system32\Dwm.exe[2976] ntdll.dll!LdrUnloadDll                                                                                       775DBF0A 5 Bytes  JMP 000503FC 
.text           C:\Windows\system32\Dwm.exe[2976] kernel32.dll!GetBinaryTypeW + 70                                                                             76E8714D 1 Byte  [62]
.text           C:\Windows\system32\Dwm.exe[2976] ADVAPI32.dll!CreateServiceW                                                                                  77768686 5 Bytes  JMP 000703FC 
.text           C:\Windows\system32\Dwm.exe[2976] ADVAPI32.dll!DeleteService                                                                                   77768788 5 Bytes  JMP 00070600 
.text           C:\Windows\system32\Dwm.exe[2976] ADVAPI32.dll!ChangeServiceConfigW                                                                            7776A26A 5 Bytes  JMP 00070A08 
.text           C:\Windows\system32\Dwm.exe[2976] ADVAPI32.dll!SetServiceObjectSecurity                                                                        777A3791 5 Bytes  JMP 00071014 
.text           C:\Windows\system32\Dwm.exe[2976] ADVAPI32.dll!ChangeServiceConfigA                                                                            777A3891 5 Bytes  JMP 00070804 
.text           C:\Windows\system32\Dwm.exe[2976] ADVAPI32.dll!ChangeServiceConfig2A                                                                           777A3A39 5 Bytes  JMP 00070C0C 
.text           C:\Windows\system32\Dwm.exe[2976] ADVAPI32.dll!ChangeServiceConfig2W                                                                           777A3B81 5 Bytes  JMP 00070E10 
.text           C:\Windows\system32\Dwm.exe[2976] ADVAPI32.dll!CreateServiceA                                                                                  777A3C41 5 Bytes  JMP 000701F8 
.text           C:\Windows\system32\Dwm.exe[2976] USER32.dll!UnhookWindowsHookEx                                                                               77507CE7 5 Bytes  JMP 00080A08 
.text           C:\Windows\system32\Dwm.exe[2976] USER32.dll!SetWindowsHookExA                                                                                 7750891A 5 Bytes  JMP 00080600 
.text           C:\Windows\system32\Dwm.exe[2976] USER32.dll!SetWindowsHookExW                                                                                 7750913D 5 Bytes  JMP 00080804 
.text           C:\Windows\system32\Dwm.exe[2976] USER32.dll!UnhookWinEvent                                                                                    77512C03 5 Bytes  JMP 000803FC 
.text           C:\Windows\system32\Dwm.exe[2976] USER32.dll!SetWinEventHook                                                                                   77519BFD 5 Bytes  JMP 000801F8 
.text           C:\Program Files\DivX\DivX Update\DivXUpdate.exe[2984] ntdll.dll!LdrLoadDll                                                                    775CEB00 5 Bytes  JMP 001601F8 
.text           C:\Program Files\DivX\DivX Update\DivXUpdate.exe[2984] ntdll.dll!LdrUnloadDll                                                                  775DBF0A 5 Bytes  JMP 001603FC 
.text           C:\Program Files\DivX\DivX Update\DivXUpdate.exe[2984] kernel32.dll!GetBinaryTypeW + 70                                                        76E8714D 1 Byte  [62]
.text           C:\Program Files\DivX\DivX Update\DivXUpdate.exe[2984] USER32.dll!UnhookWindowsHookEx                                                          77507CE7 5 Bytes  JMP 00170A08 
.text           C:\Program Files\DivX\DivX Update\DivXUpdate.exe[2984] USER32.dll!SetWindowsHookExA                                                            7750891A 5 Bytes  JMP 00170600 
.text           C:\Program Files\DivX\DivX Update\DivXUpdate.exe[2984] USER32.dll!SetWindowsHookExW                                                            7750913D 5 Bytes  JMP 00170804 
.text           C:\Program Files\DivX\DivX Update\DivXUpdate.exe[2984] USER32.dll!UnhookWinEvent                                                               77512C03 5 Bytes  JMP 001703FC 
.text           C:\Program Files\DivX\DivX Update\DivXUpdate.exe[2984] USER32.dll!SetWinEventHook                                                              77519BFD 5 Bytes  JMP 001701F8 
.text           C:\Program Files\DivX\DivX Update\DivXUpdate.exe[2984] ADVAPI32.dll!CreateServiceW                                                             77768686 5 Bytes  JMP 001803FC 
.text           C:\Program Files\DivX\DivX Update\DivXUpdate.exe[2984] ADVAPI32.dll!DeleteService                                                              77768788 5 Bytes  JMP 00180600 
.text           C:\Program Files\DivX\DivX Update\DivXUpdate.exe[2984] ADVAPI32.dll!ChangeServiceConfigW                                                       7776A26A 5 Bytes  JMP 00180A08 
.text           C:\Program Files\DivX\DivX Update\DivXUpdate.exe[2984] ADVAPI32.dll!SetServiceObjectSecurity                                                   777A3791 5 Bytes  JMP 00181014 
.text           C:\Program Files\DivX\DivX Update\DivXUpdate.exe[2984] ADVAPI32.dll!ChangeServiceConfigA                                                       777A3891 5 Bytes  JMP 00180804 
.text           C:\Program Files\DivX\DivX Update\DivXUpdate.exe[2984] ADVAPI32.dll!ChangeServiceConfig2A                                                      777A3A39 5 Bytes  JMP 00180C0C 
.text           C:\Program Files\DivX\DivX Update\DivXUpdate.exe[2984] ADVAPI32.dll!ChangeServiceConfig2W                                                      777A3B81 5 Bytes  JMP 00180E10 
.text           C:\Program Files\DivX\DivX Update\DivXUpdate.exe[2984] ADVAPI32.dll!CreateServiceA                                                             777A3C41 5 Bytes  JMP 001801F8 
.text           C:\Windows\Explorer.EXE[2988] ntdll.dll!LdrLoadDll                                                                                             775CEB00 5 Bytes  JMP 000501F8 
.text           C:\Windows\Explorer.EXE[2988] ntdll.dll!LdrUnloadDll                                                                                           775DBF0A 5 Bytes  JMP 000503FC 
.text           C:\Windows\Explorer.EXE[2988] kernel32.dll!GetBinaryTypeW + 70                                                                                 76E8714D 1 Byte  [62]
.text           C:\Windows\Explorer.EXE[2988] ADVAPI32.dll!CreateServiceW                                                                                      77768686 5 Bytes  JMP 000B03FC 
.text           C:\Windows\Explorer.EXE[2988] ADVAPI32.dll!DeleteService                                                                                       77768788 5 Bytes  JMP 000B0600 
.text           C:\Windows\Explorer.EXE[2988] ADVAPI32.dll!ChangeServiceConfigW                                                                                7776A26A 5 Bytes  JMP 000B0A08 
.text           C:\Windows\Explorer.EXE[2988] ADVAPI32.dll!SetServiceObjectSecurity                                                                            777A3791 5 Bytes  JMP 000B1014 
.text           C:\Windows\Explorer.EXE[2988] ADVAPI32.dll!ChangeServiceConfigA                                                                                777A3891 5 Bytes  JMP 000B0804 
.text           C:\Windows\Explorer.EXE[2988] ADVAPI32.dll!ChangeServiceConfig2A                                                                               777A3A39 5 Bytes  JMP 000B0C0C 
.text           C:\Windows\Explorer.EXE[2988] ADVAPI32.dll!ChangeServiceConfig2W                                                                               777A3B81 5 Bytes  JMP 000B0E10 
.text           C:\Windows\Explorer.EXE[2988] ADVAPI32.dll!CreateServiceA                                                                                      777A3C41 5 Bytes  JMP 000B01F8 
.text           C:\Windows\Explorer.EXE[2988] USER32.dll!UnhookWindowsHookEx                                                                                   77507CE7 5 Bytes  JMP 000C0A08 
.text           C:\Windows\Explorer.EXE[2988] USER32.dll!SetWindowsHookExA                                                                                     7750891A 5 Bytes  JMP 000C0600 
.text           C:\Windows\Explorer.EXE[2988] USER32.dll!SetWindowsHookExW                                                                                     7750913D 5 Bytes  JMP 000C0804 
.text           C:\Windows\Explorer.EXE[2988] USER32.dll!UnhookWinEvent                                                                                        77512C03 5 Bytes  JMP 000C03FC 
.text           C:\Windows\Explorer.EXE[2988] USER32.dll!SetWinEventHook                                                                                       77519BFD 5 Bytes  JMP 000C01F8 
.text           C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe[3028] ntdll.dll!LdrLoadDll                                                     775CEB00 5 Bytes  JMP 000501F8 
.text           C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe[3028] ntdll.dll!LdrUnloadDll                                                   775DBF0A 5 Bytes  JMP 000503FC 
.text           C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe[3028] kernel32.dll!GetBinaryTypeW + 70                                         76E8714D 1 Byte  [62]
.text           C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe[3028] USER32.dll!UnhookWindowsHookEx                                           77507CE7 5 Bytes  JMP 00070A08 
.text           C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe[3028] USER32.dll!SetWindowsHookExA                                             7750891A 5 Bytes  JMP 00070600 
.text           C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe[3028] USER32.dll!SetWindowsHookExW                                             7750913D 5 Bytes  JMP 00070804 
.text           C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe[3028] USER32.dll!UnhookWinEvent                                                77512C03 5 Bytes  JMP 000703FC 
.text           C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe[3028] USER32.dll!SetWinEventHook                                               77519BFD 5 Bytes  JMP 000701F8 
.text           C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe[3028] ADVAPI32.dll!CreateServiceW                                              77768686 5 Bytes  JMP 000803FC 
.text           C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe[3028] ADVAPI32.dll!DeleteService                                               77768788 5 Bytes  JMP 00080600 
.text           C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe[3028] ADVAPI32.dll!ChangeServiceConfigW                                        7776A26A 5 Bytes  JMP 00080A08 
.text           C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe[3028] ADVAPI32.dll!SetServiceObjectSecurity                                    777A3791 5 Bytes  JMP 00081014 
.text           C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe[3028] ADVAPI32.dll!ChangeServiceConfigA                                        777A3891 5 Bytes  JMP 00080804 
.text           C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe[3028] ADVAPI32.dll!ChangeServiceConfig2A                                       777A3A39 5 Bytes  JMP 00080C0C 
.text           C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe[3028] ADVAPI32.dll!ChangeServiceConfig2W                                       777A3B81 5 Bytes  JMP 00080E10 
.text           C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe[3028] ADVAPI32.dll!CreateServiceA                                              777A3C41 5 Bytes  JMP 000801F8 
.text           C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe[3084] ntdll.dll!LdrLoadDll                                                             775CEB00 5 Bytes  JMP 000501F8 
.text           C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe[3084] ntdll.dll!LdrUnloadDll                                                           775DBF0A 5 Bytes  JMP 000503FC 
.text           C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe[3084] kernel32.dll!GetBinaryTypeW + 70                                                 76E8714D 1 Byte  [62]
.text           C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe[3084] ADVAPI32.dll!CreateServiceW                                                      77768686 5 Bytes  JMP 000903FC 
.text           C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe[3084] ADVAPI32.dll!DeleteService                                                       77768788 5 Bytes  JMP 00090600 
.text           C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe[3084] ADVAPI32.dll!ChangeServiceConfigW                                                7776A26A 5 Bytes  JMP 00090A08 
.text           C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe[3084] ADVAPI32.dll!SetServiceObjectSecurity                                            777A3791 5 Bytes  JMP 00091014 
.text           C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe[3084] ADVAPI32.dll!ChangeServiceConfigA                                                777A3891 5 Bytes  JMP 00090804 
.text           C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe[3084] ADVAPI32.dll!ChangeServiceConfig2A                                               777A3A39 5 Bytes  JMP 00090C0C 
.text           C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe[3084] ADVAPI32.dll!ChangeServiceConfig2W                                               777A3B81 5 Bytes  JMP 00090E10 
.text           C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe[3084] ADVAPI32.dll!CreateServiceA                                                      777A3C41 5 Bytes  JMP 000901F8 
.text           C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe[3084] USER32.dll!UnhookWindowsHookEx                                                   77507CE7 5 Bytes  JMP 00A30A08 
.text           C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe[3084] USER32.dll!SetWindowsHookExA                                                     7750891A 5 Bytes  JMP 00A30600 
.text           C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe[3084] USER32.dll!SetWindowsHookExW                                                     7750913D 5 Bytes  JMP 00A30804 
.text           C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe[3084] USER32.dll!UnhookWinEvent                                                        77512C03 5 Bytes  JMP 00A303FC 
.text           C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe[3084] USER32.dll!SetWinEventHook                                                       77519BFD 5 Bytes  JMP 00A301F8 
.text           C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] ntdll.dll!LdrLoadDll                                               775CEB00 5 Bytes  JMP 000701F8 
.text           C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] ntdll.dll!LdrUnloadDll                                             775DBF0A 5 Bytes  JMP 000703FC 
.text           C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] ntdll.dll!NtCreateFile + 6                                         775FF41A 4 Bytes  [28, 00, 06, 00]
.text           C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] ntdll.dll!NtCreateFile + B                                         775FF41F 1 Byte  [E2]
.text           C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] ntdll.dll!NtCreateKey + 6                                          775FF45A 4 Bytes  [68, 01, 06, 00]
.text           C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] ntdll.dll!NtCreateKey + B                                          775FF45F 1 Byte  [E2]
.text           C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] ntdll.dll!NtCreateMutant + 6                                       775FF48A 4 Bytes  [28, 02, 06, 00]
.text           C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] ntdll.dll!NtCreateMutant + B                                       775FF48F 1 Byte  [E2]
.text           C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] ntdll.dll!NtCreateSection + 6                                      775FF50A 4 Bytes  [68, 02, 06, 00]
.text           C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] ntdll.dll!NtCreateSection + B                                      775FF50F 1 Byte  [E2]
.text           C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] ntdll.dll!NtMapViewOfSection + 6                                   775FFB6A 4 Bytes  [A8, 04, 06, 00]
.text           C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] ntdll.dll!NtMapViewOfSection + B                                   775FFB6F 1 Byte  [E2]
.text           C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] ntdll.dll!NtOpenFile + 6                                           775FFBFA 4 Bytes  [68, 00, 06, 00]
.text           C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] ntdll.dll!NtOpenFile + B                                           775FFBFF 1 Byte  [E2]
.text           C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] ntdll.dll!NtOpenKey + 6                                            775FFC2A 4 Bytes  [A8, 01, 06, 00]
.text           C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] ntdll.dll!NtOpenKey + B                                            775FFC2F 1 Byte  [E2]
.text           C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] ntdll.dll!NtOpenMutant + 6                                         775FFC4A 4 Bytes  CALL 76600250 C:\Windows\system32\SHELL32.dll (Allgemeine Windows-Shell-DLL/Microsoft Corporation)
.text           C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] ntdll.dll!NtOpenMutant + B                                         775FFC4F 1 Byte  [E2]
.text           C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] ntdll.dll!NtOpenProcess + 6                                        775FFC7A 1 Byte  [28]
.text           C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] ntdll.dll!NtOpenProcess + 6                                        775FFC7A 4 Bytes  [28, 03, 06, 00]
.text           C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] ntdll.dll!NtOpenProcess + B                                        775FFC7F 1 Byte  [E2]
.text           C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] ntdll.dll!NtOpenProcessToken + 6                                   775FFC8A 1 Byte  [68]
.text           C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] ntdll.dll!NtOpenProcessToken + 6                                   775FFC8A 4 Bytes  [68, 03, 06, 00]
.text           C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] ntdll.dll!NtOpenProcessToken + B                                   775FFC8F 1 Byte  [E2]
.text           C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] ntdll.dll!NtOpenProcessTokenEx + 6                                 775FFC9A 4 Bytes  [28, 04, 06, 00]
.text           C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] ntdll.dll!NtOpenProcessTokenEx + B                                 775FFC9F 1 Byte  [E2]
.text           C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] ntdll.dll!NtOpenSection + 6                                        775FFCAA 4 Bytes  [A8, 02, 06, 00]
.text           C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] ntdll.dll!NtOpenSection + B                                        775FFCAF 1 Byte  [E2]
.text           C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] ntdll.dll!NtOpenThread + 6                                         775FFCEA 4 Bytes  CALL 766002F1 C:\Windows\system32\SHELL32.dll (Allgemeine Windows-Shell-DLL/Microsoft Corporation)
.text           C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] ntdll.dll!NtOpenThread + B                                         775FFCEF 1 Byte  [E2]
.text           C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] ntdll.dll!NtOpenThreadToken + 6                                    775FFCFA 1 Byte  [E8]
.text           C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] ntdll.dll!NtOpenThreadToken + 6                                    775FFCFA 4 Bytes  CALL 76600302 C:\Windows\system32\SHELL32.dll (Allgemeine Windows-Shell-DLL/Microsoft Corporation)
.text           C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] ntdll.dll!NtOpenThreadToken + B                                    775FFCFF 1 Byte  [E2]
.text           C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] ntdll.dll!NtOpenThreadTokenEx + 6                                  775FFD0A 4 Bytes  [68, 04, 06, 00]
.text           C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] ntdll.dll!NtOpenThreadTokenEx + B                                  775FFD0F 1 Byte  [E2]
.text           C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] ntdll.dll!NtQueryAttributesFile + 6                                775FFD9A 4 Bytes  [A8, 00, 06, 00]
.text           C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] ntdll.dll!NtQueryAttributesFile + B                                775FFD9F 1 Byte  [E2]
.text           C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] ntdll.dll!NtQueryFullAttributesFile + 6                            775FFE4A 4 Bytes  CALL 7660044F C:\Windows\system32\SHELL32.dll (Allgemeine Windows-Shell-DLL/Microsoft Corporation)
.text           C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] ntdll.dll!NtQueryFullAttributesFile + B                            775FFE4F 1 Byte  [E2]
.text           C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] ntdll.dll!NtSetInformationFile + 6                                 7760036A 4 Bytes  [28, 01, 06, 00]
.text           C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] ntdll.dll!NtSetInformationFile + B                                 7760036F 1 Byte  [E2]
.text           C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] ntdll.dll!NtSetInformationThread + 6                               776003BA 1 Byte  [A8]
.text           C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] ntdll.dll!NtSetInformationThread + 6                               776003BA 4 Bytes  [A8, 03, 06, 00]
.text           C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] ntdll.dll!NtSetInformationThread + B                               776003BF 1 Byte  [E2]
.text           C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] ntdll.dll!NtUnmapViewOfSection + 6                                 7760065A 4 Bytes  CALL 76600C63 C:\Windows\system32\SHELL32.dll (Allgemeine Windows-Shell-DLL/Microsoft Corporation)
.text           C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] ntdll.dll!NtUnmapViewOfSection + B                                 7760065F 1 Byte  [E2]
.text           C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] kernel32.dll!CreateProcessW                                        76E61D27 5 Bytes  JMP 000100B0 
.text           C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] kernel32.dll!CreateProcessA                                        76E61D5C 5 Bytes  JMP 000100F0 
.text           C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] kernel32.dll!OpenEventW                                            76E84CB8 5 Bytes  JMP 00010070 
.text           C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] kernel32.dll!GetBinaryTypeW + 70                                   76E8714D 1 Byte  [62]
.text           C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] kernel32.dll!CreateEventW                                          76E89146 5 Bytes  JMP 00010030 
.text           C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] GDI32.dll!DeleteObject                                             76FD5A1F 5 Bytes  JMP 001A01B0 
.text           C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] GDI32.dll!GetDeviceCaps                                            76FD5EA6 5 Bytes  JMP 001A03B0 
.text           C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] GDI32.dll!SelectObject                                             76FD5FC0 5 Bytes  JMP 001A05F0 
.text           C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] GDI32.dll!SetBkMode                                                76FD6390 5 Bytes  JMP 001A08F0 
.text           C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] GDI32.dll!SetTextColor                                             76FD64BF 5 Bytes  JMP 001A0A30 
.text           C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] GDI32.dll!SetStretchBltMode                                        76FD6624 5 Bytes  JMP 001A06B0 
.text           C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] GDI32.dll!DeleteDC                                                 76FD69A5 5 Bytes  JMP 001A0170 
.text           C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] GDI32.dll!StretchDIBits                                            76FD6F0F 5 Bytes  JMP 001A0770 
.text           C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] GDI32.dll!GetTextMetricsW                                          76FD720B 5 Bytes  JMP 001A0E30 
.text           C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] GDI32.dll!GetCurrentObject                                         76FD7419 5 Bytes  JMP 001A0370 
.text           C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] GDI32.dll!RestoreDC                                                76FD74AA 5 Bytes  JMP 001A0530 
.text           C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] GDI32.dll!SaveDC                                                   76FD7557 5 Bytes  JMP 001A0570 
.text           C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] GDI32.dll!GetTextAlign                                             76FD7A93 5 Bytes  JMP 001A0D70 
.text           C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] GDI32.dll!ExtSelectClipRgn                                         76FD7AE2 5 Bytes  JMP 001A02F0 
.text           C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] GDI32.dll!SelectClipRgn                                            76FD7BED 5 Bytes  JMP 001A05B0 
.text           C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] GDI32.dll!SetTextAlign                                             76FD7E09 5 Bytes  JMP 001A09F0 
.text           C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] GDI32.dll!IntersectClipRect                                        76FD82B4 5 Bytes  JMP 001A03F0 
.text           C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] GDI32.dll!SetICMMode                                               76FD88BB 5 Bytes  JMP 001A0DB0 
.text           C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] GDI32.dll!ExtTextOutW                                              76FD89EC 5 Bytes  JMP 001A0970
         

Alt 25.09.2012, 23:26   #25
dibbel91
 
Avast blockiert URL bei Google Chrome - Standard

Avast blockiert URL bei Google Chrome



Teil2:

Code:
ATTFilter
 .text           C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] GDI32.dll!MoveToEx                                                 76FD8E09 5 Bytes  JMP 001A0470 
.text           C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] GDI32.dll!Rectangle                                                76FD90CA 5 Bytes  JMP 001A09B0 
.text           C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] GDI32.dll!GetClipBox                                               76FD989D 5 Bytes  JMP 001A0330 
.text           C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] GDI32.dll!GetTextFaceW                                             76FDA788 5 Bytes  JMP 001A0D30 
.text           C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] GDI32.dll!GetTextExtentPoint32W                                    76FDABB5 5 Bytes  JMP 001A0670 
.text           C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] GDI32.dll!CreateDCA                                                76FDBCD9 5 Bytes  JMP 001A00B0 
.text           C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] GDI32.dll!CreateDCW                                                76FDBE99 5 Bytes  JMP 001A00F0 
.text           C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] GDI32.dll!CreateICW                                                76FDBEDD 5 Bytes  JMP 001A0130 
.text           C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] GDI32.dll!GetFontData                                              76FDC6E3 5 Bytes  JMP 001A0C70 
.text           C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] GDI32.dll!SetWorldTransform                                        76FDCC0A 5 Bytes  JMP 001A06F0 
.text           C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] GDI32.dll!GetTextMetricsA                                          76FDD201 5 Bytes  JMP 001A0DF0 
.text           C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] GDI32.dll!LineTo                                                   76FE0984 5 Bytes  JMP 001A0430 
.text           C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] GDI32.dll!ExtTextOutA                                              76FE10E8 5 Bytes  JMP 001A0930 
.text           C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] GDI32.dll!GetTextExtentPoint32A                                    76FE11A7 5 Bytes  JMP 001A0630 
.text           C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] GDI32.dll!ExtEscape                                                76FE544B 5 Bytes  JMP 001A02B0 
.text           C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] GDI32.dll!EndPage                                                  76FE70FC 5 Bytes  JMP 001A0230 
.text           C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] GDI32.dll!SetMiterLimit                                            76FE98D2 5 Bytes  JMP 001A0B70 
.text           C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] GDI32.dll!ResetDCW                                                 76FEF929 5 Bytes  JMP 001A0AB0 
.text           C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] GDI32.dll!GetTextFaceA                                             76FEFE74 5 Bytes  JMP 001A0CF0 
.text           C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] GDI32.dll!SetPolyFillMode                                          76FEFF50 5 Bytes  JMP 001A0B30 
.text           C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] GDI32.dll!GetGlyphOutlineW                                         76FEFFEF 5 Bytes  JMP 001A0CB0 
.text           C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] GDI32.dll!Escape                                                   76FF0181 5 Bytes  JMP 001A0270 
.text           C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] GDI32.dll!CreateScalableFontResourceW                              76FFD8CD 5 Bytes  JMP 001A0BB0 
.text           C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] GDI32.dll!AddFontResourceW                                         76FFDB8E 5 Bytes  JMP 001A0BF0 
.text           C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] GDI32.dll!RemoveFontResourceW                                      76FFDE3B 5 Bytes  JMP 001A0C30 
.text           C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] GDI32.dll!AbortDoc                                                 77002F0C 5 Bytes  JMP 001A0030 
.text           C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] GDI32.dll!EndDoc                                                   7700325D 5 Bytes  JMP 001A01F0 
.text           C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] GDI32.dll!StartPage                                                77003348 5 Bytes  JMP 001A0730 
.text           C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] GDI32.dll!StartDocW                                                77003DBB 5 Bytes  JMP 001A07F0 
.text           C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] GDI32.dll!BeginPath                                                77004575 5 Bytes  JMP 001A0830 
.text           C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] GDI32.dll!SelectClipPath                                           770045CC 5 Bytes  JMP 001A0AF0 
.text           C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] GDI32.dll!CloseFigure                                              77004627 5 Bytes  JMP 001A0070 
.text           C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] GDI32.dll!EndPath                                                  7700467E 5 Bytes  JMP 001A0A70 
.text           C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] GDI32.dll!StrokePath                                               770048B0 5 Bytes  JMP 001A07B0 
.text           C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] GDI32.dll!FillPath                                                 7700493C 5 Bytes  JMP 001A0870 
.text           C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] GDI32.dll!PolylineTo                                               77004DA5 5 Bytes  JMP 001A04F0 
.text           C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] GDI32.dll!PolyBezierTo                                             77004E35 5 Bytes  JMP 001A04B0 
.text           C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] GDI32.dll!PolyDraw                                                 77004EE6 5 Bytes  JMP 001A08B0 
.text           C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] USER32.dll!GetTopWindow                                            77507BC1 7 Bytes  JMP 001B0730 
.text           C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] USER32.dll!UnhookWindowsHookEx                                     77507CE7 5 Bytes  JMP 00320A08 
.text           C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] USER32.dll!SetWindowsHookExA                                       7750891A 5 Bytes  JMP 00320600 
.text           C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] USER32.dll!SetWindowsHookExW                                       7750913D 5 Bytes  JMP 00320804 
.text           C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] USER32.dll!CountClipboardFormats                                   7750BEAE 5 Bytes  JMP 001B01F0 
.text           C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] USER32.dll!RegisterClipboardFormatW                                7750F811 5 Bytes  JMP 001B02B0 
.text           C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] USER32.dll!UnhookWinEvent                                          77512C03 5 Bytes  JMP 003203FC 
.text           C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] USER32.dll!SetWinEventHook                                         77519BFD 5 Bytes  JMP 003201F8 
.text           C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] USER32.dll!ActivateKeyboardLayout                                  7751A98F 5 Bytes  JMP 001B04F0 
.text           C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] USER32.dll!RegisterClipboardFormatA                                7751AE53 5 Bytes  JMP 001B02F0 
.text           C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] USER32.dll!GetClipboardFormatNameA                                 7751B156 5 Bytes  JMP 001B0270 
.text           C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] USER32.dll!GetClientRect                                           7751B326 7 Bytes  JMP 001B05B0 
.text           C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] USER32.dll!MonitorFromWindow                                       7751B488 7 Bytes  JMP 001B0630 
.text           C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] USER32.dll!ScreenToClient                                          7751C168 7 Bytes  JMP 001B0670 
.text           C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] USER32.dll!GetParent                                               77522E21 7 Bytes  JMP 001B06F0 
.text           C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] USER32.dll!IsWindowVisible                                         775233B9 7 Bytes  JMP 001B06B0 
.text           C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] USER32.dll!MapWindowPoints                                         77523440 5 Bytes  JMP 001B0570 
.text           C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] USER32.dll!SetCursor                                               7752379D 5 Bytes  JMP 001B0530 
.text           C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] USER32.dll!PostMessageW                                            775238A5 5 Bytes  JMP 001B05F0 
.text           C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] USER32.dll!SetCursorPos                                            77524E53 5 Bytes  JMP 001B0770 
.text           C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] USER32.dll!GetClipboardViewer                                      77524EC8 5 Bytes  JMP 001B0470 
.text           C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] USER32.dll!GetClipboardData                                        77525812 5 Bytes  JMP 001B0030 
.text           C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] USER32.dll!EmptyClipboard                                          7752592E 5 Bytes  JMP 001B0130 
.text           C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] USER32.dll!EnumClipboardFormats                                    77525940 5 Bytes  JMP 001B01B0 
.text           C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] USER32.dll!SetClipboardViewer                                      77531C5F 5 Bytes  JMP 001B04B0 
.text           C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] USER32.dll!GetOpenClipboardWindow                                  77531C7A 5 Bytes  JMP 001B03F0 
.text           C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] USER32.dll!ChangeClipboardChain                                    7753BA32 5 Bytes  JMP 001B0430 
.text           C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] USER32.dll!CloseClipboard                                          7753C9AD 5 Bytes  JMP 001B00B0 
.text           C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] USER32.dll!OpenClipboard                                           7753C9BF 5 Bytes  JMP 001B0070 
.text           C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] USER32.dll!IsClipboardFormatAvailable                              7753CA40 5 Bytes  JMP 001B00F0 
.text           C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] USER32.dll!GetClipboardSequenceNumber                              7753CA54 5 Bytes  JMP 001B0330 
.text           C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] USER32.dll!GetClipboardOwner                                       7753CA86 5 Bytes  JMP 001B0370 
.text           C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] USER32.dll!SetClipboardData                                        7755111B 5 Bytes  JMP 001B0170 
.text           C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] USER32.dll!GetClipboardFormatNameW                                 775546BF 5 Bytes  JMP 001B0230 
.text           C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] USER32.dll!GetPriorityClipboardFormat                              77565537 5 Bytes  JMP 001B03B0 
.text           C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] ADVAPI32.dll!CreateServiceW                                        77768686 5 Bytes  JMP 003403FC 
.text           C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] ADVAPI32.dll!DeleteService                                         77768788 5 Bytes  JMP 00340600 
.text           C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] ADVAPI32.dll!ChangeServiceConfigW                                  7776A26A 5 Bytes  JMP 00340A08 
.text           C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] ADVAPI32.dll!SetServiceObjectSecurity                              777A3791 5 Bytes  JMP 00341014 
.text           C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] ADVAPI32.dll!ChangeServiceConfigA                                  777A3891 5 Bytes  JMP 00340804 
.text           C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] ADVAPI32.dll!ChangeServiceConfig2A                                 777A3A39 5 Bytes  JMP 00340C0C 
.text           C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] ADVAPI32.dll!ChangeServiceConfig2W                                 777A3B81 5 Bytes  JMP 00340E10 
.text           C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] ADVAPI32.dll!CreateServiceA                                        777A3C41 5 Bytes  JMP 003401F8 
.text           C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] ole32.dll!OleGetClipboard                                          7742BDDE 5 Bytes  JMP 001C00B0 
.text           C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] ole32.dll!OleSetClipboard                                          77451060 5 Bytes  JMP 001C0030 
.text           C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] ole32.dll!OleIsCurrentClipboard                                    7745B1A5 5 Bytes  JMP 001C0070 
.text           C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] Secur32.dll!FreeContextBuffer                                      75B2243F 5 Bytes  JMP 001E00F0 
.text           C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] Secur32.dll!DeleteSecurityContext                                  75B225C7 5 Bytes  JMP 001E0270 
.text           C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] Secur32.dll!FreeCredentialsHandle                                  75B22AD9 5 Bytes  JMP 001E0130 
.text           C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] Secur32.dll!QueryContextAttributesA                                75B261FF 5 Bytes  JMP 001E0070 
.text           C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] Secur32.dll!InitializeSecurityContextA                             75B26282 5 Bytes  JMP 001E0170 
.text           C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] Secur32.dll!AcquireCredentialsHandleA                              75B263CE 5 Bytes  JMP 001E0030 
.text           C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] Secur32.dll!EncryptMessage                                         75B28A63 5 Bytes  JMP 001E01F0 
.text           C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] Secur32.dll!DecryptMessage                                         75B28B31 5 Bytes  JMP 001E0230 
.text           C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] Secur32.dll!ApplyControlToken                                      75B2DE58 5 Bytes  JMP 001E01B0 
.text           C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] Secur32.dll!QueryCredentialsAttributesA                            75B2DFD3 5 Bytes  JMP 001E00B0 
.text           C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3300] ntdll.dll!LdrLoadDll                                               775CEB00 5 Bytes  JMP 000501F8 
.text           C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3300] ntdll.dll!LdrUnloadDll                                             775DBF0A 5 Bytes  JMP 000503FC 
.text           C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3300] kernel32.dll!GetBinaryTypeW + 70                                   76E8714D 1 Byte  [62]
.text           C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3300] USER32.dll!UnhookWindowsHookEx                                     77507CE7 5 Bytes  JMP 00070A08 
.text           C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3300] USER32.dll!SetWindowsHookExA                                       7750891A 5 Bytes  JMP 00070600 
.text           C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3300] USER32.dll!SetWindowsHookExW                                       7750913D 5 Bytes  JMP 00070804 
.text           C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3300] USER32.dll!UnhookWinEvent                                          77512C03 5 Bytes  JMP 000703FC 
.text           C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3300] USER32.dll!SetWinEventHook                                         77519BFD 5 Bytes  JMP 000701F8 
.text           C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3300] ADVAPI32.dll!CreateServiceW                                        77768686 5 Bytes  JMP 000803FC 
.text           C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3300] ADVAPI32.dll!DeleteService                                         77768788 5 Bytes  JMP 00080600 
.text           C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3300] ADVAPI32.dll!ChangeServiceConfigW                                  7776A26A 5 Bytes  JMP 00080A08 
.text           C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3300] ADVAPI32.dll!SetServiceObjectSecurity                              777A3791 5 Bytes  JMP 00081014 
.text           C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3300] ADVAPI32.dll!ChangeServiceConfigA                                  777A3891 5 Bytes  JMP 00080804 
.text           C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3300] ADVAPI32.dll!ChangeServiceConfig2A                                 777A3A39 5 Bytes  JMP 00080C0C 
.text           C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3300] ADVAPI32.dll!ChangeServiceConfig2W                                 777A3B81 5 Bytes  JMP 00080E10 
.text           C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3300] ADVAPI32.dll!CreateServiceA                                        777A3C41 5 Bytes  JMP 000801F8 
.text           C:\Windows\system32\taskeng.exe[3324] ntdll.dll!LdrLoadDll                                                                                     775CEB00 5 Bytes  JMP 000501F8 
.text           C:\Windows\system32\taskeng.exe[3324] ntdll.dll!LdrUnloadDll                                                                                   775DBF0A 5 Bytes  JMP 000503FC 
.text           C:\Windows\system32\taskeng.exe[3324] kernel32.dll!GetBinaryTypeW + 70                                                                         76E8714D 1 Byte  [62]
.text           C:\Windows\system32\taskeng.exe[3324] ADVAPI32.dll!CreateServiceW                                                                              77768686 5 Bytes  JMP 000B03FC 
.text           C:\Windows\system32\taskeng.exe[3324] ADVAPI32.dll!DeleteService                                                                               77768788 5 Bytes  JMP 000B0600 
.text           C:\Windows\system32\taskeng.exe[3324] ADVAPI32.dll!ChangeServiceConfigW                                                                        7776A26A 5 Bytes  JMP 000B0A08 
.text           C:\Windows\system32\taskeng.exe[3324] ADVAPI32.dll!SetServiceObjectSecurity                                                                    777A3791 5 Bytes  JMP 000B1014 
.text           C:\Windows\system32\taskeng.exe[3324] ADVAPI32.dll!ChangeServiceConfigA                                                                        777A3891 5 Bytes  JMP 000B0804 
.text           C:\Windows\system32\taskeng.exe[3324] ADVAPI32.dll!ChangeServiceConfig2A                                                                       777A3A39 5 Bytes  JMP 000B0C0C 
.text           C:\Windows\system32\taskeng.exe[3324] ADVAPI32.dll!ChangeServiceConfig2W                                                                       777A3B81 5 Bytes  JMP 000B0E10 
.text           C:\Windows\system32\taskeng.exe[3324] ADVAPI32.dll!CreateServiceA                                                                              777A3C41 5 Bytes  JMP 000B01F8 
.text           C:\Windows\system32\taskeng.exe[3324] USER32.dll!UnhookWindowsHookEx                                                                           77507CE7 5 Bytes  JMP 000C0A08 
.text           C:\Windows\system32\taskeng.exe[3324] USER32.dll!SetWindowsHookExA                                                                             7750891A 5 Bytes  JMP 000C0600 
.text           C:\Windows\system32\taskeng.exe[3324] USER32.dll!SetWindowsHookExW                                                                             7750913D 5 Bytes  JMP 000C0804 
.text           C:\Windows\system32\taskeng.exe[3324] USER32.dll!UnhookWinEvent                                                                                77512C03 5 Bytes  JMP 000C03FC 
.text           C:\Windows\system32\taskeng.exe[3324] USER32.dll!SetWinEventHook                                                                               77519BFD 5 Bytes  JMP 000C01F8 
.text           C:\Windows\ehome\ehmsas.exe[3380] ntdll.dll!LdrLoadDll                                                                                         775CEB00 5 Bytes  JMP 000401F8 
.text           C:\Windows\ehome\ehmsas.exe[3380] ntdll.dll!LdrUnloadDll                                                                                       775DBF0A 5 Bytes  JMP 000403FC 
.text           C:\Windows\ehome\ehmsas.exe[3380] kernel32.dll!GetBinaryTypeW + 70                                                                             76E8714D 1 Byte  [62]
.text           C:\Windows\ehome\ehmsas.exe[3380] ADVAPI32.dll!CreateServiceW                                                                                  77768686 5 Bytes  JMP 000603FC 
.text           C:\Windows\ehome\ehmsas.exe[3380] ADVAPI32.dll!DeleteService                                                                                   77768788 5 Bytes  JMP 00060600 
.text           C:\Windows\ehome\ehmsas.exe[3380] ADVAPI32.dll!ChangeServiceConfigW                                                                            7776A26A 5 Bytes  JMP 00060A08 
.text           C:\Windows\ehome\ehmsas.exe[3380] ADVAPI32.dll!SetServiceObjectSecurity                                                                        777A3791 5 Bytes  JMP 00061014 
.text           C:\Windows\ehome\ehmsas.exe[3380] ADVAPI32.dll!ChangeServiceConfigA                                                                            777A3891 5 Bytes  JMP 00060804 
.text           C:\Windows\ehome\ehmsas.exe[3380] ADVAPI32.dll!ChangeServiceConfig2A                                                                           777A3A39 5 Bytes  JMP 00060C0C 
.text           C:\Windows\ehome\ehmsas.exe[3380] ADVAPI32.dll!ChangeServiceConfig2W                                                                           777A3B81 5 Bytes  JMP 00060E10 
.text           C:\Windows\ehome\ehmsas.exe[3380] ADVAPI32.dll!CreateServiceA                                                                                  777A3C41 5 Bytes  JMP 000601F8 
.text           C:\Windows\ehome\ehmsas.exe[3380] USER32.dll!UnhookWindowsHookEx                                                                               77507CE7 5 Bytes  JMP 00070A08 
.text           C:\Windows\ehome\ehmsas.exe[3380] USER32.dll!SetWindowsHookExA                                                                                 7750891A 5 Bytes  JMP 00070600 
.text           C:\Windows\ehome\ehmsas.exe[3380] USER32.dll!SetWindowsHookExW                                                                                 7750913D 5 Bytes  JMP 00070804 
.text           C:\Windows\ehome\ehmsas.exe[3380] USER32.dll!UnhookWinEvent                                                                                    77512C03 5 Bytes  JMP 000703FC 
.text           C:\Windows\ehome\ehmsas.exe[3380] USER32.dll!SetWinEventHook                                                                                   77519BFD 5 Bytes  JMP 000701F8 
.text           C:\Program Files\Mozilla Firefox\plugin-container.exe[3404] ntdll.dll!LdrLoadDll                                                               775CEB00 5 Bytes  JMP 000501F8 
.text           C:\Program Files\Mozilla Firefox\plugin-container.exe[3404] ntdll.dll!LdrUnloadDll                                                             775DBF0A 5 Bytes  JMP 000503FC 
.text           C:\Program Files\Mozilla Firefox\plugin-container.exe[3404] kernel32.dll!GetBinaryTypeW + 70                                                   76E8714D 1 Byte  [62]
.text           C:\Program Files\Mozilla Firefox\plugin-container.exe[3404] ADVAPI32.dll!CreateServiceW                                                        77768686 5 Bytes  JMP 000703FC 
.text           C:\Program Files\Mozilla Firefox\plugin-container.exe[3404] ADVAPI32.dll!DeleteService                                                         77768788 5 Bytes  JMP 00070600 
.text           C:\Program Files\Mozilla Firefox\plugin-container.exe[3404] ADVAPI32.dll!ChangeServiceConfigW                                                  7776A26A 5 Bytes  JMP 00070A08 
.text           C:\Program Files\Mozilla Firefox\plugin-container.exe[3404] ADVAPI32.dll!SetServiceObjectSecurity                                              777A3791 5 Bytes  JMP 00071014 
.text           C:\Program Files\Mozilla Firefox\plugin-container.exe[3404] ADVAPI32.dll!ChangeServiceConfigA                                                  777A3891 5 Bytes  JMP 00070804 
.text           C:\Program Files\Mozilla Firefox\plugin-container.exe[3404] ADVAPI32.dll!ChangeServiceConfig2A                                                 777A3A39 5 Bytes  JMP 00070C0C 
.text           C:\Program Files\Mozilla Firefox\plugin-container.exe[3404] ADVAPI32.dll!ChangeServiceConfig2W                                                 777A3B81 5 Bytes  JMP 00070E10 
.text           C:\Program Files\Mozilla Firefox\plugin-container.exe[3404] ADVAPI32.dll!CreateServiceA                                                        777A3C41 5 Bytes  JMP 000701F8 
.text           C:\Program Files\Mozilla Firefox\plugin-container.exe[3404] USER32.dll!UnhookWindowsHookEx                                                     77507CE7 5 Bytes  JMP 00080A08 
.text           C:\Program Files\Mozilla Firefox\plugin-container.exe[3404] USER32.dll!SetWindowsHookExA                                                       7750891A 5 Bytes  JMP 00080600 
.text           C:\Program Files\Mozilla Firefox\plugin-container.exe[3404] USER32.dll!SetWindowsHookExW                                                       7750913D 5 Bytes  JMP 00080804 
.text           C:\Program Files\Mozilla Firefox\plugin-container.exe[3404] USER32.dll!PaintMonitor + 94                                                       7750B20C 7 Bytes  JMP 6784DF63 C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation)
.text           C:\Program Files\Mozilla Firefox\plugin-container.exe[3404] USER32.dll!GetWindowInfo                                                           7751006A 5 Bytes  JMP 67694536 C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation)
.text           C:\Program Files\Mozilla Firefox\plugin-container.exe[3404] USER32.dll!UnhookWinEvent                                                          77512C03 5 Bytes  JMP 000803FC 
.text           C:\Program Files\Mozilla Firefox\plugin-container.exe[3404] USER32.dll!SetWinEventHook                                                         77519BFD 5 Bytes  JMP 000801F8 
.text           C:\Program Files\Mozilla Firefox\plugin-container.exe[3404] USER32.dll!DefWindowProcW + 6B5                                                    775223D5 7 Bytes  JMP 6784DEF2 C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation)
.text           C:\Program Files\Mozilla Firefox\plugin-container.exe[3404] USER32.dll!SetMenuItemBitmaps + 3E                                                 7752CF6B 7 Bytes  JMP 67694B35 C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation)
.text           C:\Users\Possehl\AppData\Local\Facebook\Update\FacebookUpdate.exe[3540] ntdll.dll!LdrLoadDll                                                   775CEB00 5 Bytes  JMP 001601F8 
.text           C:\Users\Possehl\AppData\Local\Facebook\Update\FacebookUpdate.exe[3540] ntdll.dll!LdrUnloadDll                                                 775DBF0A 5 Bytes  JMP 001603FC 
.text           C:\Users\Possehl\AppData\Local\Facebook\Update\FacebookUpdate.exe[3540] kernel32.dll!GetBinaryTypeW + 70                                       76E8714D 1 Byte  [62]
.text           C:\Users\Possehl\AppData\Local\Facebook\Update\FacebookUpdate.exe[3540] ADVAPI32.dll!CreateServiceW                                            77768686 5 Bytes  JMP 001703FC 
.text           C:\Users\Possehl\AppData\Local\Facebook\Update\FacebookUpdate.exe[3540] ADVAPI32.dll!DeleteService                                             77768788 5 Bytes  JMP 00170600 
.text           C:\Users\Possehl\AppData\Local\Facebook\Update\FacebookUpdate.exe[3540] ADVAPI32.dll!ChangeServiceConfigW                                      7776A26A 5 Bytes  JMP 00170A08 
.text           C:\Users\Possehl\AppData\Local\Facebook\Update\FacebookUpdate.exe[3540] ADVAPI32.dll!SetServiceObjectSecurity                                  777A3791 5 Bytes  JMP 00171014 
.text           C:\Users\Possehl\AppData\Local\Facebook\Update\FacebookUpdate.exe[3540] ADVAPI32.dll!ChangeServiceConfigA                                      777A3891 5 Bytes  JMP 00170804 
.text           C:\Users\Possehl\AppData\Local\Facebook\Update\FacebookUpdate.exe[3540] ADVAPI32.dll!ChangeServiceConfig2A                                     777A3A39 5 Bytes  JMP 00170C0C 
.text           C:\Users\Possehl\AppData\Local\Facebook\Update\FacebookUpdate.exe[3540] ADVAPI32.dll!ChangeServiceConfig2W                                     777A3B81 5 Bytes  JMP 00170E10 
.text           C:\Users\Possehl\AppData\Local\Facebook\Update\FacebookUpdate.exe[3540] ADVAPI32.dll!CreateServiceA                                            777A3C41 5 Bytes  JMP 001701F8 
.text           C:\Users\Possehl\AppData\Local\Facebook\Update\FacebookUpdate.exe[3540] USER32.dll!UnhookWindowsHookEx                                         77507CE7 5 Bytes  JMP 00180A08 
.text           C:\Users\Possehl\AppData\Local\Facebook\Update\FacebookUpdate.exe[3540] USER32.dll!SetWindowsHookExA                                           7750891A 5 Bytes  JMP 00180600 
.text           C:\Users\Possehl\AppData\Local\Facebook\Update\FacebookUpdate.exe[3540] USER32.dll!SetWindowsHookExW                                           7750913D 5 Bytes  JMP 00180804 
.text           C:\Users\Possehl\AppData\Local\Facebook\Update\FacebookUpdate.exe[3540] USER32.dll!UnhookWinEvent                                              77512C03 5 Bytes  JMP 001803FC 
.text           C:\Users\Possehl\AppData\Local\Facebook\Update\FacebookUpdate.exe[3540] USER32.dll!SetWinEventHook                                             77519BFD 5 Bytes  JMP 001801F8 
.text           C:\Program Files\Mozilla Firefox\firefox.exe[3620] ntdll.dll!LdrLoadDll                                                                        775CEB00 5 Bytes  JMP 67540C00 C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation)
.text           C:\Program Files\Mozilla Firefox\firefox.exe[3620] ntdll.dll!LdrUnloadDll                                                                      775DBF0A 5 Bytes  JMP 000503FC 
.text           C:\Program Files\Mozilla Firefox\firefox.exe[3620] kernel32.dll!GetBinaryTypeW + 70                                                            76E8714D 1 Byte  [62]
.text           C:\Program Files\Mozilla Firefox\firefox.exe[3620] kernel32.dll!ActivateActCtx + 2C                                                            76E87379 7 Bytes  JMP 67777B29 C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation)
.text           C:\Program Files\Mozilla Firefox\firefox.exe[3620] kernel32.dll!VirtualQuery + 24                                                              76E8D172 7 Bytes  JMP 67543FAC C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation)
.text           C:\Program Files\Mozilla Firefox\firefox.exe[3620] kernel32.dll!VirtualAllocEx + 54                                                            76EA9BC5 7 Bytes  JMP 67777B4C C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation)
.text           C:\Program Files\Mozilla Firefox\firefox.exe[3620] USER32.dll!UnhookWindowsHookEx                                                              77507CE7 5 Bytes  JMP 00070A08 
.text           C:\Program Files\Mozilla Firefox\firefox.exe[3620] USER32.dll!SetWindowsHookExA                                                                7750891A 5 Bytes  JMP 00070600 
.text           C:\Program Files\Mozilla Firefox\firefox.exe[3620] USER32.dll!SetWindowsHookExW                                                                7750913D 5 Bytes  JMP 00070804 
.text           C:\Program Files\Mozilla Firefox\firefox.exe[3620] USER32.dll!UnhookWinEvent                                                                   77512C03 5 Bytes  JMP 000703FC 
.text           C:\Program Files\Mozilla Firefox\firefox.exe[3620] USER32.dll!SetWinEventHook                                                                  77519BFD 5 Bytes  JMP 000701F8 
.text           C:\Program Files\Mozilla Firefox\firefox.exe[3620] GDI32.dll!SetTextAlign + E6                                                                 76FD7EEF 7 Bytes  JMP 67777AAA C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation)
.text           C:\Program Files\Mozilla Firefox\firefox.exe[3620] ADVAPI32.dll!CreateServiceW                                                                 77768686 5 Bytes  JMP 000803FC 
.text           C:\Program Files\Mozilla Firefox\firefox.exe[3620] ADVAPI32.dll!DeleteService                                                                  77768788 5 Bytes  JMP 00080600 
.text           C:\Program Files\Mozilla Firefox\firefox.exe[3620] ADVAPI32.dll!ChangeServiceConfigW                                                           7776A26A 5 Bytes  JMP 00080A08 
.text           C:\Program Files\Mozilla Firefox\firefox.exe[3620] ADVAPI32.dll!SetServiceObjectSecurity                                                       777A3791 5 Bytes  JMP 00081014 
.text           C:\Program Files\Mozilla Firefox\firefox.exe[3620] ADVAPI32.dll!ChangeServiceConfigA                                                           777A3891 5 Bytes  JMP 00080804 
.text           C:\Program Files\Mozilla Firefox\firefox.exe[3620] ADVAPI32.dll!ChangeServiceConfig2A                                                          777A3A39 5 Bytes  JMP 00080C0C 
.text           C:\Program Files\Mozilla Firefox\firefox.exe[3620] ADVAPI32.dll!ChangeServiceConfig2W                                                          777A3B81 5 Bytes  JMP 00080E10 
.text           C:\Program Files\Mozilla Firefox\firefox.exe[3620] ADVAPI32.dll!CreateServiceA                                                                 777A3C41 5 Bytes  JMP 000801F8 
.text           C:\Windows\RtHDVCpl.exe[3740] ntdll.dll!LdrLoadDll                                                                                             775CEB00 5 Bytes  JMP 001501F8 
.text           C:\Windows\RtHDVCpl.exe[3740] ntdll.dll!LdrUnloadDll                                                                                           775DBF0A 5 Bytes  JMP 001503FC 
.text           C:\Windows\RtHDVCpl.exe[3740] kernel32.dll!GetBinaryTypeW + 70                                                                                 76E8714D 1 Byte  [62]
.text           C:\Windows\RtHDVCpl.exe[3740] ADVAPI32.dll!CreateServiceW                                                                                      77768686 5 Bytes  JMP 001703FC 
.text           C:\Windows\RtHDVCpl.exe[3740] ADVAPI32.dll!DeleteService                                                                                       77768788 5 Bytes  JMP 00170600 
.text           C:\Windows\RtHDVCpl.exe[3740] ADVAPI32.dll!ChangeServiceConfigW                                                                                7776A26A 5 Bytes  JMP 00170A08 
.text           C:\Windows\RtHDVCpl.exe[3740] ADVAPI32.dll!SetServiceObjectSecurity                                                                            777A3791 5 Bytes  JMP 00171014 
.text           C:\Windows\RtHDVCpl.exe[3740] ADVAPI32.dll!ChangeServiceConfigA                                                                                777A3891 5 Bytes  JMP 00170804 
.text           C:\Windows\RtHDVCpl.exe[3740] ADVAPI32.dll!ChangeServiceConfig2A                                                                               777A3A39 5 Bytes  JMP 00170C0C 
.text           C:\Windows\RtHDVCpl.exe[3740] ADVAPI32.dll!ChangeServiceConfig2W                                                                               777A3B81 5 Bytes  JMP 00170E10 
.text           C:\Windows\RtHDVCpl.exe[3740] ADVAPI32.dll!CreateServiceA                                                                                      777A3C41 5 Bytes  JMP 001701F8 
.text           C:\Windows\RtHDVCpl.exe[3740] USER32.dll!UnhookWindowsHookEx                                                                                   77507CE7 5 Bytes  JMP 00180A08 
.text           C:\Windows\RtHDVCpl.exe[3740] USER32.dll!SetWindowsHookExA                                                                                     7750891A 5 Bytes  JMP 00180600 
.text           C:\Windows\RtHDVCpl.exe[3740] USER32.dll!SetWindowsHookExW                                                                                     7750913D 5 Bytes  JMP 00180804 
.text           C:\Windows\RtHDVCpl.exe[3740] USER32.dll!UnhookWinEvent                                                                                        77512C03 5 Bytes  JMP 001803FC 
.text           C:\Windows\RtHDVCpl.exe[3740] USER32.dll!SetWinEventHook                                                                                       77519BFD 5 Bytes  JMP 001801F8 
.text           C:\Program Files\Nero\Nero BackItUp & Burn\Nero BackItUp\NBAgent.exe[3992] ntdll.dll!LdrLoadDll                                                775CEB00 5 Bytes  JMP 001501F8 
.text           C:\Program Files\Nero\Nero BackItUp & Burn\Nero BackItUp\NBAgent.exe[3992] ntdll.dll!LdrUnloadDll                                              775DBF0A 5 Bytes  JMP 001503FC 
.text           C:\Program Files\Nero\Nero BackItUp & Burn\Nero BackItUp\NBAgent.exe[3992] kernel32.dll!GetBinaryTypeW + 70                                    76E8714D 1 Byte  [62]
.text           C:\Program Files\Nero\Nero BackItUp & Burn\Nero BackItUp\NBAgent.exe[3992] USER32.dll!UnhookWindowsHookEx                                      77507CE7 5 Bytes  JMP 00280A08 
.text           C:\Program Files\Nero\Nero BackItUp & Burn\Nero BackItUp\NBAgent.exe[3992] USER32.dll!SetWindowsHookExA                                        7750891A 5 Bytes  JMP 00280600 
.text           C:\Program Files\Nero\Nero BackItUp & Burn\Nero BackItUp\NBAgent.exe[3992] USER32.dll!SetWindowsHookExW                                        7750913D 5 Bytes  JMP 00280804 
.text           C:\Program Files\Nero\Nero BackItUp & Burn\Nero BackItUp\NBAgent.exe[3992] USER32.dll!UnhookWinEvent                                           77512C03 5 Bytes  JMP 002803FC 
.text           C:\Program Files\Nero\Nero BackItUp & Burn\Nero BackItUp\NBAgent.exe[3992] USER32.dll!SetWinEventHook                                          77519BFD 5 Bytes  JMP 002801F8 
.text           C:\Program Files\Nero\Nero BackItUp & Burn\Nero BackItUp\NBAgent.exe[3992] ADVAPI32.dll!CreateServiceW                                         77768686 5 Bytes  JMP 002903FC 
.text           C:\Program Files\Nero\Nero BackItUp & Burn\Nero BackItUp\NBAgent.exe[3992] ADVAPI32.dll!DeleteService                                          77768788 5 Bytes  JMP 00290600 
.text           C:\Program Files\Nero\Nero BackItUp & Burn\Nero BackItUp\NBAgent.exe[3992] ADVAPI32.dll!ChangeServiceConfigW                                   7776A26A 5 Bytes  JMP 00290A08 
.text           C:\Program Files\Nero\Nero BackItUp & Burn\Nero BackItUp\NBAgent.exe[3992] ADVAPI32.dll!SetServiceObjectSecurity                               777A3791 5 Bytes  JMP 00291014 
.text           C:\Program Files\Nero\Nero BackItUp & Burn\Nero BackItUp\NBAgent.exe[3992] ADVAPI32.dll!ChangeServiceConfigA                                   777A3891 5 Bytes  JMP 00290804 
.text           C:\Program Files\Nero\Nero BackItUp & Burn\Nero BackItUp\NBAgent.exe[3992] ADVAPI32.dll!ChangeServiceConfig2A                                  777A3A39 5 Bytes  JMP 00290C0C 
.text           C:\Program Files\Nero\Nero BackItUp & Burn\Nero BackItUp\NBAgent.exe[3992] ADVAPI32.dll!ChangeServiceConfig2W                                  777A3B81 5 Bytes  JMP 00290E10 
.text           C:\Program Files\Nero\Nero BackItUp & Burn\Nero BackItUp\NBAgent.exe[3992] ADVAPI32.dll!CreateServiceA                                         777A3C41 5 Bytes  JMP 002901F8 
.text           C:\Windows\servicing\TrustedInstaller.exe[4056] kernel32.dll!GetBinaryTypeW + 70                                                               76E8714D 1 Byte  [62]
.text           C:\Program Files\Google\Update\GoogleUpdate.exe[4084] ntdll.dll!LdrLoadDll                                                                     775CEB00 5 Bytes  JMP 001601F8 
.text           C:\Program Files\Google\Update\GoogleUpdate.exe[4084] ntdll.dll!LdrUnloadDll                                                                   775DBF0A 5 Bytes  JMP 001603FC 
.text           C:\Program Files\Google\Update\GoogleUpdate.exe[4084] kernel32.dll!GetBinaryTypeW + 70                                                         76E8714D 1 Byte  [62]
.text           C:\Program Files\Google\Update\GoogleUpdate.exe[4084] ADVAPI32.dll!CreateServiceW                                                              77768686 5 Bytes  JMP 001703FC 
.text           C:\Program Files\Google\Update\GoogleUpdate.exe[4084] ADVAPI32.dll!DeleteService                                                               77768788 5 Bytes  JMP 00170600 
.text           C:\Program Files\Google\Update\GoogleUpdate.exe[4084] ADVAPI32.dll!ChangeServiceConfigW                                                        7776A26A 5 Bytes  JMP 00170A08 
.text           C:\Program Files\Google\Update\GoogleUpdate.exe[4084] ADVAPI32.dll!SetServiceObjectSecurity                                                    777A3791 5 Bytes  JMP 00171014 
.text           C:\Program Files\Google\Update\GoogleUpdate.exe[4084] ADVAPI32.dll!ChangeServiceConfigA                                                        777A3891 5 Bytes  JMP 00170804 
.text           C:\Program Files\Google\Update\GoogleUpdate.exe[4084] ADVAPI32.dll!ChangeServiceConfig2A                                                       777A3A39 5 Bytes  JMP 00170C0C 
.text           C:\Program Files\Google\Update\GoogleUpdate.exe[4084] ADVAPI32.dll!ChangeServiceConfig2W                                                       777A3B81 5 Bytes  JMP 00170E10 
.text           C:\Program Files\Google\Update\GoogleUpdate.exe[4084] ADVAPI32.dll!CreateServiceA                                                              777A3C41 5 Bytes  JMP 001701F8 
.text           C:\Program Files\Google\Update\GoogleUpdate.exe[4084] USER32.dll!UnhookWindowsHookEx                                                           77507CE7 5 Bytes  JMP 00280A08 
.text           C:\Program Files\Google\Update\GoogleUpdate.exe[4084] USER32.dll!SetWindowsHookExA                                                             7750891A 5 Bytes  JMP 00280600 
.text           C:\Program Files\Google\Update\GoogleUpdate.exe[4084] USER32.dll!SetWindowsHookExW                                                             7750913D 5 Bytes  JMP 00280804 
.text           C:\Program Files\Google\Update\GoogleUpdate.exe[4084] USER32.dll!UnhookWinEvent                                                                77512C03 5 Bytes  JMP 002803FC 
.text           C:\Program Files\Google\Update\GoogleUpdate.exe[4084] USER32.dll!SetWinEventHook                                                               77519BFD 5 Bytes  JMP 002801F8 
.text           C:\Windows\system32\SearchFilterHost.exe[4124] kernel32.dll!GetBinaryTypeW + 70                                                                76E8714D 1 Byte  [62]
.text           C:\Windows\system32\wuauclt.exe[4144] ntdll.dll!LdrLoadDll                                                                                     775CEB00 5 Bytes  JMP 000601F8 
.text           C:\Windows\system32\wuauclt.exe[4144] ntdll.dll!LdrUnloadDll                                                                                   775DBF0A 5 Bytes  JMP 000603FC 
.text           C:\Windows\system32\wuauclt.exe[4144] kernel32.dll!GetBinaryTypeW + 70                                                                         76E8714D 1 Byte  [62]
.text           C:\Windows\system32\wuauclt.exe[4144] USER32.dll!UnhookWindowsHookEx                                                                           77507CE7 5 Bytes  JMP 00070A08 
.text           C:\Windows\system32\wuauclt.exe[4144] USER32.dll!SetWindowsHookExA                                                                             7750891A 5 Bytes  JMP 00070600 
.text           C:\Windows\system32\wuauclt.exe[4144] USER32.dll!SetWindowsHookExW                                                                             7750913D 5 Bytes  JMP 00070804 
.text           C:\Windows\system32\wuauclt.exe[4144] USER32.dll!UnhookWinEvent                                                                                77512C03 5 Bytes  JMP 000703FC 
.text           C:\Windows\system32\wuauclt.exe[4144] USER32.dll!SetWinEventHook                                                                               77519BFD 5 Bytes  JMP 000701F8 
.text           C:\Windows\system32\wuauclt.exe[4144] ADVAPI32.dll!CreateServiceW                                                                              77768686 5 Bytes  JMP 000D03FC 
.text           C:\Windows\system32\wuauclt.exe[4144] ADVAPI32.dll!DeleteService                                                                               77768788 5 Bytes  JMP 000D0600 
.text           C:\Windows\system32\wuauclt.exe[4144] ADVAPI32.dll!ChangeServiceConfigW                                                                        7776A26A 5 Bytes  JMP 000D0A08 
.text           C:\Windows\system32\wuauclt.exe[4144] ADVAPI32.dll!SetServiceObjectSecurity                                                                    777A3791 5 Bytes  JMP 000D1014 
.text           C:\Windows\system32\wuauclt.exe[4144] ADVAPI32.dll!ChangeServiceConfigA                                                                        777A3891 5 Bytes  JMP 000D0804 
.text           C:\Windows\system32\wuauclt.exe[4144] ADVAPI32.dll!ChangeServiceConfig2A                                                                       777A3A39 5 Bytes  JMP 000D0C0C 
.text           C:\Windows\system32\wuauclt.exe[4144] ADVAPI32.dll!ChangeServiceConfig2W                                                                       777A3B81 5 Bytes  JMP 000D0E10 
.text           C:\Windows\system32\wuauclt.exe[4144] ADVAPI32.dll!CreateServiceA                                                                              777A3C41 5 Bytes  JMP 000D01F8 
.text           C:\Users\Possehl\Downloads\7fvpumgp.exe[4308] kernel32.dll!GetBinaryTypeW + 70                                                                 76E8714D 1 Byte  [62]
.text           C:\Windows\system32\SearchProtocolHost.exe[5968] kernel32.dll!GetBinaryTypeW + 70                                                              76E8714D 1 Byte  [62]
.text           C:\Windows\system32\taskeng.exe[5996] kernel32.dll!GetBinaryTypeW + 70                                                                         76E8714D 1 Byte  [62]
.text           C:\Program Files\Alwil Software\Avast5\AvastUI.exe[6088] kernel32.dll!GetBinaryTypeW + 70                                                      76E8714D 1 Byte  [62]

---- User IAT/EAT - GMER 1.0.15 ----

IAT             C:\Windows\system32\services.exe[680] @ C:\Windows\system32\services.exe [ADVAPI32.dll!CreateProcessAsUserW]                                   001B0002
IAT             C:\Windows\system32\services.exe[680] @ C:\Windows\system32\services.exe [KERNEL32.dll!CreateProcessW]                                         001B0000
IAT             C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[1556] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW]                       [739DF6D0] C:\Program Files\Alwil Software\Avast5\aswCmnBS.dll (Common functions/AVAST Software)
IAT             C:\Windows\Explorer.EXE[2988] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCloneImage]                                                           [7404FBC8] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6000.16782_none_9ea1072ec96e0be7\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT             C:\Windows\Explorer.EXE[2988] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDrawImageRectI]                                                       [7401B9AA] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6000.16782_none_9ea1072ec96e0be7\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT             C:\Windows\Explorer.EXE[2988] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetInterpolationMode]                                                 [7400A31F] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6000.16782_none_9ea1072ec96e0be7\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT             C:\Windows\Explorer.EXE[2988] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetCompositingMode]                                                   [7400CBFF] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6000.16782_none_9ea1072ec96e0be7\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT             C:\Windows\Explorer.EXE[2988] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateFromHDC]                                                        [74008AB2] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6000.16782_none_9ea1072ec96e0be7\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT             C:\Windows\Explorer.EXE[2988] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateBitmapFromStream]                                               [7401CF28] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6000.16782_none_9ea1072ec96e0be7\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT             C:\Windows\Explorer.EXE[2988] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageHeight]                                                       [74007D98] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6000.16782_none_9ea1072ec96e0be7\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT             C:\Windows\Explorer.EXE[2988] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageWidth]                                                        [74007CFF] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6000.16782_none_9ea1072ec96e0be7\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT             C:\Windows\Explorer.EXE[2988] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDisposeImage]                                                         [74006A64] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6000.16782_none_9ea1072ec96e0be7\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT             C:\Windows\Explorer.EXE[2988] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipLoadImageFromFileICM]                                                 [7409C1D8] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6000.16782_none_9ea1072ec96e0be7\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT             C:\Windows\Explorer.EXE[2988] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipLoadImageFromFile]                                                    [74027F56] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6000.16782_none_9ea1072ec96e0be7\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT             C:\Windows\Explorer.EXE[2988] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDeleteGraphics]                                                       [740090CD] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6000.16782_none_9ea1072ec96e0be7\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT             C:\Windows\Explorer.EXE[2988] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipFree]                                                                 [74012179] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6000.16782_none_9ea1072ec96e0be7\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT             C:\Windows\Explorer.EXE[2988] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipAlloc]                                                                [740121A4] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6000.16782_none_9ea1072ec96e0be7\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT             C:\Windows\Explorer.EXE[2988] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusShutdown]                                                          [74017F1C] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6000.16782_none_9ea1072ec96e0be7\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT             C:\Windows\Explorer.EXE[2988] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusStartup]                                                           [74017D3E] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6000.16782_none_9ea1072ec96e0be7\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT             C:\Windows\Explorer.EXE[2988] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateBitmapFromStreamICM]                                            [740483D5] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6000.16782_none_9ea1072ec96e0be7\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT             C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!MoveFileExW]       00010110
IAT             C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] @ C:\Windows\system32\SHLWAPI.dll [USER32.dll!GetKeyState]         001B07D0
IAT             C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] @ C:\Windows\system32\ole32.dll [USER32.dll!GetKeyState]           001B07D0
IAT             C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] @ C:\Windows\system32\USERENV.dll [KERNEL32.dll!MoveFileExW]       00010110
IAT             C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!MoveFileExW]       00010110
IAT             C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] @ C:\Windows\system32\SHELL32.dll [USER32.dll!GetFocus]            001B0790
IAT             C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe[3096] @ C:\Windows\system32\SHELL32.dll [USER32.dll!GetKeyState]         001B07D0
IAT             C:\Program Files\Alwil Software\Avast5\AvastUI.exe[6088] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW]                        [739DF6D0] C:\Program Files\Alwil Software\Avast5\aswCmnBS.dll (Common functions/AVAST Software)

---- Devices - GMER 1.0.15 ----

Device          \FileSystem\Ntfs \Ntfs                                                                                                                         aswSP.SYS (avast! self protection module/AVAST Software)

AttachedDevice  \Driver\tdx \Device\Tcp                                                                                                                        aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)
AttachedDevice  \Driver\tdx \Device\Udp                                                                                                                        aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)

---- EOF - GMER 1.0.15 ----
         
OSAM logfile:

OSAM Logfile:
Code:
ATTFilter
Report of OSAM: Autorun Manager v5.0.11926.0
hxxp://www.online-solutions.ru/en/
Saved at 00:23:21 on 26.09.2012

OS: Windows Vista Home Premium Edition (Build 6000), 32-bit
Default Browser: Google Inc. Google Chrome 21.0.1180.89

Scanner Settings
[x] Rootkits detection (hidden registry)
[x] Rootkits detection (hidden files)
[x] Retrieve files information
[x] Check Microsoft signatures

Filters
[ ] Trusted entries
[ ] Empty entries
[x] Hidden registry entries (rootkit activity)
[x] Exclusively opened files
[x] Not found files
[x] Files without detailed information
[x] Existing files
[ ] Non-startable services
[ ] Non-startable drivers
[x] Active entries
[x] Disabled entries


[Common]
-----( %SystemRoot%\Tasks )-----
"GoogleUpdateTaskMachineCore.job" - "Google Inc." - C:\Program Files\Google\Update\GoogleUpdate.exe
"GoogleUpdateTaskMachineUA.job" - "Google Inc." - C:\Program Files\Google\Update\GoogleUpdate.exe
"GoogleUpdateTaskUserS-1-5-21-314716326-1652771346-1621271911-1000Core.job" - "Google Inc." - C:\Users\Possehl\AppData\Local\Google\Update\GoogleUpdate.exe
"GoogleUpdateTaskUserS-1-5-21-314716326-1652771346-1621271911-1000UA.job" - "Google Inc." - C:\Users\Possehl\AppData\Local\Google\Update\GoogleUpdate.exe
"FacebookUpdateTaskUserS-1-5-21-314716326-1652771346-1621271911-1000Core.job" - "Facebook Inc." - C:\Users\Possehl\AppData\Local\Facebook\Update\FacebookUpdate.exe
"FacebookUpdateTaskUserS-1-5-21-314716326-1652771346-1621271911-1000UA.job" - "Facebook Inc." - C:\Users\Possehl\AppData\Local\Facebook\Update\FacebookUpdate.exe
"Adobe Flash Player Updater.job" - "Adobe Systems Incorporated" - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

[Control Panel Objects]
-----( %SystemRoot%\system32 )-----
"DivXControlPanelApplet.cpl" - "DivX, Inc." - C:\Windows\system32\DivXControlPanelApplet.cpl
"FlashPlayerCPLApp.cpl" - "Adobe Systems Incorporated" - C:\Windows\system32\FlashPlayerCPLApp.cpl
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Control Panel\Cpls )-----
"Nero BackItUp and BurnRights" - "Nero AG" - C:\Program Files\Nero\Nero BackItUp & Burn\Nero BurnRights\NeroBurnRights_bb.cpl
"Nero BurnRights" - "Nero AG" - C:\Program Files\Nero\Nero 7\Nero Toolkit\NeroBurnRights.cpl

[Drivers]
-----( HKLM\SYSTEM\CurrentControlSet\Services )-----
"aswFsBlk" (aswFsBlk) - "AVAST Software" - C:\Windows\system32\drivers\aswFsBlk.sys
"aswMonFlt" (aswMonFlt) - "AVAST Software" - C:\Windows\system32\drivers\aswMonFlt.sys
"aswRdr" (aswRdr) - "AVAST Software" - C:\Windows\system32\drivers\aswRdr.sys
"aswSnx" (aswSnx) - "AVAST Software" - C:\Windows\system32\drivers\aswSnx.sys
"aswSP" (aswSP) - "AVAST Software" - C:\Windows\system32\drivers\aswSP.sys
"avast! Network Shield Support" (aswTdi) - "AVAST Software" - C:\Windows\system32\drivers\aswTdi.sys
"catchme" (catchme) - ? - C:\Users\Possehl\AppData\Local\Temp\catchme.sys  (File not found)
"Huawei DataCard USB Modem and USB Serial" (hwdatacard) - ? - C:\Windows\System32\DRIVERS\ewusbmdm.sys  (File not found)
"Huawei DataCard USB PNP Device" (hwusbdev) - ? - C:\Windows\System32\DRIVERS\ewusbdev.sys  (File not found)
"HUAWEI USB-NDIS miniport" (ewusbnet) - ? - C:\Windows\System32\DRIVERS\ewusbnet.sys  (File not found)
"IP in IP Tunnel Driver" (IpInIp) - ? - C:\Windows\System32\DRIVERS\ipinip.sys  (File not found)
"IPX Traffic Filter Driver" (NwlnkFlt) - ? - C:\Windows\System32\DRIVERS\nwlnkflt.sys  (File not found)
"IPX Traffic Forwarder Driver" (NwlnkFwd) - ? - C:\Windows\System32\DRIVERS\nwlnkfwd.sys  (File not found)
"MBAMProtector" (MBAMProtector) - "Malwarebytes Corporation" - C:\Windows\system32\drivers\mbam.sys
"PxHelp20" (PxHelp20) - "Sonic Solutions" - C:\Windows\System32\Drivers\PxHelp20.sys
"TuneUpUtilitiesDrv" (TuneUpUtilitiesDrv) - "TuneUp Software" - C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys
"uftdyfoc" (uftdyfoc) - ? - C:\Users\Possehl\AppData\Local\Temp\uftdyfoc.sys  (Hidden registry entry, rootkit activity | File not found)
"ZTE Diagnostic Port" (ZTEusbser6k) - ? - C:\Windows\System32\DRIVERS\ZTEusbser6k.sys  (File not found)
"ZTE NMEA Port" (ZTEusbnmea) - ? - C:\Windows\System32\DRIVERS\ZTEusbnmea.sys  (File not found)
"ZTE Proprietary USB Driver" (ZTEusbmdm6k) - ? - C:\Windows\System32\DRIVERS\ZTEusbmdm6k.sys  (File not found)

[Explorer]
-----( HKLM\Software\Classes\Folder\shellex\ColumnHandlers )-----
{F9DB5320-233E-11D1-9F84-707F02C10627} "PDF Shell Extension" - "Adobe Systems, Inc." - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll
{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396} "{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}" - ? - C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll
-----( HKLM\Software\Classes\Protocols\Filter )-----
{807563E5-5146-11D5-A672-00B0D022E945} "Microsoft Office InfoPath XML Mime Filter" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
-----( HKLM\Software\Classes\Protocols\Handler )-----
{314111c7-a502-11d2-bbca-00c04f8ec294} "HxProtocol Class" - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
{FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} "IEProtocolHandler Class" - "Skype Technologies" - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
{0A9007C0-4076-11D3-8789-0000F8105754} "Microsoft Infotech Storage Protocol for IE 4.0" - "Microsoft Corporation" - c:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll
{91774881-D725-4E58-B298-07617B9B86A8} "Skype IE add-on Pluggable Protocol" - "Skype Technologies S.A." - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )-----
{911051fa-c21c-4246-b470-070cd8df6dc4} ".cab or .zip files" - ? -   (File not found | COM-object registry key not found)
{1b24a030-9b20-49bc-97ac-1be4426f9e59} "ActiveDirectory Folder" - ? -   (File not found | COM-object registry key not found)
{34449847-FD14-4fc8-A75A-7432F5181EFB} "ActiveDirectory Folder" - ? -   (File not found | COM-object registry key not found)
{472083B0-C522-11CF-8763-00608CC02F24} "avast" - "AVAST Software" - C:\Program Files\Alwil Software\Avast5\ashShell.dll
{0F8604A5-4ECE-4DE1-BA7D-CF10F8AA4F48} "Contacts folder" - ? -   (File not found | COM-object registry key not found)
{2C2577C2-63A7-40e3-9B7F-586602617ECB} "Explorer Query Band" - ? -   (File not found | COM-object registry key not found)
{FAC3CBF6-8697-43d0-BAB9-DCD1FCE19D75} "IE User Assist" - ? -   (File not found | COM-object registry key not found)
{00020d75-0000-0000-c000-000000000046} "lnkfile" - ? -   (File not found | COM-object registry key not found)
{42042206-2D85-11D3-8CFF-005004838597} "Microsoft Office HTML Icon Handler" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\msohevi.dll
{993BE281-6695-4BA5-8A2A-7AACBFAAB69E} "Microsoft Office Metadata Handler" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll
{5858A72C-C2B4-4dd7-B2BF-B76DB1BD9F6C} "Microsoft Office OneNote Namespace Extension for Windows Desktop Search" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office12\ONFILTER.DLL
{C41662BB-1FA0-4CE0-8DC5-9B7F8279FF97} "Microsoft Office Thumbnail Handler" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll
{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396} "OpenOffice.org Column Handler" - ? - C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll
{087B3AE3-E237-4467-B8DB-5A38AB959AC9} "OpenOffice.org Infotip Handler" - ? - C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll
{63542C48-9552-494A-84F7-73AA6A7C99C1} "OpenOffice.org Property Sheet Handler" - ? - C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll
{3B092F0C-7696-40E3-A80F-68D74DA84210} "OpenOffice.org Thumbnail Viewer" - ? - C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll
{C8494E42-ACDD-4739-B0FB-217361E4894F} "Sam Account Folder" - ? -   (File not found | COM-object registry key not found)
{E29F9716-5C08-4FCD-955A-119FDB5A522D} "Sam Account Folder" - ? -   (File not found | COM-object registry key not found)
{45AC2688-0253-4ED8-97DE-B5370FA7D48A} "Shell Extension for Malware scanning" - ? -   (File not found | COM-object registry key not found)
{5E2121EE-0300-11D4-8D3B-444553540000} "SimpleShlExt Class" - ? - c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\atiacmxx.dll
{4838CD50-7E5D-4811-9B17-C47A85539F28} "TuneUp Disk Space Explorer Shell Extension" - "TuneUp Software" - C:\Program Files\TuneUp Utilities 2010\DseShExt-x86.dll
{4858E7D9-8E12-45a3-B6A3-1CD128C9D403} "TuneUp Shredder Shell Extension" - "TuneUp Software" - C:\Program Files\TuneUp Utilities 2010\SDShelEx-win32.dll
{44440D00-FF19-4AFC-B765-9A0970567D97} "TuneUp Theme Extension" - "TuneUp Software" - C:\Windows\System32\uxtuneup.dll
{da67b8ad-e81b-4c70-9b91b417b5e33527} "Windows Search Shell Service" - ? -   (File not found | COM-object registry key not found)
{B41DB860-8EE4-11D2-9906-E49FADC173CA} "WinRAR" - "Alexander Roshal" - C:\Program Files\WinRAR\rarext.dll

[Internet Explorer]
-----( HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser )-----
<binary data> "Google Toolbar" - "Google Inc." - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
ITBar7Height "ITBar7Height" - ? -   (File not found | COM-object registry key not found)
<binary data> "ITBar7Layout" - ? -   (File not found | COM-object registry key not found)
-----( HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units )-----
{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} "Java Plug-in 1.6.0_23" - "Oracle Corporation" - C:\Program Files\Java\jre7\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} "Java Plug-in 10.7.2" - "Oracle Corporation" - C:\Program Files\Java\jre7\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
{8AD9C840-044E-11D1-B3E9-00805F499D93} "{8AD9C840-044E-11D1-B3E9-00805F499D93}" - "Oracle Corporation" - C:\Program Files\Java\jre7\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
{E2883E8F-472F-4FB0-9522-AC9BF37916A7} "{E2883E8F-472F-4FB0-9522-AC9BF37916A7}" - ? -   (File not found | COM-object registry key not found) / hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
-----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions )-----
{48E73304-E1D6-4330-914C-F5F514E3486C} "An OneNote senden" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
{DDE87865-83C5-48c4-8357-2F5B1AA84522} "HP Intelligente Auswahl" - "Hewlett-Packard Co." - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
"ICQ7.2" - "ICQ, LLC." - C:\Program Files\ICQ7.2\ICQ.exe
{FF059E31-CC5A-4E2E-BF3B-96E929D65503} "Research" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
{898EA8C8-E7FF-479B-8935-AEC46303B9E5} "Skype Click to Call" - "Skype Technologies S.A." - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
-----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar )-----
<binary data> "avast! WebRep" - "AVAST Software" - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
<binary data> "Google Toolbar" - "Google Inc." - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects )-----
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} "Adobe PDF Reader" - "Adobe Systems Incorporated" - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} "avast! WebRep" - "AVAST Software" - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
{326E768D-4182-46FD-9C16-1449A49795F4} "DivX Plus Web Player HTML5 <video>" - "DivX, LLC" - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
{AA58ED58-01DD-4d91-8333-CF10577473F7} "Google Toolbar Helper" - "Google Inc." - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
{AF69DE43-7D58-4638-B6FA-CE66B5AD205D} "Google Toolbar Notifier BHO" - "Google Inc." - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7529.1424\swg.dll
{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} "HP Smart BHO Class" - "Hewlett-Packard Co." - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
{DBC80044-A445-435b-BC74-9C25C1C588A9} "Java(tm) Plug-In 2 SSV Helper" - "Oracle Corporation" - C:\Program Files\Java\jre7\bin\jp2ssv.dll
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} "Java(tm) Plug-In SSV Helper" - "Oracle Corporation" - C:\Program Files\Java\jre7\bin\ssv.dll
{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} "Skype Browser Helper" - "Skype Technologies S.A." - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

[Known DLLs]
-----( HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\KnownDLLs )-----
"advapi32" - "Microsoft Corporation" - C:\Windows\system32\advapi32.dll  (Hidden registry entry, rootkit activity | File signed by Microsoft)
"clbcatq" - "Microsoft Corporation" - C:\Windows\system32\clbcatq.dll  (Hidden registry entry, rootkit activity | File signed by Microsoft)
"COMDLG32" - "Microsoft Corporation" - C:\Windows\system32\COMDLG32.dll  (Hidden registry entry, rootkit activity | File signed by Microsoft)
"gdi32" - "Microsoft Corporation" - C:\Windows\system32\gdi32.dll  (Hidden registry entry, rootkit activity | File signed by Microsoft)
"IERTUTIL" - "Microsoft Corporation" - C:\Windows\system32\IERTUTIL.dll  (Hidden registry entry, rootkit activity | File signed by Microsoft)
"IMAGEHLP" - "Microsoft Corporation" - C:\Windows\system32\IMAGEHLP.dll  (Hidden registry entry, rootkit activity | File signed by Microsoft)
"IMM32" - "Microsoft Corporation" - C:\Windows\system32\IMM32.dll  (Hidden registry entry, rootkit activity | File signed by Microsoft)
"kernel32" - "Microsoft Corporation" - C:\Windows\system32\kernel32.dll  (Hidden registry entry, rootkit activity | File signed by Microsoft)
"LPK" - "Microsoft Corporation" - C:\Windows\system32\LPK.dll  (Hidden registry entry, rootkit activity | File signed by Microsoft)
"MSCTF" - "Microsoft Corporation" - C:\Windows\system32\MSCTF.dll  (Hidden registry entry, rootkit activity | File signed by Microsoft)
"MSVCRT" - "Microsoft Corporation" - C:\Windows\system32\MSVCRT.dll  (Hidden registry entry, rootkit activity | File signed by Microsoft)
"NORMALIZ" - "Microsoft Corporation" - C:\Windows\system32\NORMALIZ.dll  (Hidden registry entry, rootkit activity | File signed by Microsoft)
"NSI" - "Microsoft Corporation" - C:\Windows\system32\NSI.dll  (Hidden registry entry, rootkit activity | File signed by Microsoft)
"ole32" - "Microsoft Corporation" - C:\Windows\system32\ole32.dll  (Hidden registry entry, rootkit activity | File signed by Microsoft)
"OLEAUT32" - "Microsoft Corporation" - C:\Windows\system32\OLEAUT32.dll  (Hidden registry entry, rootkit activity | File signed by Microsoft)
"rpcrt4" - "Microsoft Corporation" - C:\Windows\system32\rpcrt4.dll  (Hidden registry entry, rootkit activity | File signed by Microsoft)
"Setupapi" - "Microsoft Corporation" - C:\Windows\system32\Setupapi.dll  (Hidden registry entry, rootkit activity | File signed by Microsoft)
"SHELL32" - "Microsoft Corporation" - C:\Windows\system32\SHELL32.dll  (Hidden registry entry, rootkit activity | File signed by Microsoft)
"SHLWAPI" - "Microsoft Corporation" - C:\Windows\system32\SHLWAPI.dll  (Hidden registry entry, rootkit activity | File signed by Microsoft)
"URLMON" - "Microsoft Corporation" - C:\Windows\system32\URLMON.dll  (Hidden registry entry, rootkit activity | File signed by Microsoft)
"user32" - "Microsoft Corporation" - C:\Windows\system32\user32.dll  (Hidden registry entry, rootkit activity | File signed by Microsoft)
"USP10" - "Microsoft Corporation" - C:\Windows\system32\USP10.dll  (Hidden registry entry, rootkit activity | File signed by Microsoft)
"WININET" - "Microsoft Corporation" - C:\Windows\system32\WININET.dll  (Hidden registry entry, rootkit activity | File signed by Microsoft)
"WLDAP32" - "Microsoft Corporation" - C:\Windows\system32\WLDAP32.dll  (Hidden registry entry, rootkit activity | File signed by Microsoft)
"WS2_32" - "Microsoft Corporation" - C:\Windows\system32\WS2_32.dll  (Hidden registry entry, rootkit activity | File signed by Microsoft)

[Logon]
-----( %APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup )-----
"desktop.ini" - ? - C:\Users\Possehl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
-----( %AllUsersProfile%\Microsoft\Windows\Start Menu\Programs\Startup )-----
"desktop.ini" - ? - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
"HP Digital Imaging Monitor.lnk" - "Hewlett-Packard Co." - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe  (Shortcut exists | File exists)
"McAfee Security Scan Plus.lnk" - "McAfee, Inc." - C:\Program Files\McAfee Security Scan\3.0.207\SSScheduler.exe  (Shortcut exists | File exists)
-----( HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run )-----
"Facebook Update" - "Facebook Inc." - "C:\Users\Possehl\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
-----( HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server\Wds\rdpwd )-----
"StartupPrograms" - ? - rdpclip  (File not found)
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Run )-----
"APSDaemon" - "Apple Inc." - "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
"DivXUpdate" - ? - "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
"NBAgent" - "Nero AG" - "C:\Program Files\Nero\Nero BackItUp & Burn\Nero BackItUp\NBAgent.exe" /WinStart

[Print Monitors]
-----( HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors )-----
"PCL Language Monitor" - "Hewlett-Packard Company" - C:\Windows\system32\hpz3l692.dll
"Send To Microsoft OneNote Monitor" - "Microsoft Corporation" - C:\Windows\system32\msonpmon.dll

[Services]
-----( HKLM\SYSTEM\CurrentControlSet\Services )-----
"@%SystemRoot%\System32\uxtuneup.dll,-4096" (UxTuneUp) - "TuneUp Software" - C:\Windows\System32\uxtuneup.dll
"@C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe,-1" (TuneUp.Defrag) - "TuneUp Software" - C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe
"Adobe Active File Monitor V7" (AdobeActiveFileMonitor7.0) - "Adobe Systems Incorporated" - C:\Program Files\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe
"Adobe Flash Player Update Service" (AdobeFlashPlayerUpdateSvc) - "Adobe Systems Incorporated" - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
"Apple Mobile Device" (Apple Mobile Device) - "Apple Inc." - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
"avast! Antivirus" (avast! Antivirus) - "AVAST Software" - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
"Cyberlink RichVideo Service(CRVS)" (RichVideo) - ? - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
"Dienst "Bonjour"" (Bonjour Service) - "Apple Inc." - C:\Program Files\Bonjour\mDNSResponder.exe
"FLEXnet Licensing Service" (FLEXnet Licensing Service) - "Macrovision Europe Ltd." - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
"FSCLBaseUpdaterService" (FSCLBaseUpdaterService) - ? - C:\Program Files\Fujitsu Siemens Computers\FSCLounge\FSCWBaseUpdaterService\2\FSCWBaseUpdaterService.exe
"Fujitsu Siemens Computers Diagnostic Testhandler" (TestHandler) - "Fujitsu Siemens Computers" - C:\firststeps\OnlineDiagnostic\TestManager\TestHandler.exe
"Google Software Updater" (gusvc) - "Google" - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
"Google Update Service (gupdate)" (gupdate) - "Google Inc." - C:\Program Files\Google\Update\GoogleUpdate.exe
"Google Update-Dienst (gupdatem)" (gupdatem) - "Google Inc." - C:\Program Files\Google\Update\GoogleUpdate.exe
"HP CUE DeviceDiscovery Service" (hpqddsvc) - "Hewlett-Packard Co." - C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
"HP Network Devices Support" (HPSLPSVC) - "Hewlett-Packard Co." - C:\Program Files\HP\Digital Imaging\bin\HPSLPSVC32.DLL
"hpqcxs08" (hpqcxs08) - "Hewlett-Packard Co." - C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
"MBAMScheduler" (MBAMScheduler) - "Malwarebytes Corporation" - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
"MBAMService" (MBAMService) - "Malwarebytes Corporation" - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
"McAfee Security Scan Component Host Service" (McComponentHostService) - "McAfee, Inc." - C:\Program Files\McAfee Security Scan\3.0.207\McCHSvc.exe
"Microsoft Office Diagnostics Service" (odserv) - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
"Mozilla Maintenance Service" (MozillaMaintenance) - "Mozilla Foundation" - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
"Net Driver HPZ12" (Net Driver HPZ12) - "Hewlett-Packard" - C:\Windows\system32\HPZinw12.dll
"NMIndexingService" (NMIndexingService) - "Nero AG" - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
"Office Source Engine" (ose) - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
"Pml Driver HPZ12" (Pml Driver HPZ12) - "Hewlett-Packard" - C:\Windows\system32\HPZipm12.dll
"Skype Updater" (SkypeUpdate) - "Skype Technologies" - C:\Program Files\Skype\Updater\Updater.exe
"Symantec Lic NetConnect service" (CLTNetCnService) - ? - "c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon  (File not found)
"TeamViewer 6" (TeamViewer6) - "TeamViewer GmbH" - C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe
"TuneUp Utilities Service" (TuneUp.UtilitiesSvc) - "TuneUp Software" - C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe

[Winlogon]
-----( HKCU\Control Panel\Desktop )-----
"SCRNSAVE.EXE" - "Fujitsu Siemens Computers" - c:\windows\system32\Fujits~1.scr

[Winsock Providers]
-----( HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries )-----
"mdnsNSP" - "Apple Inc." - C:\Program Files\Bonjour\mdnsNSP.dll

===[ Logfile end ]=========================================[ Logfile end ]===
         
--- --- ---

If You have questions or want to get some help, You can visit hxxp://forum.online-solutions.ru
[/code]

Bei dem Scan mit der aswMBR.exe bleibt das Programm bzw. der Scan immer wieder stecken und macht nach geraumer Zeit keine Anstalten weiter zu scannen.
Es kommt jedoch keine Fehler Meldung.

Alt 26.09.2012, 14:32   #26
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Avast blockiert URL bei Google Chrome - Standard

Avast blockiert URL bei Google Chrome



Zitat:
Bei dem Scan mit der aswMBR.exe bleibt das Programm bzw. der Scan immer wieder stecken und macht nach geraumer Zeit keine Anstalten weiter zu scannen.
Es kommt jedoch keine Fehler Meldung.
Deswegen hab ich unter aswMBR noch einen Hinweis eingebaut
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 26.09.2012, 21:25   #27
dibbel91
 
Avast blockiert URL bei Google Chrome - Standard

Avast blockiert URL bei Google Chrome



Klappte nun doch.

Code:
ATTFilter
 aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-09-26 21:53:50
-----------------------------
21:53:50.077    OS Version: Windows 6.0.6000 
21:53:50.077    Number of processors: 2 586 0x1706
21:53:50.077    ComputerName: POSSEHL-PC  UserName: Possehl
21:53:51.591    Initialize success
21:53:55.023    AVAST engine defs: 12092600
21:53:56.068    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0
21:53:56.068    Disk 0 Vendor: WDC_WD25 01.0 Size: 238475MB BusType: 3
21:53:56.130    Disk 0 MBR read successfully
21:53:56.130    Disk 0 MBR scan
21:53:56.130    Disk 0 Windows VISTA default MBR code
21:53:56.146    Disk 0 Partition 1 00     27 Hidden NTFS WinRE NTFS        12000 MB offset 2048
21:53:56.177    Disk 0 Partition 2 80 (A) 07    HPFS/NTFS NTFS       151650 MB offset 24578048
21:53:56.193    Disk 0 Partition 3 00     07    HPFS/NTFS NTFS        74823 MB offset 335157248
21:53:56.208    Disk 0 scanning sectors +488394752
21:53:56.255    Disk 0 scanning C:\Windows\system32\drivers
21:54:02.589    Service scanning
21:54:16.753    Modules scanning
21:54:20.435    Disk 0 trace - called modules:
21:54:20.466    ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll iaStor.sys 
21:54:20.466    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x85c46ad8]
21:54:20.482    3 ntkrnlpa.exe[824b0d35] -> nt!IofCallDriver -> [0x84c1c708]
21:54:20.482    5 acpi.sys[8046932a] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-0[0x84c26030]
21:54:21.402    AVAST engine scan C:\Windows
21:54:24.569    AVAST engine scan C:\Windows\system32
21:56:29.434    AVAST engine scan C:\Windows\system32\drivers
21:56:39.434    AVAST engine scan C:\Users\Possehl
22:17:33.456    AVAST engine scan C:\ProgramData
22:23:08.653    Scan finished successfully
22:23:53.004    Disk 0 MBR has been saved successfully to "C:\Users\Possehl\Documents\MBR.dat"
22:23:53.019    The log file has been saved successfully to "C:\Users\Possehl\Documents\aswMBR komplett.txt"
         

Alt 27.09.2012, 15:45   #28
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Avast blockiert URL bei Google Chrome - Standard

Avast blockiert URL bei Google Chrome



Sieht ok aus. Wir sollten fast durch sein. Mach bitte zur Kontrolle Vollscans mit Malwarebytes und SUPERAntiSpyware und poste die Logs.
Denk dran beide Tools zu updaten vor dem Scan!!
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 30.09.2012, 20:40   #29
dibbel91
 
Avast blockiert URL bei Google Chrome - Standard

Avast blockiert URL bei Google Chrome



Entschuldigung bezüglich der Verspätung.

mbam logfile

Code:
ATTFilter
 Malwarebytes Anti-Malware  (Test) 1.65.0.1400
www.malwarebytes.org

Datenbank Version: v2012.09.30.03

Windows Vista x86 NTFS
Internet Explorer 8.0.6001.18882
Possehl :: POSSEHL-PC [Administrator]

Schutz: Aktiviert

30.09.2012 18:38:46
mbam-log-2012-09-30 (18-38-46).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 328557
Laufzeit: 1 Stunde(n), 41 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)
         
Superantispyware Scan log

Code:
ATTFilter
 SUPERAntiSpyware Scan Log
hxxp://www.superantispyware.com

Generated 09/30/2012 at 09:37 PM

Application Version : 5.5.1022

Core Rules Database Version : 9316
Trace Rules Database Version: 7128

Scan type       : Complete Scan
Total Scan Time : 01:45:05

Operating System Information
Windows Vista Home Premium 32-bit (Build 6.00.6000)
UAC On - Limited User (Administrator User)

Memory items scanned      : 672
Memory threats detected   : 0
Registry items scanned    : 35087
Registry threats detected : 0
File items scanned        : 125085
File threats detected     : 536

Adware.Tracking Cookie
	C:\Users\Possehl\AppData\Roaming\Microsoft\Windows\Cookies\possehl@ad.yieldmanager[1].txt [ /ad.yieldmanager ]
	C:\Users\Possehl\AppData\Roaming\Microsoft\Windows\Cookies\possehl@ad2.adfarm1.adition[1].txt [ /ad2.adfarm1.adition ]
	C:\Users\Possehl\AppData\Roaming\Microsoft\Windows\Cookies\possehl@ad2.adfarm1.adition[3].txt [ /ad2.adfarm1.adition ]
	C:\Users\Possehl\AppData\Roaming\Microsoft\Windows\Cookies\possehl@ad2.adfarm1.adition[4].txt [ /ad2.adfarm1.adition ]
	C:\Users\Possehl\AppData\Roaming\Microsoft\Windows\Cookies\possehl@ad3.adfarm1.adition[2].txt [ /ad3.adfarm1.adition ]
	C:\Users\Possehl\AppData\Roaming\Microsoft\Windows\Cookies\possehl@adbrite[1].txt [ /adbrite ]
	C:\Users\Possehl\AppData\Roaming\Microsoft\Windows\Cookies\possehl@adfarm1.adition[1].txt [ /adfarm1.adition ]
	C:\Users\Possehl\AppData\Roaming\Microsoft\Windows\Cookies\possehl@adfarm1.adition[3].txt [ /adfarm1.adition ]
	C:\Users\Possehl\AppData\Roaming\Microsoft\Windows\Cookies\possehl@adfarm1.adition[4].txt [ /adfarm1.adition ]
	C:\Users\Possehl\AppData\Roaming\Microsoft\Windows\Cookies\possehl@adform[1].txt [ /adform ]
	C:\Users\Possehl\AppData\Roaming\Microsoft\Windows\Cookies\possehl@adform[2].txt [ /adform ]
	C:\Users\Possehl\AppData\Roaming\Microsoft\Windows\Cookies\possehl@adply.plymedia[1].txt [ /adply.plymedia ]
	C:\Users\Possehl\AppData\Roaming\Microsoft\Windows\Cookies\possehl@ads.adk2[2].txt [ /ads.adk2 ]
	C:\Users\Possehl\AppData\Roaming\Microsoft\Windows\Cookies\possehl@advertising[2].txt [ /advertising ]
	C:\Users\Possehl\AppData\Roaming\Microsoft\Windows\Cookies\possehl@apmebf[1].txt [ /apmebf ]
	C:\Users\Possehl\AppData\Roaming\Microsoft\Windows\Cookies\possehl@ar.atwola[1].txt [ /ar.atwola ]
	C:\Users\Possehl\AppData\Roaming\Microsoft\Windows\Cookies\possehl@at.atwola[2].txt [ /at.atwola ]
	C:\Users\Possehl\AppData\Roaming\Microsoft\Windows\Cookies\possehl@atdmt[1].txt [ /atdmt ]
	C:\Users\Possehl\AppData\Roaming\Microsoft\Windows\Cookies\possehl@atdmt[2].txt [ /atdmt ]
	C:\Users\Possehl\AppData\Roaming\Microsoft\Windows\Cookies\possehl@atdmt[3].txt [ /atdmt ]
	C:\Users\Possehl\AppData\Roaming\Microsoft\Windows\Cookies\possehl@atdmt[4].txt [ /atdmt ]
	C:\Users\Possehl\AppData\Roaming\Microsoft\Windows\Cookies\possehl@atdmt[5].txt [ /atdmt ]
	C:\Users\Possehl\AppData\Roaming\Microsoft\Windows\Cookies\possehl@atdmt[6].txt [ /atdmt ]
	C:\Users\Possehl\AppData\Roaming\Microsoft\Windows\Cookies\possehl@atdmt[7].txt [ /atdmt ]
	C:\Users\Possehl\AppData\Roaming\Microsoft\Windows\Cookies\possehl@atwola[2].txt [ /atwola ]
	C:\Users\Possehl\AppData\Roaming\Microsoft\Windows\Cookies\possehl@bs.serving-sys[1].txt [ /bs.serving-sys ]
	C:\Users\Possehl\AppData\Roaming\Microsoft\Windows\Cookies\possehl@bs.serving-sys[2].txt [ /bs.serving-sys ]
	C:\Users\Possehl\AppData\Roaming\Microsoft\Windows\Cookies\possehl@bs.serving-sys[3].txt [ /bs.serving-sys ]
	C:\Users\Possehl\AppData\Roaming\Microsoft\Windows\Cookies\possehl@bs.serving-sys[5].txt [ /bs.serving-sys ]
	C:\Users\Possehl\AppData\Roaming\Microsoft\Windows\Cookies\possehl@c.atdmt[2].txt [ /c.atdmt ]
	C:\Users\Possehl\AppData\Roaming\Microsoft\Windows\Cookies\possehl@c.atdmt[3].txt [ /c.atdmt ]
	C:\Users\Possehl\AppData\Roaming\Microsoft\Windows\Cookies\possehl@c.atdmt[4].txt [ /c.atdmt ]
	C:\Users\Possehl\AppData\Roaming\Microsoft\Windows\Cookies\possehl@c.atdmt[5].txt [ /c.atdmt ]
	C:\Users\Possehl\AppData\Roaming\Microsoft\Windows\Cookies\possehl@c.atdmt[6].txt [ /c.atdmt ]
	C:\Users\Possehl\AppData\Roaming\Microsoft\Windows\Cookies\possehl@c.atdmt[7].txt [ /c.atdmt ]
	C:\Users\Possehl\AppData\Roaming\Microsoft\Windows\Cookies\possehl@cdn.at.atwola[2].txt [ /cdn.at.atwola ]
	C:\Users\Possehl\AppData\Roaming\Microsoft\Windows\Cookies\possehl@content.yieldmanager[1].txt [ /content.yieldmanager ]
	C:\Users\Possehl\AppData\Roaming\Microsoft\Windows\Cookies\possehl@doubleclick[1].txt [ /doubleclick ]
	C:\Users\Possehl\AppData\Roaming\Microsoft\Windows\Cookies\possehl@doubleclick[3].txt [ /doubleclick ]
	C:\Users\Possehl\AppData\Roaming\Microsoft\Windows\Cookies\possehl@doubleclick[4].txt [ /doubleclick ]
	C:\Users\Possehl\AppData\Roaming\Microsoft\Windows\Cookies\possehl@doubleclick[5].txt [ /doubleclick ]
	C:\Users\Possehl\AppData\Roaming\Microsoft\Windows\Cookies\possehl@imrworldwide[2].txt [ /imrworldwide ]
	C:\Users\Possehl\AppData\Roaming\Microsoft\Windows\Cookies\possehl@imrworldwide[3].txt [ /imrworldwide ]
	C:\Users\Possehl\AppData\Roaming\Microsoft\Windows\Cookies\possehl@mediaplex[2].txt [ /mediaplex ]
	C:\Users\Possehl\AppData\Roaming\Microsoft\Windows\Cookies\possehl@questionmarket[1].txt [ /questionmarket ]
	C:\Users\Possehl\AppData\Roaming\Microsoft\Windows\Cookies\possehl@questionmarket[2].txt [ /questionmarket ]
	C:\Users\Possehl\AppData\Roaming\Microsoft\Windows\Cookies\possehl@serving-sys[1].txt [ /serving-sys ]
	C:\Users\Possehl\AppData\Roaming\Microsoft\Windows\Cookies\possehl@serving-sys[2].txt [ /serving-sys ]
	C:\Users\Possehl\AppData\Roaming\Microsoft\Windows\Cookies\possehl@serving-sys[3].txt [ /serving-sys ]
	C:\Users\Possehl\AppData\Roaming\Microsoft\Windows\Cookies\possehl@serving-sys[4].txt [ /serving-sys ]
	C:\Users\Possehl\AppData\Roaming\Microsoft\Windows\Cookies\possehl@serving-sys[5].txt [ /serving-sys ]
	C:\Users\Possehl\AppData\Roaming\Microsoft\Windows\Cookies\possehl@sevenoneintermedia.112.2o7[1].txt [ /sevenoneintermedia.112.2o7 ]
	C:\Users\Possehl\AppData\Roaming\Microsoft\Windows\Cookies\possehl@tacoda.at.atwola[2].txt [ /tacoda.at.atwola ]
	C:\Users\Possehl\AppData\Roaming\Microsoft\Windows\Cookies\possehl@tacoda[2].txt [ /tacoda ]
	C:\Users\Possehl\AppData\Roaming\Microsoft\Windows\Cookies\possehl@track.adform[2].txt [ /track.adform ]
	C:\Users\Possehl\AppData\Roaming\Microsoft\Windows\Cookies\possehl@track.adform[3].txt [ /track.adform ]
	C:\Users\Possehl\AppData\Roaming\Microsoft\Windows\Cookies\possehl@tradedoubler[2].txt [ /tradedoubler ]
	C:\Users\Possehl\AppData\Roaming\Microsoft\Windows\Cookies\possehl@yadro[2].txt [ /yadro ]
	C:\USERS\POSSEHL\AppData\Roaming\Microsoft\Windows\Cookies\Low\possehl@myroitracking[1].txt [ Cookie:possehl@myroitracking.com/ ]
	C:\USERS\POSSEHL\AppData\Roaming\Microsoft\Windows\Cookies\Low\possehl@tracking.mlsat02[2].txt [ Cookie:possehl@tracking.mlsat02.de/tmobile/ ]
	C:\USERS\POSSEHL\AppData\Roaming\Microsoft\Windows\Cookies\Low\possehl@www.dailyporntube[1].txt [ Cookie:possehl@www.dailyporntube.net/ ]
	C:\USERS\POSSEHL\AppData\Roaming\Microsoft\Windows\Cookies\Low\possehl@pornorama[1].txt [ Cookie:possehl@pornorama.com/ ]
	C:\USERS\POSSEHL\AppData\Roaming\Microsoft\Windows\Cookies\Low\possehl@ad3.adfarm1.adition[1].txt [ Cookie:possehl@ad3.adfarm1.adition.com/ ]
	C:\USERS\POSSEHL\AppData\Roaming\Microsoft\Windows\Cookies\Low\possehl@serving-sys[1].txt [ Cookie:possehl@serving-sys.com/ ]
	C:\USERS\POSSEHL\AppData\Roaming\Microsoft\Windows\Cookies\Low\possehl@gr.burstnet[1].txt [ Cookie:possehl@gr.burstnet.com/ ]
	C:\USERS\POSSEHL\AppData\Roaming\Microsoft\Windows\Cookies\Low\possehl@adbrite[1].txt [ Cookie:possehl@adbrite.com/ ]
	C:\USERS\POSSEHL\AppData\Roaming\Microsoft\Windows\Cookies\Low\possehl@www.pornorama[2].txt [ Cookie:possehl@www.pornorama.com/ ]
	C:\USERS\POSSEHL\AppData\Roaming\Microsoft\Windows\Cookies\Low\possehl@tacoda.at.atwola[1].txt [ Cookie:possehl@tacoda.at.atwola.com/ ]
	C:\USERS\POSSEHL\AppData\Roaming\Microsoft\Windows\Cookies\Low\possehl@imrworldwide[2].txt [ Cookie:possehl@imrworldwide.com/cgi-bin ]
	C:\USERS\POSSEHL\AppData\Roaming\Microsoft\Windows\Cookies\Low\possehl@www.pornhub[2].txt [ Cookie:possehl@www.pornhub.com/ ]
	C:\USERS\POSSEHL\AppData\Roaming\Microsoft\Windows\Cookies\Low\possehl@fr.sitestat[1].txt [ Cookie:possehl@fr.sitestat.com/eurosport/yahoode/ ]
	C:\USERS\POSSEHL\AppData\Roaming\Microsoft\Windows\Cookies\Low\possehl@webmasterplan[1].txt [ Cookie:possehl@webmasterplan.com/ ]
	C:\USERS\POSSEHL\AppData\Roaming\Microsoft\Windows\Cookies\Low\possehl@tracking.quisma[2].txt [ Cookie:possehl@tracking.quisma.com/ ]
	C:\USERS\POSSEHL\AppData\Roaming\Microsoft\Windows\Cookies\Low\possehl@clicksor[1].txt [ Cookie:possehl@clicksor.com/ ]
	C:\USERS\POSSEHL\AppData\Roaming\Microsoft\Windows\Cookies\Low\possehl@monoprix.solution.weborama[2].txt [ Cookie:possehl@monoprix.solution.weborama.fr/ ]
	C:\USERS\POSSEHL\AppData\Roaming\Microsoft\Windows\Cookies\Low\possehl@apmebf[2].txt [ Cookie:possehl@apmebf.com/ ]
	C:\USERS\POSSEHL\AppData\Roaming\Microsoft\Windows\Cookies\Low\possehl@revsci[2].txt [ Cookie:possehl@revsci.net/ ]
	C:\USERS\POSSEHL\AppData\Roaming\Microsoft\Windows\Cookies\Low\possehl@ad2.adfarm1.adition[2].txt [ Cookie:possehl@ad2.adfarm1.adition.com/ ]
	C:\USERS\POSSEHL\AppData\Roaming\Microsoft\Windows\Cookies\Low\possehl@invitemedia[1].txt [ Cookie:possehl@invitemedia.com/ ]
	C:\USERS\POSSEHL\AppData\Roaming\Microsoft\Windows\Cookies\Low\possehl@www.google[2].txt [ Cookie:possehl@www.google.com/accounts ]
	C:\USERS\POSSEHL\AppData\Roaming\Microsoft\Windows\Cookies\Low\possehl@euros4click[2].txt [ Cookie:possehl@euros4click.de/ ]
	C:\USERS\POSSEHL\AppData\Roaming\Microsoft\Windows\Cookies\Low\possehl@supremeadserver[1].txt [ Cookie:possehl@supremeadserver.com/ ]
	C:\USERS\POSSEHL\AppData\Roaming\Microsoft\Windows\Cookies\Low\possehl@adserver.i3d[1].txt [ Cookie:possehl@adserver.i3d.net/ ]
	C:\USERS\POSSEHL\AppData\Roaming\Microsoft\Windows\Cookies\Low\possehl@burstnet[2].txt [ Cookie:possehl@burstnet.com/ ]
	C:\USERS\POSSEHL\AppData\Roaming\Microsoft\Windows\Cookies\Low\possehl@media6degrees[1].txt [ Cookie:possehl@media6degrees.com/ ]
	C:\USERS\POSSEHL\AppData\Roaming\Microsoft\Windows\Cookies\Low\possehl@fr.sitestat[2].txt [ Cookie:possehl@fr.sitestat.com/eurosport/ ]
	C:\USERS\POSSEHL\AppData\Roaming\Microsoft\Windows\Cookies\Low\possehl@mediaplex[1].txt [ Cookie:possehl@mediaplex.com/ ]
	C:\USERS\POSSEHL\AppData\Roaming\Microsoft\Windows\Cookies\Low\possehl@doubleclick[1].txt [ Cookie:possehl@doubleclick.net/ ]
	C:\USERS\POSSEHL\AppData\Roaming\Microsoft\Windows\Cookies\Low\possehl@fastclick[1].txt [ Cookie:possehl@fastclick.net/ ]
	C:\USERS\POSSEHL\AppData\Roaming\Microsoft\Windows\Cookies\Low\possehl@adxpansion[1].txt [ Cookie:possehl@adxpansion.com/ ]
	C:\USERS\POSSEHL\AppData\Roaming\Microsoft\Windows\Cookies\Low\possehl@advertising[1].txt [ Cookie:possehl@advertising.com/ ]
	C:\USERS\POSSEHL\AppData\Roaming\Microsoft\Windows\Cookies\Low\possehl@microsoftinternetexplorer.112.2o7[1].txt [ Cookie:possehl@microsoftinternetexplorer.112.2o7.net/ ]
	C:\USERS\POSSEHL\AppData\Roaming\Microsoft\Windows\Cookies\Low\possehl@collective-media[2].txt [ Cookie:possehl@collective-media.net/ ]
	C:\USERS\POSSEHL\AppData\Roaming\Microsoft\Windows\Cookies\Low\possehl@ad.adition[1].txt [ Cookie:possehl@ad.adition.net/ ]
	C:\USERS\POSSEHL\AppData\Roaming\Microsoft\Windows\Cookies\Low\possehl@at.atwola[2].txt [ Cookie:possehl@at.atwola.com/ ]
	C:\USERS\POSSEHL\AppData\Roaming\Microsoft\Windows\Cookies\Low\possehl@lucidmedia[1].txt [ Cookie:possehl@lucidmedia.com/ ]
	C:\USERS\POSSEHL\AppData\Roaming\Microsoft\Windows\Cookies\Low\possehl@zanox-affiliate[1].txt [ Cookie:possehl@zanox-affiliate.de/ ]
	C:\USERS\POSSEHL\AppData\Roaming\Microsoft\Windows\Cookies\Low\possehl@fl01.ct2.comclick[1].txt [ Cookie:possehl@fl01.ct2.comclick.com/ ]
	C:\USERS\POSSEHL\AppData\Roaming\Microsoft\Windows\Cookies\Low\possehl@vidsfucker[1].txt [ Cookie:possehl@vidsfucker.com/ ]
	C:\USERS\POSSEHL\AppData\Roaming\Microsoft\Windows\Cookies\Low\possehl@ar.atwola[1].txt [ Cookie:possehl@ar.atwola.com/ ]
	C:\USERS\POSSEHL\AppData\Roaming\Microsoft\Windows\Cookies\Low\possehl@traffictrack[2].txt [ Cookie:possehl@traffictrack.de/ ]
	C:\USERS\POSSEHL\AppData\Roaming\Microsoft\Windows\Cookies\Low\possehl@ad.yieldmanager[3].txt [ Cookie:possehl@ad.yieldmanager.com/ ]
	C:\USERS\POSSEHL\AppData\Roaming\Microsoft\Windows\Cookies\Low\possehl@smartadserver[2].txt [ Cookie:possehl@smartadserver.com/ ]
	C:\USERS\POSSEHL\AppData\Roaming\Microsoft\Windows\Cookies\Low\possehl@content.yieldmanager[2].txt [ Cookie:possehl@content.yieldmanager.com/ ]
	C:\USERS\POSSEHL\AppData\Roaming\Microsoft\Windows\Cookies\Low\possehl@ero-advertising[1].txt [ Cookie:possehl@ero-advertising.com/ ]
	C:\USERS\POSSEHL\AppData\Roaming\Microsoft\Windows\Cookies\Low\possehl@tracking1.aleadpay[1].txt [ Cookie:possehl@tracking1.aleadpay.com/ ]
	C:\USERS\POSSEHL\AppData\Roaming\Microsoft\Windows\Cookies\Low\possehl@mygaypornotube[2].txt [ Cookie:possehl@mygaypornotube.com/ ]
	C:\USERS\POSSEHL\AppData\Roaming\Microsoft\Windows\Cookies\Low\possehl@adxpose[1].txt [ Cookie:possehl@adxpose.com/ ]
	C:\USERS\POSSEHL\AppData\Roaming\Microsoft\Windows\Cookies\Low\possehl@yadro[1].txt [ Cookie:possehl@yadro.ru/ ]
	C:\USERS\POSSEHL\AppData\Roaming\Microsoft\Windows\Cookies\Low\possehl@dailyporntube[1].txt [ Cookie:possehl@dailyporntube.net/ ]
	C:\USERS\POSSEHL\AppData\Roaming\Microsoft\Windows\Cookies\Low\possehl@adviva[2].txt [ Cookie:possehl@adviva.net/ ]
	C:\USERS\POSSEHL\AppData\Roaming\Microsoft\Windows\Cookies\Low\possehl@statse.webtrendslive[2].txt [ Cookie:possehl@statse.webtrendslive.com/ ]
	C:\USERS\POSSEHL\AppData\Roaming\Microsoft\Windows\Cookies\Low\possehl@microsoftwindows.112.2o7[1].txt [ Cookie:possehl@microsoftwindows.112.2o7.net/ ]
	C:\USERS\POSSEHL\AppData\Roaming\Microsoft\Windows\Cookies\Low\possehl@zedo[2].txt [ Cookie:possehl@zedo.com/ ]
	C:\USERS\POSSEHL\AppData\Roaming\Microsoft\Windows\Cookies\Low\possehl@lightpornmovies[2].txt [ Cookie:possehl@lightpornmovies.com/ ]
	C:\USERS\POSSEHL\AppData\Roaming\Microsoft\Windows\Cookies\Low\possehl@trafficholder[1].txt [ Cookie:possehl@trafficholder.com/cgi-bin/traffic/ ]
	C:\USERS\POSSEHL\AppData\Roaming\Microsoft\Windows\Cookies\Low\possehl@bouyguestelecom.solution.weborama[2].txt [ Cookie:possehl@bouyguestelecom.solution.weborama.fr/ ]
	C:\USERS\POSSEHL\AppData\Roaming\Microsoft\Windows\Cookies\Low\possehl@xiti[1].txt [ Cookie:possehl@xiti.com/ ]
	C:\USERS\POSSEHL\AppData\Roaming\Microsoft\Windows\Cookies\Low\possehl@rts.pgmediaserve[1].txt [ Cookie:possehl@rts.pgmediaserve.com/ ]
	C:\USERS\POSSEHL\AppData\Roaming\Microsoft\Windows\Cookies\Low\possehl@vdwp.solution.weborama[2].txt [ Cookie:possehl@vdwp.solution.weborama.fr/ ]
	C:\USERS\POSSEHL\AppData\Roaming\Microsoft\Windows\Cookies\Low\possehl@questionmarket[2].txt [ Cookie:possehl@questionmarket.com/ ]
	C:\USERS\POSSEHL\AppData\Roaming\Microsoft\Windows\Cookies\Low\possehl@weborama[1].txt [ Cookie:possehl@weborama.fr/ ]
	C:\USERS\POSSEHL\AppData\Roaming\Microsoft\Windows\Cookies\Low\possehl@qporno[2].txt [ Cookie:possehl@qporno.com/ ]
	C:\USERS\POSSEHL\AppData\Roaming\Microsoft\Windows\Cookies\Low\possehl@pornhub[1].txt [ Cookie:possehl@pornhub.com/ ]
	C:\USERS\POSSEHL\AppData\Roaming\Microsoft\Windows\Cookies\Low\possehl@ru4[1].txt [ Cookie:possehl@ru4.com/ ]
	C:\USERS\POSSEHL\AppData\Roaming\Microsoft\Windows\Cookies\Low\possehl@statcounter[1].txt [ Cookie:possehl@statcounter.com/ ]
	C:\USERS\POSSEHL\Cookies\possehl@c.atdmt[7].txt [ Cookie:possehl@c.atdmt.com/ ]
	C:\USERS\POSSEHL\Cookies\possehl@atdmt[7].txt [ Cookie:possehl@atdmt.com/ ]
	.doubleclick.net [ C:\USERS\POSSEHL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	ad.yieldmanager.com [ C:\USERS\POSSEHL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	ad.yieldmanager.com [ C:\USERS\POSSEHL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	ad.yieldmanager.com [ C:\USERS\POSSEHL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	fr.sitestat.com [ C:\USERS\POSSEHL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	fr.sitestat.com [ C:\USERS\POSSEHL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.im.banner.t-online.de [ C:\USERS\POSSEHL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.adfarm1.adition.com [ C:\USERS\POSSEHL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.adfarm1.adition.com [ C:\USERS\POSSEHL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	ad4.adfarm1.adition.com [ C:\USERS\POSSEHL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.adfarm1.adition.com [ C:\USERS\POSSEHL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.xiti.com [ C:\USERS\POSSEHL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.revsci.net [ C:\USERS\POSSEHL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.yieldmanager.net [ C:\USERS\POSSEHL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.tribalfusion.com [ C:\USERS\POSSEHL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.legolas-media.com [ C:\USERS\POSSEHL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.harrenmedianetwork.com [ C:\USERS\POSSEHL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.zedo.com [ C:\USERS\POSSEHL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.xm.xtendmedia.com [ C:\USERS\POSSEHL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	ad.yieldmanager.com [ C:\USERS\POSSEHL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.adnetwork.net [ C:\USERS\POSSEHL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.zedo.com [ C:\USERS\POSSEHL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.zedo.com [ C:\USERS\POSSEHL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.imrworldwide.com [ C:\USERS\POSSEHL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.imrworldwide.com [ C:\USERS\POSSEHL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.revsci.net [ C:\USERS\POSSEHL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.invitemedia.com [ C:\USERS\POSSEHL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.im.banner.t-online.de [ C:\USERS\POSSEHL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.revsci.net [ C:\USERS\POSSEHL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.revsci.net [ C:\USERS\POSSEHL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.revsci.net [ C:\USERS\POSSEHL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.revsci.net [ C:\USERS\POSSEHL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.atdmt.com [ C:\USERS\POSSEHL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.atdmt.com [ C:\USERS\POSSEHL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.apmebf.com [ C:\USERS\POSSEHL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.mediaplex.com [ C:\USERS\POSSEHL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.zanox.com [ C:\USERS\POSSEHL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.zanox.com [ C:\USERS\POSSEHL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.webmasterplan.com [ C:\USERS\POSSEHL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.webmasterplan.com [ C:\USERS\POSSEHL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.smartadserver.com [ C:\USERS\POSSEHL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.smartadserver.com [ C:\USERS\POSSEHL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.smartadserver.com [ C:\USERS\POSSEHL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.revsci.net [ C:\USERS\POSSEHL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.revsci.net [ C:\USERS\POSSEHL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.webmasterplan.com [ C:\USERS\POSSEHL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.smartadserver.com [ C:\USERS\POSSEHL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.smartadserver.com [ C:\USERS\POSSEHL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.smartadserver.com [ C:\USERS\POSSEHL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.serving-sys.com [ C:\USERS\POSSEHL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.serving-sys.com [ C:\USERS\POSSEHL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.webmasterplan.com [ C:\USERS\POSSEHL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.de.clickcompare.info [ C:\USERS\POSSEHL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.de.clickcompare.info [ C:\USERS\POSSEHL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.de.clickcompare.info [ C:\USERS\POSSEHL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.mediaplex.com [ C:\USERS\POSSEHL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.adxpose.com [ C:\USERS\POSSEHL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.invitemedia.com [ C:\USERS\POSSEHL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.invitemedia.com [ C:\USERS\POSSEHL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.invitemedia.com [ C:\USERS\POSSEHL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.invitemedia.com [ C:\USERS\POSSEHL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.adtech.de [ C:\USERS\POSSEHL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.adtech.de [ C:\USERS\POSSEHL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.adtech.de [ C:\USERS\POSSEHL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.adtech.de [ C:\USERS\POSSEHL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.adtech.de [ C:\USERS\POSSEHL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.serving-sys.com [ C:\USERS\POSSEHL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.serving-sys.com [ C:\USERS\POSSEHL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.serving-sys.com [ C:\USERS\POSSEHL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.adtech.de [ C:\USERS\POSSEHL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.unitymedia.de [ C:\USERS\POSSEHL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.unitymedia.de [ C:\USERS\POSSEHL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.zedo.com [ C:\USERS\POSSEHL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.legolas-media.com [ C:\USERS\POSSEHL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.legolas-media.com [ C:\USERS\POSSEHL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.legolas-media.com [ C:\USERS\POSSEHL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.zedo.com [ C:\USERS\POSSEHL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.zedo.com [ C:\USERS\POSSEHL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.zedo.com [ C:\USERS\POSSEHL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.zedo.com [ C:\USERS\POSSEHL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	ad.yieldmanager.com [ C:\USERS\POSSEHL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	ad.yieldmanager.com [ C:\USERS\POSSEHL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	ad.yieldmanager.com [ C:\USERS\POSSEHL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	ad.yieldmanager.com [ C:\USERS\POSSEHL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	ad.yieldmanager.com [ C:\USERS\POSSEHL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	secure-uk.imrworldwide.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\2TW8RMYX ]
	C:\USERS\POSSEHL\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\POSSEHL@ADTECH[2].TXT [ /ADTECH ]
	C:\USERS\POSSEHL\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\POSSEHL@PARTYPOKER[1].TXT [ /PARTYPOKER ]
	C:\USERS\POSSEHL\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\POSSEHL@ADS.CREATIVE-SERVING[1].TXT [ /ADS.CREATIVE-SERVING ]
	C:\USERS\POSSEHL\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\POSSEHL@UNITYMEDIA[2].TXT [ /UNITYMEDIA ]
	C:\USERS\POSSEHL\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\POSSEHL@FREEPORNMPG[1].TXT [ /FREEPORNMPG ]
	C:\USERS\POSSEHL\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\POSSEHL@ZANOX[1].TXT [ /ZANOX ]
	C:\USERS\POSSEHL\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\POSSEHL@ADSERVER.ADREACTOR[2].TXT [ /ADSERVER.ADREACTOR ]
	C:\USERS\POSSEHL\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\POSSEHL@COUNTER.HITSLINK[1].TXT [ /COUNTER.HITSLINK ]
	C:\USERS\POSSEHL\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\POSSEHL@AD.LEADBOLT[1].TXT [ /AD.LEADBOLT ]
	C:\USERS\POSSEHL\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\POSSEHL@AD.LEADBOLT[2].TXT [ /AD.LEADBOLT ]
	C:\USERS\POSSEHL\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\POSSEHL@ADS.FLING[2].TXT [ /ADS.FLING ]
	C:\USERS\POSSEHL\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\POSSEHL@NEDSTAT.HOSTELBOOKERS[1].TXT [ /NEDSTAT.HOSTELBOOKERS ]
	C:\USERS\POSSEHL\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\POSSEHL@NEDSTAT.HOSTELBOOKERS[2].TXT [ /NEDSTAT.HOSTELBOOKERS ]
	C:\USERS\POSSEHL\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\POSSEHL@ADS.ADK2[1].TXT [ /ADS.ADK2 ]
	C:\USERS\POSSEHL\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\POSSEHL@TRADEDOUBLER[1].TXT [ /TRADEDOUBLER ]
	C:\USERS\POSSEHL\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\POSSEHL@AD2.ADFARM1.ADITION[1].TXT [ /AD2.ADFARM1.ADITION ]
	C:\USERS\POSSEHL\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\POSSEHL@2O7[2].TXT [ /2O7 ]
	C:\USERS\POSSEHL\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\POSSEHL@AD.YIELDMANAGER[1].TXT [ /AD.YIELDMANAGER ]
	C:\USERS\POSSEHL\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\POSSEHL@ADS.LIVETV[1].TXT [ /ADS.LIVETV ]
	C:\USERS\POSSEHL\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\POSSEHL@AD.ADC-SERV[2].TXT [ /AD.ADC-SERV ]
	C:\USERS\POSSEHL\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\POSSEHL@WWW.ACTIVE-TRACKING[1].TXT [ /WWW.ACTIVE-TRACKING ]
	C:\USERS\POSSEHL\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\POSSEHL@DOUBLECLICK[2].TXT [ /DOUBLECLICK ]
	C:\USERS\POSSEHL\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\POSSEHL@AD.ZANOX[2].TXT [ /AD.ZANOX ]
	C:\USERS\POSSEHL\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\POSSEHL@TUBESEXCLIPS[1].TXT [ /TUBESEXCLIPS ]
	C:\USERS\POSSEHL\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\POSSEHL@ADS.QUARTERMEDIA[1].TXT [ /ADS.QUARTERMEDIA ]
	C:\USERS\POSSEHL\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\POSSEHL@MM.CHITIKA[2].TXT [ /MM.CHITIKA ]
	C:\USERS\POSSEHL\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\POSSEHL@TRAVELADVERTISING[2].TXT [ /TRAVELADVERTISING ]
	C:\USERS\POSSEHL\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\POSSEHL@ADULTFRIENDFINDER[2].TXT [ /ADULTFRIENDFINDER ]
	C:\USERS\POSSEHL\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\POSSEHL@INTERCLICK[1].TXT [ /INTERCLICK ]
	C:\USERS\POSSEHL\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\POSSEHL@EAS.APM.EMEDIATE[2].TXT [ /EAS.APM.EMEDIATE ]
	C:\USERS\POSSEHL\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\POSSEHL@ADS.ZEUSCLICKS[1].TXT [ /ADS.ZEUSCLICKS ]
	C:\USERS\POSSEHL\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\POSSEHL@ADVERTSTREAM[2].TXT [ /ADVERTSTREAM ]
	C:\USERS\POSSEHL\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\POSSEHL@IM.BANNER.T-ONLINE[1].TXT [ /IM.BANNER.T-ONLINE ]
	C:\USERS\POSSEHL\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\POSSEHL@WWW.GOOGLEADSERVICES[2].TXT [ /WWW.GOOGLEADSERVICES ]
	C:\USERS\POSSEHL\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\POSSEHL@ADS.CLICMANAGER[2].TXT [ /ADS.CLICMANAGER ]
	C:\USERS\POSSEHL\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\POSSEHL@ADX.CHIP[2].TXT [ /ADX.CHIP ]
	C:\USERS\POSSEHL\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\POSSEHL@ADFARM1.ADITION[1].TXT [ /ADFARM1.ADITION ]
	C:\USERS\POSSEHL\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\POSSEHL@ANRTX.TACODA[1].TXT [ /ANRTX.TACODA ]
	C:\USERS\POSSEHL\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\POSSEHL@ADFARM1.ADITION[2].TXT [ /ADFARM1.ADITION ]
	C:\USERS\POSSEHL\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\POSSEHL@AD.360YIELD[2].TXT [ /AD.360YIELD ]
	C:\USERS\POSSEHL\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\POSSEHL@BANNERS.FACEBOOKOFSEX[1].TXT [ /BANNERS.FACEBOOKOFSEX ]
	C:\USERS\POSSEHL\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\POSSEHL@REVSCI[1].TXT [ /REVSCI ]
	.smartadserver.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	.zedo.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	.adtech.de [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	.atdmt.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	.atdmt.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	eas.apm.emediate.eu [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	.rambler.ru [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	eas.apm.emediate.eu [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	ad.adition.net [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	ad.adition.net [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	fr.sitestat.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	fr.sitestat.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	.apmebf.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	.mediaplex.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	.imrworldwide.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	.imrworldwide.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	.revsci.net [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	.insightexpressai.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	.insightexpressai.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	.insightexpressai.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	.insightexpressai.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	.insightexpressai.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	.insightexpressai.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	.revsci.net [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	dc.tremormedia.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	.invitemedia.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	.invitemedia.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	.invitemedia.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	tracking.sim-technik.de [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	.im.banner.t-online.de [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	.xiti.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	.histats.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	.histats.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	toi-rvp-ticker-01.odmedia.net [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	.specificclick.net [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	.adviva.net [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	toi-rvp-ticker-01.odmedia.net [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	.adinterax.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	ads2.medianord.de [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	.mm.chitika.net [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	.adbrite.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	.technoratimedia.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	.ru4.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	.statcounter.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	wstat.wibiya.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	.legolas-media.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	.harrenmedianetwork.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	de.sitestat.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	de.sitestat.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	ads.247activemedia.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	adsrv1.admediate.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	adx.chip.de [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	.amazon-adsystem.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	track.effiliation.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	.amazon-adsystem.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	.adxvalue.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	.lucidmedia.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	track.solocpm.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	.traffictrack.de [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	.traffictrack.de [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	.tto2.traffictrack.de [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	.eyewonder.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	.eyewonder.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	.ad.yieldmanager.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	.advertising.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	.adnetwork.net [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	.fastclick.net [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	.fastclick.net [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	.overture.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	.mapsofindia.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	.adserver.adtechus.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	.mapsofindia.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	www.mapsofindia.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	.mapsofindia.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	ad.yieldmanager.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	ad.yieldmanager.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	.traffictrack.de [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	.partypoker.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	.partypoker.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	.partypoker.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	.partypoker.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	.partypoker.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	.partypoker.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	.partypoker.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	.gostats.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	.at.atwola.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	.advertising.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	.legolas-media.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	.mediaplex.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	.zanox.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	www.googleadservices.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	.invitemedia.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	fl01.ct2.comclick.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	timesofindia.indiatimes.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	timesofindia.indiatimes.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	.serving-sys.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	timesofindia.indiatimes.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	fl01.ct2.comclick.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	ad.yieldmanager.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	.tradetracker.net [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	.zedo.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	.yadro.ru [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	.serving-sys.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	.zanox-affiliate.de [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	.smartadserver.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	ww251.smartadserver.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	track.adform.net [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	server.adformdsp.net [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	.adformdsp.net [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	.adform.net [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	.smartadserver.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	.smartadserver.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	.skydeutschland.122.2o7.net [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	www.googleadservices.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	.adxpose.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	www.googleadservices.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	.apmebf.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	.media6degrees.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	.media6degrees.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	.media6degrees.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	.media6degrees.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	.tradedoubler.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	ad.zanox.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	.xm.xtendmedia.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	.legolas-media.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	.revsci.net [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	ad.dyntracker.de [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	.ads.pointroll.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	.pointroll.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	.ads.pointroll.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	.pointroll.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	.ads.pointroll.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	.ads.pointroll.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	.ads.pointroll.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	.ads.pointroll.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	.ads.pointroll.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	.ads.pointroll.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	www.googleadservices.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	www.googleadservices.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	.doubleclick.net [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	.invitemedia.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	.bs.serving-sys.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	.revsci.net [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	.im.banner.t-online.de [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	.webmasterplan.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	.webmasterplan.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	.webmasterplan.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	.tradedoubler.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	track.effiliation.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	track.effiliation.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	track.effiliation.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	track.effiliation.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	track.effiliation.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	.revsci.net [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	.revsci.net [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	.webmasterplan.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	.doubleclick.net [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	.liveperson.net [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	.liveperson.net [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	statse.webtrendslive.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	ad.yieldmanager.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	ad.zanox.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	.tradedoubler.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	.tradedoubler.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	.tracking.quisma.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	.zanox-affiliate.de [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	.webmasterplan.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	tomtailor.dyntracker.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	.adbrite.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	.casalemedia.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	.casalemedia.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	.casalemedia.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	.casalemedia.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	.tracking.quisma.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	.webmasterplan.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	.webmasterplan.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	.webmasterplan.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	.tracking.quisma.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	7.rotator.wigetmedia.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	7.rotator.wigetmedia.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	.zedo.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	.invitemedia.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	.invitemedia.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	.invitemedia.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	.advertising.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	.advertising.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	eas.apm.emediate.eu [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	7.rotator.wigetmedia.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	.tracking.quisma.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	.webmasterplan.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	.webmasterplan.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	.tradedoubler.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	.tradedoubler.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	.serving-sys.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	.invitemedia.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	www.googleadservices.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	ad1.adfarm1.adition.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	.adtech.de [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	.unister-adservices.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	.im.banner.t-online.de [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	.im.banner.t-online.de [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	eas.apm.emediate.eu [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	.ad.adnet.de [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	.adtech.de [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	.adtech.de [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	.adtech.de [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	.unitymedia.de [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	.unitymedia.de [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	.adtech.de [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	.adtech.de [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	.adtech.de [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	.adtech.de [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	.adtech.de [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	.mediaplex.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	accounts.youtube.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	accounts.youtube.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	.questionmarket.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	.questionmarket.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	.yieldmanager.net [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	adfarm1.adition.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	track.adform.net [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	.adform.net [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	accounts.youtube.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	accounts.youtube.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	.zedo.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	.legolas-media.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	.legolas-media.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	eas5.emediate.eu [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	eas5.emediate.eu [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	.zedo.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	ad.yieldmanager.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	.aim4media.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	.zedo.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	.zedo.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	.zedo.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	.bs.serving-sys.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	.zanox.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	ad3.adfarm1.adition.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	ad2.adfarm1.adition.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	.tracker.vinsight.de [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	accounts.youtube.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	ad.yieldmanager.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	ad.yieldmanager.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	ad.yieldmanager.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	ad.yieldmanager.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	.adinterax.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	.serving-sys.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	.serving-sys.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	.serving-sys.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	ad4.adfarm1.adition.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	.revsci.net [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	.revsci.net [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	.revsci.net [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	.revsci.net [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	.revsci.net [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	.revsci.net [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	.revsci.net [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	.invitemedia.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	.im.banner.t-online.de [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	ad.yieldmanager.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	.revsci.net [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	accounts.youtube.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	accounts.youtube.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	accounts.google.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	.accounts.google.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	.accounts.google.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	.accounts.google.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	accounts.youtube.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	.doubleclick.net [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
	.tribalfusion.com [ C:\USERS\POSSEHL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HR5JDBU4.DEFAULT\COOKIES.SQLITE ]
         

Alt 01.10.2012, 13:04   #30
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Avast blockiert URL bei Google Chrome - Standard

Avast blockiert URL bei Google Chrome



Code:
ATTFilter
UAC On - Limited User
         
Wie hast du SUPERAntiSpyware gestartet? Einfach per Doppelklick?
__________________
Logfiles bitte immer in CODE-Tags posten

Antwort

Themen zu Avast blockiert URL bei Google Chrome
ahnung, appdata, blockiert, bösartige, bösartige website, chrome, fahren, frühen, google, google chrome, hijack.startpage, hoffe, keine ahnung, local, melde, meldet, meldung, pup.codec.pr, pup.vshareredir, scanner, users, viren, viren scanner, website



Ähnliche Themen: Avast blockiert URL bei Google Chrome


  1. ESET hat Diverses gefunden, Laptop extrem langsam, andauernde Fehlermeldungen Chrome"Ups Google Chrome ...."
    Plagegeister aller Art und deren Bekämpfung - 19.07.2015 (165)
  2. Kaum mache ich Google Chrome an sagt Avast ich hätte Virenseiten am start
    Plagegeister aller Art und deren Bekämpfung - 28.06.2015 (20)
  3. avast blockiert Websites auf Win 7
    Plagegeister aller Art und deren Bekämpfung - 08.05.2015 (19)
  4. Avast Meldung: Virus von IP ... blockiert
    Plagegeister aller Art und deren Bekämpfung - 24.02.2015 (13)
  5. Windows 7 x64, Avast blockiert im sekundentakt werbung, Google chrome erweiterung "Unisiallees" unbekannt nicht löschbar
    Log-Analyse und Auswertung - 22.01.2015 (17)
  6. Google Chrome - öffnet eine andere Seite beim Starten von Google Chrome (Win7)
    Plagegeister aller Art und deren Bekämpfung - 19.01.2015 (29)
  7. Avast Web-Schutz blockiert Firefoxseiten (google usw.)
    Antiviren-, Firewall- und andere Schutzprogramme - 05.12.2014 (4)
  8. Win 7:Langsam , Chrome mit Werbung überfüllt, Avast meldet ständig
    Log-Analyse und Auswertung - 29.11.2014 (17)
  9. Avast durch Gruppenrichtlinie blockiert
    Log-Analyse und Auswertung - 18.09.2014 (19)
  10. Avast von Gruppenrichtlinie blockiert
    Log-Analyse und Auswertung - 21.06.2014 (33)
  11. Avast durch Gruppenrichtlinie blockiert
    Plagegeister aller Art und deren Bekämpfung - 02.06.2014 (13)
  12. Avast durch Gruppenrichtlinie blockiert
    Log-Analyse und Auswertung - 30.04.2014 (11)
  13. Win 7: Google Chrome/Mozilla firefox lässt vermehrt Werbung auf Webseiten zu & Google Suchergebnisse scheinen manipuliert zu sein
    Log-Analyse und Auswertung - 29.04.2014 (8)
  14. Ständige Popups in Chrome sowie Firefox, langsames Internet, Avast findet keine Fehler
    Log-Analyse und Auswertung - 24.03.2014 (21)
  15. avast blockiert Firefox-Bedrohung
    Log-Analyse und Auswertung - 16.07.2012 (44)
  16. Google Chrome leitet Trojaner-Board Treffer bei Google auf dollarade.com um!
    Diskussionsforum - 07.02.2012 (18)
  17. Google Links werden umgeleitet und Avast blockiert
    Log-Analyse und Auswertung - 06.10.2008 (1)

Zum Thema Avast blockiert URL bei Google Chrome - Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten Anleitung und Downloadlink hier => http://www.trojaner-board.de/82358-t...entfernen.html Hinweis : Bitte den Virenscanner abstellen bevor du den - Avast blockiert URL bei Google Chrome...
Archiv
Du betrachtest: Avast blockiert URL bei Google Chrome auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.