Trojaner-Board - system restore virus verursacht Abstürze und alle mein Dateien & Programme sind geblockt/versteckt

Trojaner-Board (https://www.trojaner-board.de/)

- Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)

- - system restore virus verursacht Abstürze und alle mein Dateien & Programme sind geblockt/versteckt (https://www.trojaner-board.de/104883-system-restore-virus-verursacht-abstuerze-alle-dateien-programme-geblockt-versteckt.html)

system restore virus verursacht Abstürze und alle mein Dateien & Programme sind geblockt/versteckt

Hey,
erst einmal muss ich sagen, dass ich nicht wirklich viel Ahnung von Computern habe und werde aber versuchen alle Anweisungen zu verstehen und blöde Fragen zu vermeiden.
Also seit etwas mehr als einer Woche habe ich den System restore Virus auf meinem Laptop, dass bedeutet, wenn ich ihn hochfahre, öffnet sich ein Fenster, dass mir versucht klar zumachen, dass es eine Anwendung von Windows ist und bei einem Scan festgestellt hat, dass ich diverse Hardware Probleme auf meine Laptop habe und ein bestimmtes Programm kaufen muss um diese zu reparieren. Außerdem ist mein Desktop komplett schwarz und nur noch der Papierkorb ist vorhanden, alle meine anderen Dateien und Programme scheinen aber verschwunden zu sein. Wenn ich auf das Windows Start Zeichen klicke, öffnet sich zwar die Leiste, aber es ist alles leer und mir wird nichts mehr angezeigt. Auch meine Festplatten werden mir als 'leere Ordner' angezeigt, obwohl ich sehen kann, dass sie belegt sind.
Es ist nur möglich meinen Laptop überhaupt zu benutzen und aufs Internet zu greifen zu können, da sich mein Skype automatisch öffnet und ich dann über Links firefox öffnen kann.
Ich habe das alles gegoogelt aber um den Virus zu entfernen, heißt es meisten man sollte bestimmte registry einträge löschen, was mir allerdings zu riskant ist, da ich Angst habe mehr zu zerstören als zu reparieren.
Also ich hoffe ihr könnt mir helfen, ich bin nämlich etwas aufgeschmissen und sage schon mal im Voraus ganz ganz vielen Dank!!

Hier meine OTL.txt:

OTL logfile created on: 07.11.2011 08:35:10 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Theresa\Downloads
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

3,91 Gb Total Physical Memory | 2,46 Gb Available Physical Memory | 62,96% Memory free
7,83 Gb Paging File | 5,92 Gb Available in Paging File | 75,68% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 119,23 Gb Total Space | 24,29 Gb Free Space | 20,37% Space Free | Partition Type: NTFS
Drive D: | 153,85 Gb Total Space | 83,84 Gb Free Space | 54,49% Space Free | Partition Type: NTFS

Computer Name: THERESA-PC | User Name: Theresa | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011.11.07 08:31:39 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Theresa\Downloads\OTL.exe
PRC - [2011.11.07 08:25:14 | 000,050,477 | ---- | M] () -- C:\Users\Theresa\Downloads\Defogger.exe
PRC - [2011.10.05 09:18:00 | 000,086,224 | -H-- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
PRC - [2011.10.05 09:17:51 | 000,110,032 | -H-- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
PRC - [2011.10.05 09:17:50 | 000,258,512 | -H-- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
PRC - [2011.08.31 16:00:48 | 000,366,152 | -H-- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2011.08.31 14:33:32 | 001,545,856 | -H-- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
PRC - [2011.07.28 18:08:12 | 001,259,376 | -H-- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
PRC - [2011.06.06 05:55:28 | 000,064,952 | -H-- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011.05.07 04:53:49 | 003,058,304 | -H-- | M] (ASUS) -- C:\Windows\AsScrPro.exe
PRC - [2011.02.22 05:38:52 | 002,009,704 | -H-- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
PRC - [2011.01.25 13:32:28 | 000,166,528 | -H-- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
PRC - [2010.11.15 12:42:12 | 000,305,792 | -H-- | M] (ASUS) -- C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
PRC - [2010.10.07 16:05:14 | 000,170,624 | -H-- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
PRC - [2010.09.23 18:53:16 | 001,601,536 | -H-- | M] () -- C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
PRC - [2010.09.13 22:45:56 | 000,219,496 | -H-- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2010.09.13 22:45:44 | 000,508,264 | -H-- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2010.08.17 16:55:42 | 005,732,992 | -H-- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
PRC - [2010.07.19 15:26:00 | 000,370,480 | -H-- | M] (syncables, LLC) -- C:\Program Files (x86)\syncables\syncables desktop\syncables.exe
PRC - [2010.07.19 15:26:00 | 000,145,184 | -H-- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\syncables\syncables desktop\jre\bin\javaw.exe
PRC - [2010.07.10 00:45:00 | 000,984,400 | -H-- | M] (Virage Logic Corporation / Sonic Focus) -- C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe
PRC - [2009.12.15 12:39:38 | 000,096,896 | -H-- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
PRC - [2009.11.02 17:21:26 | 000,103,720 | -H-- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
PRC - [2009.06.19 12:29:42 | 000,105,016 | -H-- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
PRC - [2009.06.19 12:29:26 | 002,488,888 | -H-- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
PRC - [2009.06.15 19:30:42 | 000,084,536 | -H-- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
PRC - [2009.03.05 15:07:20 | 002,260,480 | RHS- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2009.01.26 14:31:10 | 001,153,368 | -H-- | M] (Safer Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
PRC - [2008.12.22 19:15:34 | 000,174,648 | -H-- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
PRC - [2008.08.13 23:00:08 | 000,113,208 | -H-- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
PRC - [2006.10.11 05:45:12 | 000,075,304 | -H-- | M] (ScanSoft, Inc.) -- C:\Program Files (x86)\ScanSoft\OmniPageSE4.0\OpWareSE4.exe

========== Modules (No Company Name) ==========

MOD - [2011.11.07 08:25:14 | 000,050,477 | ---- | M] () -- C:\Users\Theresa\Downloads\Defogger.exe
MOD - [2011.10.14 11:18:09 | 000,368,128 | -H-- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\5672e6b9d976feca51deb06d8dd1df0e\PresentationFramework.Aero.ni.dll
MOD - [2011.10.14 11:17:30 | 014,322,688 | -H-- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\09e39322b47f9b4e8dd2199ff03acb2e\PresentationFramework.ni.dll
MOD - [2011.10.14 11:17:12 | 012,431,360 | -H-- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\d76221993c2fdfb991b8c12ae50a30eb\System.Windows.Forms.ni.dll
MOD - [2011.10.14 11:17:03 | 001,586,688 | -H-- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\0e245eb9c1067cabd5673fe832d28613\System.Drawing.ni.dll
MOD - [2011.10.14 11:16:59 | 012,216,320 | -H-- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\d2dc021a8311197516e4fa325b292f21\PresentationCore.ni.dll
MOD - [2011.10.14 11:16:46 | 003,325,952 | -H-- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\3136e12cfb8809d39813e76c766c782c\WindowsBase.ni.dll
MOD - [2011.10.14 11:16:39 | 005,452,800 | -H-- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\275680f2b9db0501d53c50ea7d7a43f0\System.Xml.ni.dll
MOD - [2011.10.14 11:16:34 | 000,971,264 | -H-- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\e9ebeb7959f1c916ebf6fca8f7077d6c\System.Configuration.ni.dll
MOD - [2011.10.14 11:16:33 | 007,949,312 | -H-- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\95b9866ab6e4437ef5dc5855ebab4e33\System.ni.dll
MOD - [2011.10.14 11:16:24 | 011,490,304 | -H-- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\1b31ced9bb880d94fff1c6d47c16a81e\mscorlib.ni.dll
MOD - [2011.09.27 06:23:00 | 000,087,912 | -H-- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011.09.27 06:22:40 | 001,242,472 | -H-- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011.08.31 14:33:32 | 000,208,384 | -H-- | M] () -- C:\Program Files (x86)\ASUS\ASUS Live Update\alvupdt.dll
MOD - [2011.07.28 18:09:42 | 000,096,112 | -H-- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
MOD - [2011.07.28 18:08:12 | 001,259,376 | -H-- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
MOD - [2010.09.23 18:53:16 | 001,601,536 | -H-- | M] () -- C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
MOD - [2009.11.02 17:23:36 | 000,013,096 | -H-- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
MOD - [2009.11.02 17:20:10 | 000,619,816 | -H-- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
MOD - [2009.08.04 04:50:05 | 000,249,856 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\PresentationFramework.resources\3.0.0.0_de_31bf3856ad364e35\PresentationFramework.resources.dll
MOD - [2009.08.04 04:49:43 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll

========== Win32 Services (SafeList) ==========

SRV:64bit: - [2011.03.03 18:57:58 | 000,379,520 | ---- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Windows\SysNative\FBAgent.exe -- (AFBAgent)
SRV:64bit: - [2010.09.22 21:10:10 | 000,057,184 | -H-- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2009.07.13 20:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
SRV - [2011.10.05 09:18:00 | 000,086,224 | -H-- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2011.10.05 09:17:51 | 000,110,032 | -H-- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011.08.31 16:00:48 | 000,366,152 | -H-- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011.06.06 05:55:28 | 000,064,952 | -H-- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011.02.22 05:38:52 | 002,009,704 | -H-- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)
SRV - [2011.01.12 10:50:28 | 000,332,272 | -H-- | M] (Google Inc.) [On_Demand | Stopped] -- C:\ProgramData\Partner\Partner.exe -- (Partner Service)
SRV - [2010.09.13 22:45:56 | 000,219,496 | -H-- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2010.09.13 22:45:44 | 000,508,264 | -H-- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2010.03.18 06:16:28 | 000,130,384 | -H-- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.12.15 12:39:38 | 000,096,896 | -H-- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv)
SRV - [2009.06.15 19:30:42 | 000,084,536 | -H-- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe -- (ASLDRService)
SRV - [2009.06.10 16:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009.01.26 14:31:10 | 001,153,368 | -H-- | M] (Safer Networking Ltd.) [Auto | Running] -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe -- (SBSDWSCService)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2011.09.18 07:39:27 | 000,130,760 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2011.09.15 22:55:03 | 000,097,312 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2011.09.15 22:55:03 | 000,027,760 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr)
DRV:64bit: - [2011.08.31 16:00:50 | 000,025,416 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2011.03.11 01:22:41 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 01:22:40 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011.02.21 03:07:54 | 000,025,960 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\nvpciflt.sys -- (nvpciflt)
DRV:64bit: - [2011.01.26 19:57:12 | 012,273,408 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2011.01.13 06:58:30 | 000,413,800 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2010.12.13 16:12:40 | 000,138,024 | ---- | M] (ELAN Microelectronics Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ETD.sys -- (ETD)
DRV:64bit: - [2010.10.14 11:28:16 | 000,317,440 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud) Intel(R)
DRV:64bit: - [2010.09.23 03:36:48 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2010.09.21 20:59:38 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64) Intel(R)
DRV:64bit: - [2010.09.13 22:45:52 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)
DRV:64bit: - [2010.09.13 22:45:50 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)
DRV:64bit: - [2010.09.13 22:45:48 | 000,268,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)
DRV:64bit: - [2010.09.13 22:45:44 | 000,760,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)
DRV:64bit: - [2010.09.13 05:24:26 | 000,437,272 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010.08.03 13:43:14 | 000,290,920 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rtsuvstor.sys -- (RSUSBVSTOR)
DRV:64bit: - [2010.03.02 11:45:24 | 001,594,368 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2009.07.20 04:29:40 | 000,015,416 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kbfiltr.sys -- (kbfiltr)
DRV:64bit: - [2009.07.13 20:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.13 20:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.13 20:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009.07.13 20:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.07.13 19:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam)
DRV:64bit: - [2009.06.10 15:35:57 | 000,056,832 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SiSG664.sys -- (SiSGbeLH)
DRV:64bit: - [2009.06.10 15:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 15:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 15:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 15:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.05.18 06:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2008.05.23 19:27:28 | 000,154,168 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV - [2010.07.26 15:57:20 | 000,017,024 | -H-- | M] (ASUS) [Kernel | System | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys -- (ATKWMIACPIIO)
DRV - [2009.07.13 20:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2009.07.02 19:36:14 | 000,015,416 | -H-- | M] (ASUS) [Kernel | Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys -- (ASMMAP64)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus.msn.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus.msn.com

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus.msn.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,XMLHTTP_UUID_Default = 9F 08 E8 0A 4F A6 BA 4D B9 6B 5D 43 F0 A6 04 45 [binary data]
IE - HKCU\..\URLSearchHook: {472734EA-242A-422b-ADF8-83D1E48CC825} - No CLSID value found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..network.proxy.http: "127.0.0.1"
FF - prefs.js..network.proxy.http_port: 49434
FF - prefs.js..network.proxy.type: 0

FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\ZEON/PDF,version=2.0: C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll (Zeon Corporation)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2011.11.01 20:08:54 | 000,000,000 | -H-D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011.10.12 14:16:06 | 000,000,000 | -H-D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011.10.12 14:16:05 | 000,000,000 | -H-D | M]

[2011.08.01 12:44:41 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\Theresa\AppData\Roaming\mozilla\Extensions
[2011.11.01 20:10:13 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\Theresa\AppData\Roaming\mozilla\Firefox\Profiles\vo3088lh.default\extensions
[2011.11.01 20:13:42 | 000,000,000 | -H-D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\Theresa\AppData\Roaming\mozilla\Firefox\Profiles\vo3088lh.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2011.11.01 20:13:42 | 000,000,000 | -H-D | M] (We-Care Reminder) -- C:\Users\Theresa\AppData\Roaming\mozilla\Firefox\Profiles\vo3088lh.default\extensions\wecarereminder@bryan
[2011.09.22 13:53:13 | 000,000,000 | -H-D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2011.11.01 20:09:04 | 000,000,000 | -H-D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011.09.30 23:03:32 | 000,134,104 | -H-- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011.09.22 13:52:56 | 000,472,808 | -H-- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2011.09.30 23:03:29 | 000,001,392 | -H-- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2011.09.30 23:03:29 | 000,002,252 | -H-- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2011.09.30 23:03:29 | 000,001,153 | -H-- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2011.09.30 23:03:29 | 000,006,805 | -H-- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2011.09.30 23:03:29 | 000,001,178 | -H-- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2011.09.30 23:03:29 | 000,001,105 | -H-- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml

O1 HOSTS File: ([2011.10.11 17:33:08 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (Partner BHO Class) - {83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4} - C:\ProgramData\Partner\Partner64.dll (Google Inc.)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg64.dll (Google Inc.)
O2 - BHO: (Reg Error: Value error.) - {0AE8089F-A64F-4DBA-B96B-5D43F0A60445} - C:\Users\Theresa\AppData\Local\NetworkWin32.dll File not found
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [ASUS WebStorage] C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe ()
O4:64bit: - HKLM..\Run: [ETDCtrl] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronics Corp.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [Setwallpaper] c:\programdata\SetWallpaper.cmd File not found
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUS)
O4 - HKLM..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUS)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (ASUS)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [Nuance PDF Reader-reminder] C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [OpwareSE4] C:\Program Files (x86)\ScanSoft\OmniPageSE4.0\OpwareSE4.exe (ScanSoft, Inc.)
O4 - HKLM..\Run: [SonicMasterTray] C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe (Virage Logic Corporation / Sonic Focus)
O4 - HKLM..\Run: [UpdateLBPShortCut] C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdateP2GoShortCut] C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe ()
O4 - HKCU..\Run: [Clients Update] rundll32 ",DllRegisterServer File not found
O4 - HKCU..\Run: [Macromedia Update] rundll32 ",DllRegisterServer File not found
O4 - HKCU..\Run: [MouseProfileVerifier] rundll32.exe ",DllRegisterServer File not found
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - HKCU..\Run: [Syncables] C:\Program Files (x86)\syncables\syncables desktop\Syncables.exe (syncables, LLC)
O4 - Startup: C:\Users\Theresa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8:64bit: - Extra context menu item: Free YouTube Download - C:\Users\Theresa\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()
O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Theresa\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Free YouTube Download - C:\Users\Theresa\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Theresa\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000010 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 71.250.0.12
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D585AA05-9E9D-4165-859A-099645FB6A55}: DhcpNameServer = 192.168.1.1 71.250.0.12
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O20:64bit: - AppInit_DLLs: (C:\Windows\System32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
O20 - AppInit_DLLs: (C:\Windows\SysWOW64\nvinit.dll) -C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP

MsConfig:64bit - StartUpReg: ASUS Screen Saver Protector - hkey= - key= - C:\Windows\AsScrPro.exe (ASUS)
MsConfig:64bit - StartUpReg: CLMLServer - hkey= - key= - C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)
MsConfig:64bit - StartUpReg: RtHDVCpl - hkey= - key= - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2011.11.06 00:44:31 | 000,000,000 | ---D | C] -- C:\Users\Theresa\Desktop\fb
[2011.11.01 17:22:07 | 000,000,000 | -HSD | C] -- C:\Windows\SysWow64\%USERPROFILE%
[2011.11.01 16:45:42 | 000,000,000 | -H-D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy
[2011.10.29 15:00:37 | 000,000,000 | -H-D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2011.10.29 15:00:36 | 000,000,000 | -H-D | C] -- C:\Program Files\CCleaner
[2011.10.28 16:46:25 | 000,000,000 | -H-D | C] -- C:\Users\Theresa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Restore
[2011.10.28 15:40:57 | 000,000,000 | -H-D | C] -- C:\Users\Theresa\Desktop\usa
[2011.10.20 09:48:36 | 000,000,000 | -H-D | C] -- C:\Users\Theresa\Desktop\data
[2011.10.20 09:24:48 | 000,000,000 | -H-D | C] -- C:\Users\Theresa\AppData\Roaming\Download Manager
[2011.10.20 08:07:43 | 000,000,000 | -HSD | C] -- C:\Windows\SysWow64\%APPDATA%
[2011.10.20 07:42:18 | 000,000,000 | -H-D | C] -- C:\Windows\Sun
[2011.10.14 15:31:04 | 000,000,000 | -H-D | C] -- C:\Users\Theresa\AppData\Roaming\gtk-2.0
[2011.10.14 15:28:19 | 000,000,000 | -H-D | C] -- C:\Users\Theresa\.thumbnails
[2011.10.13 15:20:12 | 000,000,000 | -H-D | C] -- C:\ProgramData\.Syncables
[2011.10.13 15:19:28 | 000,000,000 | -H-D | C] -- C:\Users\Theresa\Desktop\ping
[2011.10.12 15:49:49 | 000,000,000 | -H-D | C] -- C:\Users\Theresa\Externe Festplatte
[2011.10.12 14:25:16 | 000,000,000 | -H-D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2011.10.12 14:24:38 | 000,000,000 | -H-D | C] -- C:\Program Files\iTunes
[2011.10.12 14:24:38 | 000,000,000 | -H-D | C] -- C:\Program Files\iPod
[2011.10.12 14:23:24 | 000,000,000 | -H-D | C] -- C:\Program Files\Bonjour
[2011.10.12 14:23:24 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Bonjour
[2011.10.12 14:16:00 | 000,000,000 | -H-D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2011.10.12 14:15:52 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\QuickTime
[2011.10.12 07:12:15 | 000,000,000 | -H-D | C] -- C:\Users\Theresa\AppData\Roaming\Avira
[2011.10.12 07:12:02 | 000,000,000 | -H-D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
[2011.10.12 07:11:53 | 000,130,760 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avipbb.sys
[2011.10.12 07:11:53 | 000,097,312 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avgntflt.sys
[2011.10.12 07:11:53 | 000,027,760 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avkmgr.sys
[2011.10.12 07:11:53 | 000,000,000 | -H-D | C] -- C:\ProgramData\Avira
[2011.10.12 07:11:53 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Avira
[2011.10.11 17:38:37 | 000,000,000 | -H-D | C] -- C:\Windows\temp
[2011.10.11 17:33:10 | 000,000,000 | -H-D | C] -- C:\$RECYCLE.BIN
[2011.10.11 16:45:15 | 000,518,144 | -H-- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2011.10.11 16:45:15 | 000,406,528 | -H-- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2011.10.11 16:45:15 | 000,060,416 | -H-- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2011.10.11 16:45:11 | 000,000,000 | -H-D | C] -- C:\Windows\ERDNT
[2011.10.11 16:45:08 | 000,000,000 | -H-D | C] -- C:\Qoobox
[2011.10.11 16:28:17 | 000,000,000 | -H-D | C] -- C:\Users\Theresa\AppData\Local\jZip
[2011.10.11 16:27:50 | 000,000,000 | -H-D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\jZip
[2011.10.11 16:27:47 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\jZip
[2011.10.10 22:05:06 | 000,000,000 | -HSD | C] -- C:\Users\Theresa\AppData\Roaming\C4136249
[2011.10.08 21:01:19 | 000,000,000 | -H-D | C] -- C:\ProgramData\Symantec
[2011.10.08 21:01:19 | 000,000,000 | -H-D | C] -- C:\ProgramData\Norton
[2011.10.08 21:01:18 | 000,000,000 | -H-D | C] -- C:\ProgramData\NortonInstaller
[2011.10.08 21:01:18 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\NortonInstaller
[1 C:\Users\Theresa\Desktop\*.tmp files -> C:\Users\Theresa\Desktop\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011.11.07 08:31:05 | 000,000,000 | ---- | M] () -- C:\Users\Theresa\defogger_reenable
[2011.11.07 08:13:50 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011.11.07 08:13:50 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011.11.07 08:10:23 | 001,531,014 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011.11.07 08:10:23 | 000,666,256 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2011.11.07 08:10:23 | 000,628,098 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011.11.07 08:10:23 | 000,134,178 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2011.11.07 08:10:23 | 000,110,560 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011.11.07 08:06:13 | 000,045,056 | ---- | M] () -- C:\Windows\SysNative\acovcnt.exe
[2011.11.07 08:06:07 | 000,001,120 | -H-- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011.11.07 08:05:46 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.11.07 08:05:39 | 3151,839,232 | -HS- | M] () -- C:\hiberfil.sys
[2011.11.06 23:59:00 | 000,001,124 | -H-- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011.11.02 10:13:20 | 000,203,577 | -H-- | M] () -- C:\Users\Theresa\Desktop\IMG_02112011_151244.png
[2011.11.01 18:08:11 | 000,323,968 | -H-- | M] () -- C:\ProgramData\1kAlMiG2Kb7FzP.exe
[2011.11.01 18:01:15 | 000,002,454 | ---- | M] () -- C:\Windows\SysNative\AutoRunFilter.ini
[2011.11.01 17:13:48 | 000,000,085 | -H-- | M] () -- C:\Windows\wininit.ini
[2011.11.01 16:45:42 | 000,001,256 | -H-- | M] () -- C:\Users\Theresa\Desktop\Spybot - Search & Destroy.lnk
[2011.10.29 16:46:15 | 000,043,198 | -H-- | M] () -- C:\Users\Theresa\Desktop\samstag 16.juli.jpg
[2011.10.29 16:45:55 | 000,020,869 | -H-- | M] () -- C:\Users\Theresa\Desktop\a.jpg
[2011.10.29 14:51:59 | 000,059,776 | -H-- | M] () -- C:\Users\Theresa\Desktop\You will not need a program called System Recovery if there.odt
[2011.10.29 09:12:25 | 000,000,192 | -H-- | M] () -- C:\ProgramData\~9lVK7dmpdonxRW
[2011.10.29 09:12:25 | 000,000,088 | -H-- | M] () -- C:\ProgramData\~9lVK7dmpdonxRWr
[2011.10.29 09:12:14 | 000,000,336 | -H-- | M] () -- C:\ProgramData\9lVK7dmpdonxRW
[2011.10.28 23:33:51 | 000,000,224 | -H-- | M] () -- C:\ProgramData\~6DSS92c31Apgjk
[2011.10.28 23:33:50 | 000,000,112 | -H-- | M] () -- C:\ProgramData\~6DSS92c31Apgjkr
[2011.10.28 23:33:36 | 000,000,336 | -H-- | M] () -- C:\ProgramData\6DSS92c31Apgjk
[2011.10.28 16:49:33 | 000,000,440 | -H-- | M] () -- C:\ProgramData\1kAlMiG2Kb7FzP
[2011.10.28 16:46:44 | 000,000,224 | -H-- | M] () -- C:\ProgramData\~1kAlMiG2Kb7FzP
[2011.10.28 16:46:44 | 000,000,112 | -H-- | M] () -- C:\ProgramData\~1kAlMiG2Kb7FzPr
[2011.10.28 16:46:25 | 000,000,659 | -H-- | M] () -- C:\Users\Theresa\Desktop\System Restore.lnk
[2011.10.20 09:45:49 | 000,364,927 | -H-- | M] () -- C:\Users\Theresa\Documents\WinFlash_WIN7_32_WIN7_64_z2310.zip
[2011.10.14 15:31:04 | 000,001,470 | -H-- | M] () -- C:\Users\Theresa\.recently-used.xbel
[2011.10.14 11:14:43 | 000,293,616 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011.10.11 17:33:08 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2011.10.08 20:56:04 | 000,001,259 | ---- | M] () -- C:\Windows\SysNative\ServiceFilter.ini
[1 C:\Users\Theresa\Desktop\*.tmp files -> C:\Users\Theresa\Desktop\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011.11.07 08:31:05 | 000,000,000 | ---- | C] () -- C:\Users\Theresa\defogger_reenable
[2011.11.02 10:12:59 | 000,203,577 | -H-- | C] () -- C:\Users\Theresa\Desktop\IMG_02112011_151244.png
[2011.11.01 18:08:11 | 000,323,968 | -H-- | C] () -- C:\ProgramData\1kAlMiG2Kb7FzP.exe
[2011.11.01 17:13:48 | 000,000,085 | -H-- | C] () -- C:\Windows\wininit.ini
[2011.11.01 16:45:42 | 000,001,256 | -H-- | C] () -- C:\Users\Theresa\Desktop\Spybot - Search & Destroy.lnk
[2011.10.29 16:46:02 | 000,043,198 | -H-- | C] () -- C:\Users\Theresa\Desktop\samstag 16.juli.jpg
[2011.10.29 16:45:33 | 000,020,869 | -H-- | C] () -- C:\Users\Theresa\Desktop\a.jpg
[2011.10.29 14:51:56 | 000,059,776 | -H-- | C] () -- C:\Users\Theresa\Desktop\You will not need a program called System Recovery if there.odt
[2011.10.29 09:12:25 | 000,000,088 | -H-- | C] () -- C:\ProgramData\~9lVK7dmpdonxRWr
[2011.10.29 09:12:24 | 000,000,192 | -H-- | C] () -- C:\ProgramData\~9lVK7dmpdonxRW
[2011.10.29 09:12:14 | 000,000,336 | -H-- | C] () -- C:\ProgramData\9lVK7dmpdonxRW
[2011.10.28 23:33:50 | 000,000,224 | -H-- | C] () -- C:\ProgramData\~6DSS92c31Apgjk
[2011.10.28 23:33:50 | 000,000,112 | -H-- | C] () -- C:\ProgramData\~6DSS92c31Apgjkr
[2011.10.28 23:33:36 | 000,000,336 | -H-- | C] () -- C:\ProgramData\6DSS92c31Apgjk
[2011.10.28 16:46:44 | 000,000,224 | -H-- | C] () -- C:\ProgramData\~1kAlMiG2Kb7FzP
[2011.10.28 16:46:44 | 000,000,112 | -H-- | C] () -- C:\ProgramData\~1kAlMiG2Kb7FzPr
[2011.10.28 16:46:25 | 000,000,659 | -H-- | C] () -- C:\Users\Theresa\Desktop\System Restore.lnk
[2011.10.28 16:46:22 | 000,000,440 | -H-- | C] () -- C:\ProgramData\1kAlMiG2Kb7FzP
[2011.10.20 09:45:53 | 000,055,936 | -H-- | C] () -- C:\Users\Theresa\Desktop\Setup.exe
[2011.10.20 09:25:00 | 000,364,927 | -H-- | C] () -- C:\Users\Theresa\Documents\WinFlash_WIN7_32_WIN7_64_z2310.zip
[2011.10.14 15:31:04 | 000,001,470 | -H-- | C] () -- C:\Users\Theresa\.recently-used.xbel
[2011.10.11 16:45:15 | 000,256,000 | -H-- | C] () -- C:\Windows\PEV.exe
[2011.10.11 16:45:15 | 000,208,896 | -H-- | C] () -- C:\Windows\MBR.exe
[2011.10.11 16:45:15 | 000,098,816 | -H-- | C] () -- C:\Windows\sed.exe
[2011.10.11 16:45:15 | 000,080,412 | -H-- | C] () -- C:\Windows\grep.exe
[2011.10.11 16:45:15 | 000,068,096 | -H-- | C] () -- C:\Windows\zip.exe
[2011.08.05 11:40:12 | 000,000,428 | -H-- | C] () -- C:\Windows\MAXLINK.INI
[2011.08.01 14:24:55 | 001,557,708 | -H-- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011.04.08 01:40:56 | 000,960,940 | -H-- | C] () -- C:\Windows\SysWow64\igkrng600.bin
[2011.04.08 01:40:54 | 000,213,332 | -H-- | C] () -- C:\Windows\SysWow64\igfcg600m.bin
[2011.04.08 01:40:53 | 000,145,804 | -H-- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin
[2009.10.25 22:38:22 | 000,000,176 | -H-- | C] () -- C:\Windows\explorer.exe.config
[2009.07.29 00:20:40 | 000,000,010 | -H-- | C] () -- C:\Windows\SysWow64\ABLKSR.ini
[2009.07.14 00:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009.07.13 21:35:51 | 000,000,741 | -H-- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009.07.13 21:34:42 | 000,215,943 | -H-- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009.07.13 19:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009.07.13 18:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 16:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009.06.10 16:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat

========== LOP Check ==========

[2011.11.01 20:13:41 | 000,000,000 | -H-D | M] -- C:\Users\Theresa\AppData\Roaming\Asus WebStorage
[2011.10.10 22:20:10 | 000,000,000 | -HSD | M] -- C:\Users\Theresa\AppData\Roaming\C4136249
[2011.11.01 20:13:41 | 000,000,000 | -H-D | M] -- C:\Users\Theresa\AppData\Roaming\Canon
[2011.09.06 20:24:40 | 000,000,000 | -H-D | M] -- C:\Users\Theresa\AppData\Roaming\DVDVideoSoft
[2011.08.06 11:44:07 | 000,000,000 | -H-D | M] -- C:\Users\Theresa\AppData\Roaming\DVDVideoSoftIEHelpers
[2011.11.01 20:13:41 | 000,000,000 | -H-D | M] -- C:\Users\Theresa\AppData\Roaming\gtk-2.0
[2011.08.01 12:26:26 | 000,000,000 | -H-D | M] -- C:\Users\Theresa\AppData\Roaming\Nuance
[2011.11.01 20:10:13 | 000,000,000 | -H-D | M] -- C:\Users\Theresa\AppData\Roaming\OpenOffice.org
[2011.08.05 11:32:30 | 000,000,000 | -H-D | M] -- C:\Users\Theresa\AppData\Roaming\ScanSoft
[2011.11.01 20:10:13 | 000,000,000 | -H-D | M] -- C:\Users\Theresa\AppData\Roaming\SoftGrid Client
[2011.10.04 22:16:03 | 000,000,000 | -H-D | M] -- C:\Users\Theresa\AppData\Roaming\TIPP10
[2011.08.01 14:25:38 | 000,000,000 | -H-D | M] -- C:\Users\Theresa\AppData\Roaming\TP
[2011.11.01 20:10:14 | 000,000,000 | -H-D | M] -- C:\Users\Theresa\AppData\Roaming\Zeon
[2011.10.24 18:44:12 | 000,032,614 | -H-- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========

========== Custom Scans ==========

< %SYSTEMDRIVE%\*. >
[2011.11.01 20:05:37 | 000,000,000 | -H-D | M] -- C:\$RECYCLE.BIN
[2011.08.01 12:07:47 | 000,000,000 | -H-D | M] -- C:\ASUS.DAT
[2011.11.01 20:05:37 | 000,000,000 | -H-D | M] -- C:\AsusVibeData
[2009.07.29 01:03:34 | 000,000,000 | -H-D | M] -- C:\Boot
[2009.07.14 00:08:56 | 000,000,000 | -HSD | M] -- C:\Documents and Settings
[2011.11.01 20:08:44 | 000,000,000 | -H-D | M] -- C:\eSupport
[2011.05.07 04:38:20 | 000,000,000 | -H-D | M] -- C:\Intel
[2009.07.13 22:20:08 | 000,000,000 | -H-D | M] -- C:\PerfLogs
[2011.11.01 20:09:16 | 000,000,000 | RH-D | M] -- C:\Program Files
[2011.11.01 20:09:14 | 000,000,000 | RH-D | M] -- C:\Program Files (x86)
[2011.11.04 12:54:34 | 000,000,000 | -H-D | M] -- C:\ProgramData
[2011.11.01 20:09:30 | 000,000,000 | -H-D | M] -- C:\Qoobox
[2011.08.01 12:02:53 | 000,000,000 | -H-D | M] -- C:\Recovery
[2011.11.07 08:36:57 | 000,000,000 | -HSD | M] -- C:\System Volume Information
[2011.08.01 12:26:31 | 000,000,000 | -H-D | M] -- C:\temp
[2011.10.05 07:13:27 | 000,000,000 | RH-D | M] -- C:\Users
[2011.11.01 17:59:48 | 000,000,000 | -H-D | M] -- C:\Windows

< %PROGRAMFILES%\*.exe >

< %LOCALAPPDATA%\*.exe >

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.manifest /3 >

< MD5 for: EXPLORER.EXE >
[2011.02.26 01:23:14 | 002,870,272 | -H-- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\ERDNT\cache86\explorer.exe
[2011.02.26 01:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\explorer.exe
[2011.02.26 01:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe
[2011.02.26 00:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2009.07.13 20:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2011.02.26 00:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe
[2011.01.12 09:51:11 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2011.02.26 00:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\SysWOW64\explorer.exe
[2011.02.26 00:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe
[2011.02.25 01:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011.02.26 01:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010.11.20 07:17:09 | 002,616,320 | -H-- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2011.01.12 09:25:40 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2011.02.25 00:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2011.01.12 09:51:11 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2011.01.12 09:25:41 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2010.11.20 08:24:45 | 002,872,320 | -H-- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2011.01.12 09:51:11 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2011.01.12 09:25:41 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009.07.13 20:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2011.01.12 09:51:11 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2011.02.26 01:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe
[2011.01.12 09:25:41 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe

< MD5 for: REGEDIT.EXE >
[2009.07.13 20:39:29 | 000,427,008 | -H-- | M] (Microsoft Corporation) MD5=2E2C937846A0B8789E5E91739284D17A -- C:\Windows\ERDNT\cache86\regedit.exe
[2009.07.13 20:39:29 | 000,427,008 | ---- | M] (Microsoft Corporation) MD5=2E2C937846A0B8789E5E91739284D17A -- C:\Windows\winsxs\amd64_microsoft-windows-registry-editor_31bf3856ad364e35_6.1.7600.16385_none_5023a70bf589ad3e\regedit.exe
[2009.07.13 20:39:29 | 000,427,008 | ---- | M] (Microsoft Corporation) MD5=8A4883F5E7AC37444F23279239553878 -- C:\Windows\regedit.exe
[2009.07.13 20:14:30 | 000,398,336 | -H-- | M] (Microsoft Corporation) MD5=8A4883F5E7AC37444F23279239553878 -- C:\Windows\SysWOW64\regedit.exe
[2009.07.13 20:14:30 | 000,398,336 | -H-- | M] (Microsoft Corporation) MD5=8A4883F5E7AC37444F23279239553878 -- C:\Windows\winsxs\wow64_microsoft-windows-registry-editor_31bf3856ad364e35_6.1.7600.16385_none_5a78515e29ea6f39\regedit.exe

< MD5 for: USERINIT.EXE >
[2010.11.20 07:17:48 | 000,026,624 | -H-- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009.07.13 20:14:43 | 000,026,112 | -H-- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\ERDNT\cache86\userinit.exe
[2009.07.13 20:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\SysWOW64\userinit.exe
[2009.07.13 20:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009.07.13 20:39:48 | 000,030,208 | -H-- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\ERDNT\cache64\userinit.exe
[2009.07.13 20:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\SysNative\userinit.exe
[2009.07.13 20:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
[2010.11.20 08:25:24 | 000,030,720 | -H-- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

< MD5 for: WININIT.EXE >
[2009.07.13 20:39:52 | 000,129,024 | -H-- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\ERDNT\cache64\wininit.exe
[2009.07.13 20:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\SysNative\wininit.exe
[2009.07.13 20:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\winsxs\amd64_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_8ce7aa761e01ad49\wininit.exe
[2009.07.13 20:14:45 | 000,096,256 | -H-- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\ERDNT\cache86\wininit.exe
[2009.07.13 20:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\SysWOW64\wininit.exe
[2009.07.13 20:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe

< MD5 for: WINLOGON.EXE >
[2010.11.20 08:25:30 | 000,390,656 | -H-- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2009.07.13 20:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2011.01.12 09:51:11 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2011.01.12 09:51:11 | 000,389,632 | -H-- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\ERDNT\cache64\winlogon.exe
[2011.01.12 09:51:11 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\SysNative\winlogon.exe
[2011.01.12 09:51:11 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >

< >

========== Alternate Data Streams ==========

@Alternate Data Stream - 109 bytes -> C:\ProgramData\Temp:DFC5A2B2

< End of report >

Bitte nun routinemäßig einen Vollscan mit malwarebytes machen und Log posten.
Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss!

Falls Logs aus älteren Scans mit Malwarebytes vorhanden sind, bitte auch davon alle posten!

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Danke für die schnelle Antwort, jetzt hab ich auch endlich wieder Hoffnung, dass es bald besser wird!
also erst mal das von Malwarebytes, davon hab ich übrigens noch circa 10 ältere logdateien vom 25.09.2011 bis heute, soll ich die auch alle hier rein posten?

Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org

Datenbank Version: 8106

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

07.11.2011 12:16:16
mbam-log-2011-11-07 (12-16-16).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|Q:\|)
Durchsuchte Objekte: 414316
Laufzeit: 39 Minute(n), 33 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 2
Infizierte Verzeichnisse: 0
Infizierte Dateien: 6

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowMyComputer (PUM.Hijack.StartMenu) -> Bad: (0) Good: (1) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowSearch (PUM.Hijack.StartMenu) -> Bad: (0) Good: (1) -> Quarantined and deleted successfully.

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
c:\programdata\1kalmig2kb7fzp.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
c:\Windows\svchost.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Windows\temp\0.24309769012679938.exe (Exploit.Drop.2) -> Quarantined and deleted successfully.
c:\Users\Theresa\AppData\Local\Temp\0.9370119253246323.exe (Exploit.Drop.2) -> Quarantined and deleted successfully.
c:\Users\Theresa\AppData\Local\Temp\0.9815571781474048.exe (Exploit.Drop.2) -> Quarantined and deleted successfully.
c:\Users\Theresa\AppData\Local\Temp\thpm5103442861355300949.tmp (Exploit.Drop.3) -> Quarantined and deleted successfully.

und jetzt das von dem anderen:

ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=f98c406be858c44893427ebea98158e7
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2011-11-07 07:09:02
# local_time=2011-11-07 02:09:02 (-0500, Eastern Normalzeit)
# country="Germany"
# lang=1033
# osver=6.1.7600 NT
# compatibility_mode=1792 16777215 100 0 1344312 1344312 0 0
# compatibility_mode=5893 16776573 100 94 0 72230875 0 0
# compatibility_mode=8192 67108863 100 0 0 0 0 0
# scanned=218005
# found=3
# cleaned=0
# scan_time=5517
C:\Qoobox\Quarantine\C\Windows\SysWOW64\drivers\RKHit.sys.vir Win32/Adware.SpywareCease application (unable to clean) 00000000000000000000000000000000 I
C:\Users\Theresa\Downloads\Gimp_Setup.exe a variant of Win32/Adware.iBryte.A application (unable to clean) 00000000000000000000000000000000 I
C:\Users\Theresa\Downloads\Spydig_Setup.exe multiple threats (unable to clean) 00000000000000000000000000000000 I

mach bitte ein neues OTL-Log

CustomScan mit OTL

Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop

Starte bitte die OTL.exe.
Vista und Win7 User mit Rechtsklick "als Administrator starten"
Kopiere nun den kompletten Inhalt aus der untenstehenden Codebox in die http://billy-oneal.com/Canned%20Spee.../customFix.png Textbox von OTL - wenn OTL auf deutsch ist wird sie mit http://larusso.trojaner-board.de/Images/otlfix.jpg beschriftet

Code:

netsvcs

msconfig

safebootminimal

safebootnetwork

activex

drivers32

%ALLUSERSPROFILE%\Application Data\*.

%ALLUSERSPROFILE%\Application Data\*.exe /s

%APPDATA%\*.

%APPDATA%\*.exe /s

%SYSTEMDRIVE%\*.exe

/md5start

wininit.exe

userinit.exe

eventlog.dll

scecli.dll

netlogon.dll

cngaudit.dll

ws2ifsl.sys

sceclt.dll

ntelogon.dll

winlogon.exe

logevent.dll

user32.DLL

iaStor.sys

nvstor.sys

atapi.sys

IdeChnDr.sys

viasraid.sys

AGP440.sys

vaxscsi.sys

nvatabus.sys

viamraid.sys

nvata.sys

nvgts.sys

iastorv.sys

ViPrt.sys

eNetHook.dll

ahcix86.sys

KR10N.sys

nvstor32.sys

ahcix86s.sys

/md5stop

%systemroot%\system32\drivers\*.sys /lockedfiles

%systemroot%\System32\config\*.sav

%systemroot%\*. /mp /s

%systemroot%\system32\*.dll /lockedfiles

CREATERESTOREPOINT

Schliesse bitte nun alle Programme. (Wichtig)
Klicke nun bitte auf den Quick Scan Button.
Klick auf http://billy-oneal.com/Canned%20Spee.../OTL/btnOK.png.
Kopiere nun den Inhalt aus OTL.txt hier in Deinen Thread

here we goOTL Logfile:

Code:

OTL logfile created on: 07.11.2011 16:48:42 - Run 2

OTL by OldTimer - Version 3.2.31.0     Folder = C:\Users\Theresa\Desktop

64bit- Home Premium Edition  (Version = 6.1.7600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.7600.16385)

Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

 

3,91 Gb Total Physical Memory | 1,57 Gb Available Physical Memory | 40,12% Memory free

7,83 Gb Paging File | 4,81 Gb Available in Paging File | 61,44% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 119,23 Gb Total Space | 21,73 Gb Free Space | 18,23% Space Free | Partition Type: NTFS

Drive D: | 153,85 Gb Total Space | 83,84 Gb Free Space | 54,49% Space Free | Partition Type: NTFS

Drive F: | 979,70 Mb Total Space | 964,03 Mb Free Space | 98,40% Space Free | Partition Type: FAT

 

Computer Name: THERESA-PC | User Name: Theresa | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 
 ========== Processes (SafeList) ==========

 

PRC - [2011.11.07 16:46:42 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Theresa\Desktop\OTL(1).exe

PRC - [2011.10.05 09:18:00 | 000,086,224 | -H-- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe

PRC - [2011.10.05 09:17:51 | 000,110,032 | -H-- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe

PRC - [2011.10.05 09:17:50 | 000,258,512 | -H-- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe

PRC - [2011.08.31 17:00:48 | 000,366,152 | ---- | M] (Malwarebytes Corporation) -- C:\Users\Theresa\Desktop\Malwarebytes' Anti-Malware\mbamservice.exe

PRC - [2011.08.31 14:33:32 | 001,545,856 | -H-- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe

PRC - [2011.07.28 18:08:12 | 001,259,376 | -H-- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe

PRC - [2011.06.06 05:55:28 | 000,064,952 | -H-- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

PRC - [2011.05.07 04:53:49 | 003,058,304 | -H-- | M] (ASUS) -- C:\Windows\AsScrPro.exe

PRC - [2011.02.22 05:38:52 | 002,009,704 | -H-- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe

PRC - [2011.01.25 13:32:28 | 000,166,528 | -H-- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe

PRC - [2010.11.15 12:42:12 | 000,305,792 | -H-- | M] (ASUS) -- C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe

PRC - [2010.10.27 14:21:54 | 001,155,072 | -H-- | M] (Last.fm) -- C:\Program Files (x86)\Last.fm\LastFM.exe

PRC - [2010.10.07 16:05:14 | 000,170,624 | -H-- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe

PRC - [2010.09.23 18:53:16 | 001,601,536 | -H-- | M] () -- C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe

PRC - [2010.09.13 22:45:56 | 000,219,496 | -H-- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe

PRC - [2010.09.13 22:45:44 | 000,508,264 | -H-- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe

PRC - [2010.08.17 16:55:42 | 005,732,992 | -H-- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe

PRC - [2010.07.19 15:26:00 | 000,370,480 | -H-- | M] (syncables, LLC) -- C:\Program Files (x86)\syncables\syncables desktop\syncables.exe

PRC - [2010.07.19 15:26:00 | 000,145,184 | -H-- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\syncables\syncables desktop\jre\bin\javaw.exe

PRC - [2010.07.10 00:45:00 | 000,984,400 | -H-- | M] (Virage Logic Corporation / Sonic Focus) -- C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe

PRC - [2009.12.15 12:39:38 | 000,096,896 | -H-- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe

PRC - [2009.11.02 17:21:26 | 000,103,720 | -H-- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe

PRC - [2009.07.13 20:14:45 | 000,020,480 | ---- | M] () -- \\.\globalroot\systemroot\svchost.exe

PRC - [2009.07.13 20:14:45 | 000,020,480 | ---- | M] () -- \\.\globalroot\systemroot\svchost.exe

PRC - [2009.06.19 12:29:42 | 000,105,016 | -H-- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe

PRC - [2009.06.19 12:29:26 | 002,488,888 | -H-- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe

PRC - [2009.06.15 19:30:42 | 000,084,536 | -H-- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe

PRC - [2009.03.05 15:07:20 | 002,260,480 | RHS- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe

PRC - [2009.01.26 14:31:10 | 001,153,368 | -H-- | M] (Safer Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe

PRC - [2008.12.22 19:15:34 | 000,174,648 | -H-- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe

PRC - [2008.08.13 23:00:08 | 000,113,208 | -H-- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe

PRC - [2006.10.11 05:45:12 | 000,075,304 | -H-- | M] (ScanSoft, Inc.) -- C:\Program Files (x86)\ScanSoft\OmniPageSE4.0\OpWareSE4.exe

 

 
 ========== Modules (No Company Name) ==========

 

MOD - [2011.10.14 11:18:09 | 000,368,128 | -H-- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\5672e6b9d976feca51deb06d8dd1df0e\PresentationFramework.Aero.ni.dll

MOD - [2011.10.14 11:17:30 | 014,322,688 | -H-- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\09e39322b47f9b4e8dd2199ff03acb2e\PresentationFramework.ni.dll

MOD - [2011.10.14 11:17:12 | 012,431,360 | -H-- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\d76221993c2fdfb991b8c12ae50a30eb\System.Windows.Forms.ni.dll

MOD - [2011.10.14 11:17:03 | 001,586,688 | -H-- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\0e245eb9c1067cabd5673fe832d28613\System.Drawing.ni.dll

MOD - [2011.10.14 11:16:59 | 012,216,320 | -H-- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\d2dc021a8311197516e4fa325b292f21\PresentationCore.ni.dll

MOD - [2011.10.14 11:16:46 | 003,325,952 | -H-- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\3136e12cfb8809d39813e76c766c782c\WindowsBase.ni.dll

MOD - [2011.10.14 11:16:39 | 005,452,800 | -H-- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\275680f2b9db0501d53c50ea7d7a43f0\System.Xml.ni.dll

MOD - [2011.10.14 11:16:34 | 000,971,264 | -H-- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\e9ebeb7959f1c916ebf6fca8f7077d6c\System.Configuration.ni.dll

MOD - [2011.10.14 11:16:33 | 007,949,312 | -H-- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\95b9866ab6e4437ef5dc5855ebab4e33\System.ni.dll

MOD - [2011.10.14 11:16:24 | 011,490,304 | -H-- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\1b31ced9bb880d94fff1c6d47c16a81e\mscorlib.ni.dll

MOD - [2011.09.27 06:23:00 | 000,087,912 | -H-- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll

MOD - [2011.09.27 06:22:40 | 001,242,472 | -H-- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll

MOD - [2011.08.31 14:33:32 | 000,208,384 | -H-- | M] () -- C:\Program Files (x86)\ASUS\ASUS Live Update\alvupdt.dll

MOD - [2011.07.28 18:09:42 | 000,096,112 | -H-- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll

MOD - [2011.07.28 18:08:12 | 001,259,376 | -H-- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe

MOD - [2010.10.27 14:23:04 | 000,106,496 | -H-- | M] () -- C:\Program Files (x86)\Last.fm\srv_rtaudioplayback.dll

MOD - [2010.10.27 14:22:08 | 000,147,456 | -H-- | M] () -- C:\Program Files (x86)\Last.fm\srv_madtranscode.dll

MOD - [2010.10.27 14:22:00 | 000,028,160 | -H-- | M] () -- C:\Program Files (x86)\Last.fm\srv_httpinput.dll

MOD - [2010.10.27 14:19:28 | 000,372,736 | -H-- | M] () -- C:\Program Files (x86)\Last.fm\LastFmFingerprint1.dll

MOD - [2010.10.27 14:19:06 | 000,025,088 | -H-- | M] () -- C:\Program Files (x86)\Last.fm\breakpad.dll

MOD - [2010.10.27 14:18:50 | 000,180,224 | -H-- | M] () -- C:\Program Files (x86)\Last.fm\Moose1.dll

MOD - [2010.10.27 14:18:34 | 000,540,672 | -H-- | M] () -- C:\Program Files (x86)\Last.fm\LastFmTools1.dll

MOD - [2010.10.27 14:13:52 | 001,382,507 | -H-- | M] () -- C:\Program Files (x86)\Last.fm\libfftw3f-3.dll

MOD - [2010.10.27 14:13:52 | 000,074,240 | -H-- | M] () -- C:\Program Files (x86)\Last.fm\zlibwapi.dll

MOD - [2010.09.23 18:53:16 | 001,601,536 | -H-- | M] () -- C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe

MOD - [2009.11.02 17:23:36 | 000,013,096 | -H-- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll

MOD - [2009.11.02 17:20:10 | 000,619,816 | -H-- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll

MOD - [2009.08.04 04:50:05 | 000,249,856 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\PresentationFramework.resources\3.0.0.0_de_31bf3856ad364e35\PresentationFramework.resources.dll

MOD - [2009.08.04 04:49:43 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll

MOD - [2009.07.13 20:14:45 | 000,020,480 | ---- | M] () -- \\.\globalroot\systemroot\svchost.exe

MOD - [2008.04.16 10:42:30 | 000,376,832 | -H-- | M] () -- C:\Program Files (x86)\Last.fm\QtNetwork4.dll

MOD - [2008.04.16 10:42:16 | 000,524,288 | -H-- | M] () -- C:\Program Files (x86)\Last.fm\QtSql4.dll

MOD - [2008.04.16 10:42:02 | 006,701,056 | -H-- | M] () -- C:\Program Files (x86)\Last.fm\QtGui4.dll

MOD - [2008.04.16 10:36:38 | 000,376,832 | -H-- | M] () -- C:\Program Files (x86)\Last.fm\QtXml4.dll

MOD - [2008.04.16 10:36:34 | 001,654,784 | -H-- | M] () -- C:\Program Files (x86)\Last.fm\QtCore4.dll

 

 
 ========== Win32 Services (SafeList) ==========

 

SRV:64bit: - [2011.03.03 18:57:58 | 000,379,520 | ---- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Windows\SysNative\FBAgent.exe -- (AFBAgent)

SRV:64bit: - [2010.09.22 21:10:10 | 000,057,184 | -H-- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)

SRV:64bit: - [2009.07.13 20:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)

SRV - [2011.10.05 09:18:00 | 000,086,224 | -H-- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)

SRV - [2011.10.05 09:17:51 | 000,110,032 | -H-- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)

SRV - [2011.08.31 17:00:48 | 000,366,152 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Users\Theresa\Desktop\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)

SRV - [2011.06.06 05:55:28 | 000,064,952 | -H-- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)

SRV - [2011.02.22 05:38:52 | 002,009,704 | -H-- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)

SRV - [2011.01.12 10:50:28 | 000,332,272 | -H-- | M] (Google Inc.) [On_Demand | Stopped] -- C:\ProgramData\Partner\Partner.exe -- (Partner Service)

SRV - [2010.09.13 22:45:56 | 000,219,496 | -H-- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)

SRV - [2010.09.13 22:45:44 | 000,508,264 | -H-- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)

SRV - [2010.03.18 06:16:28 | 000,130,384 | -H-- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)

SRV - [2009.12.15 12:39:38 | 000,096,896 | -H-- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv)

SRV - [2009.06.15 19:30:42 | 000,084,536 | -H-- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe -- (ASLDRService)

SRV - [2009.06.10 16:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)

SRV - [2009.01.26 14:31:10 | 001,153,368 | -H-- | M] (Safer Networking Ltd.) [Auto | Running] -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe -- (SBSDWSCService)

 

 
 ========== Driver Services (SafeList) ==========

 

DRV:64bit: - [2011.09.18 07:39:27 | 000,130,760 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)

DRV:64bit: - [2011.09.15 22:55:03 | 000,097,312 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)

DRV:64bit: - [2011.09.15 22:55:03 | 000,027,760 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr)

DRV:64bit: - [2011.08.31 17:00:50 | 000,025,416 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)

DRV:64bit: - [2011.03.11 01:22:41 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)

DRV:64bit: - [2011.03.11 01:22:40 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)

DRV:64bit: - [2011.02.21 03:07:54 | 000,025,960 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\nvpciflt.sys -- (nvpciflt)

DRV:64bit: - [2011.01.26 19:57:12 | 012,273,408 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)

DRV:64bit: - [2011.01.13 06:58:30 | 000,413,800 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)

DRV:64bit: - [2010.12.13 16:12:40 | 000,138,024 | ---- | M] (ELAN Microelectronics Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ETD.sys -- (ETD)

DRV:64bit: - [2010.10.14 11:28:16 | 000,317,440 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud) Intel(R)

DRV:64bit: - [2010.09.23 03:36:48 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)

DRV:64bit: - [2010.09.21 20:59:38 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64) Intel(R)

DRV:64bit: - [2010.09.13 22:45:52 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)

DRV:64bit: - [2010.09.13 22:45:50 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)

DRV:64bit: - [2010.09.13 22:45:48 | 000,268,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)

DRV:64bit: - [2010.09.13 22:45:44 | 000,760,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)

DRV:64bit: - [2010.09.13 05:24:26 | 000,437,272 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)

DRV:64bit: - [2010.08.03 13:43:14 | 000,290,920 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rtsuvstor.sys -- (RSUSBVSTOR)

DRV:64bit: - [2010.03.02 11:45:24 | 001,594,368 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)

DRV:64bit: - [2009.07.20 04:29:40 | 000,015,416 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kbfiltr.sys -- (kbfiltr)

DRV:64bit: - [2009.07.13 20:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)

DRV:64bit: - [2009.07.13 20:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)

DRV:64bit: - [2009.07.13 20:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)

DRV:64bit: - [2009.07.13 20:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)

DRV:64bit: - [2009.07.13 19:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam)

DRV:64bit: - [2009.06.10 15:35:57 | 000,056,832 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SiSG664.sys -- (SiSGbeLH)

DRV:64bit: - [2009.06.10 15:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)

DRV:64bit: - [2009.06.10 15:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)

DRV:64bit: - [2009.06.10 15:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)

DRV:64bit: - [2009.06.10 15:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)

DRV:64bit: - [2009.05.18 06:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)

DRV:64bit: - [2008.05.23 19:27:28 | 000,154,168 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)

DRV - [2010.07.26 15:57:20 | 000,017,024 | -H-- | M] (ASUS) [Kernel | System | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys -- (ATKWMIACPIIO)

DRV - [2009.07.13 20:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)

DRV - [2009.07.02 19:36:14 | 000,015,416 | -H-- | M] (ASUS) [Kernel | Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys -- (ASMMAP64)

 

 
 ========== Standard Registry (SafeList) ==========

 

 
 ========== Internet Explorer ==========

 

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus.msn.com

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus.msn.com

 

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus.msn.com

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,XMLHTTP_UUID_Default = 9F 08 E8 0A 4F A6 BA 4D B9 6B 5D 43 F0 A6 04 45  [binary data]

IE - HKCU\..\URLSearchHook: {472734EA-242A-422b-ADF8-83D1E48CC825} - No CLSID value found

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

 
 ========== FireFox ==========

 

FF - prefs.js..network.proxy.http: "127.0.0.1"

FF - prefs.js..network.proxy.http_port: 49434

FF - prefs.js..network.proxy.type: 0

 

FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()

FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)

FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)

FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found

FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKLM\Software\MozillaPlugins\ZEON/PDF,version=2.0: C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll (Zeon Corporation)

 

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2011.11.01 20:08:54 | 000,000,000 | -H-D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011.10.12 14:16:06 | 000,000,000 | -H-D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011.10.12 14:16:05 | 000,000,000 | -H-D | M]

 

[2011.08.01 12:44:41 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\Theresa\AppData\Roaming\mozilla\Extensions

[2011.11.01 20:10:13 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\Theresa\AppData\Roaming\mozilla\Firefox\Profiles\vo3088lh.default\extensions

[2011.11.01 20:13:42 | 000,000,000 | -H-D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\Theresa\AppData\Roaming\mozilla\Firefox\Profiles\vo3088lh.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}

[2011.11.01 20:13:42 | 000,000,000 | -H-D | M] (We-Care Reminder) -- C:\Users\Theresa\AppData\Roaming\mozilla\Firefox\Profiles\vo3088lh.default\extensions\wecarereminder@bryan

[2011.09.22 13:53:13 | 000,000,000 | -H-D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions

[2011.11.01 20:09:04 | 000,000,000 | -H-D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}

[2011.09.30 23:03:32 | 000,134,104 | -H-- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll

[2011.09.22 13:52:56 | 000,472,808 | -H-- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll

[2011.09.30 23:03:29 | 000,001,392 | -H-- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml

[2011.09.30 23:03:29 | 000,002,252 | -H-- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml

[2011.09.30 23:03:29 | 000,001,153 | -H-- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml

[2011.09.30 23:03:29 | 000,006,805 | -H-- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml

[2011.09.30 23:03:29 | 000,001,178 | -H-- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml

[2011.09.30 23:03:29 | 000,001,105 | -H-- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml

 

O1 HOSTS File: ([2011.10.11 17:33:08 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts

O1 - Hosts: 127.0.0.1       localhost

O2:64bit: - BHO: (Partner BHO Class) - {83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4} - C:\ProgramData\Partner\Partner64.dll (Google Inc.)

O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)

O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg64.dll (Google Inc.)

O2 - BHO: (Reg Error: Value error.) - {0AE8089F-A64F-4DBA-B96B-5D43F0A60445} - C:\Users\Theresa\AppData\Local\NetworkWin32.dll File not found

O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)

O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)

O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)

O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.

O4:64bit: - HKLM..\Run: [ASUS WebStorage] C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe ()

O4:64bit: - HKLM..\Run: [ETDCtrl] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronics Corp.)

O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)

O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)

O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)

O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)

O4:64bit: - HKLM..\Run: [Setwallpaper] c:\programdata\SetWallpaper.cmd File not found

O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)

O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUS)

O4 - HKLM..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUS)

O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)

O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()

O4 - HKLM..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (ASUS)

O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Users\Theresa\Desktop\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)

O4 - HKLM..\Run: [Nuance PDF Reader-reminder] C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe (Nuance Communications, Inc.)

O4 - HKLM..\Run: [OpwareSE4] C:\Program Files (x86)\ScanSoft\OmniPageSE4.0\OpwareSE4.exe (ScanSoft, Inc.)

O4 - HKLM..\Run: [SonicMasterTray] C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe (Virage Logic Corporation / Sonic Focus)

O4 - HKLM..\Run: [UpdateLBPShortCut] C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)

O4 - HKLM..\Run: [UpdateP2GoShortCut] C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)

O4 - HKLM..\Run: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe ()

O4 - HKCU..\Run: [Clients Update] rundll32 ",DllRegisterServer File not found

O4 - HKCU..\Run: [Macromedia Update] rundll32 ",DllRegisterServer File not found

O4 - HKCU..\Run: [MouseProfileVerifier] rundll32.exe ",DllRegisterServer File not found

O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)

O4 - HKCU..\Run: [Syncables] C:\Program Files (x86)\syncables\syncables desktop\Syncables.exe (syncables, LLC)

O4 - Startup: C:\Users\Theresa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()

O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3

O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 0

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O8:64bit: - Extra context menu item: Free YouTube Download - C:\Users\Theresa\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()

O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Theresa\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()

O8 - Extra context menu item: Free YouTube Download - C:\Users\Theresa\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()

O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Theresa\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()

O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)

O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000010 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)

O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 71.250.0.12

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D585AA05-9E9D-4165-859A-099645FB6A55}: DhcpNameServer = 192.168.1.1 71.250.0.12

O18:64bit: - Protocol\Handler\livecall - No CLSID value found

O18:64bit: - Protocol\Handler\msnim - No CLSID value found

O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found

O18:64bit: - Protocol\Handler\wlpg - No CLSID value found

O20:64bit: - AppInit_DLLs: (C:\Windows\System32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)

O20 - AppInit_DLLs: (C:\Windows\SysWOW64\nvinit.dll) -C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)

O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found

O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found

O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)

O32 - HKLM CDRom: AutoRun - 1

O34 - HKLM BootExecute: (autocheck autochk *)

O35:64bit: - HKLM\..comfile [open] -- "%1" %*

O35:64bit: - HKLM\..exefile [open] -- "%1" %*

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*

O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*

O37 - HKLM\...com [@ = ComFile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

 

 

MsConfig:64bit - StartUpReg: ASUS Screen Saver Protector - hkey= - key= - C:\Windows\AsScrPro.exe (ASUS)

MsConfig:64bit - StartUpReg: CLMLServer - hkey= - key= - C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)

MsConfig:64bit - StartUpReg: RtHDVCpl - hkey= - key= - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)

 

SafeBootMin:64bit: Base - Driver Group

SafeBootMin:64bit: Boot Bus Extender - Driver Group

SafeBootMin:64bit: Boot file system - Driver Group

SafeBootMin:64bit: File system - Driver Group

SafeBootMin:64bit: Filter - Driver Group

SafeBootMin:64bit: HelpSvc - Service

SafeBootMin:64bit: PCI Configuration - Driver Group

SafeBootMin:64bit: PNP Filter - Driver Group

SafeBootMin:64bit: Primary disk - Driver Group

SafeBootMin:64bit: sacsvr - Service

SafeBootMin:64bit: SCSI Class - Driver Group

SafeBootMin:64bit: System Bus Extender - Driver Group

SafeBootMin:64bit: vmms - Service

SafeBootMin:64bit: WinDefend - C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)

SafeBootMin:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers

SafeBootMin:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive

SafeBootMin:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive

SafeBootMin:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller

SafeBootMin:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc

SafeBootMin:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard

SafeBootMin:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse

SafeBootMin:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters

SafeBootMin:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter

SafeBootMin:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System

SafeBootMin:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive

SafeBootMin:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy

SafeBootMin:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers

SafeBootMin:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume

SafeBootMin:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootMin:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices

SafeBootMin:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootMin: Base - Driver Group

SafeBootMin: Boot Bus Extender - Driver Group

SafeBootMin: Boot file system - Driver Group

SafeBootMin: File system - Driver Group

SafeBootMin: Filter - Driver Group

SafeBootMin: HelpSvc - Service

SafeBootMin: PCI Configuration - Driver Group

SafeBootMin: PNP Filter - Driver Group

SafeBootMin: Primary disk - Driver Group

SafeBootMin: sacsvr - Service

SafeBootMin: SCSI Class - Driver Group

SafeBootMin: System Bus Extender - Driver Group

SafeBootMin: vmms - Service

SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers

SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive

SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive

SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller

SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc

SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard

SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse

SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters

SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter

SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System

SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive

SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy

SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers

SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume

SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices

SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

 

SafeBootNet:64bit: Base - Driver Group

SafeBootNet:64bit: Boot Bus Extender - Driver Group

SafeBootNet:64bit: Boot file system - Driver Group

SafeBootNet:64bit: File system - Driver Group

SafeBootNet:64bit: Filter - Driver Group

SafeBootNet:64bit: HelpSvc - Service

SafeBootNet:64bit: Messenger - Service

SafeBootNet:64bit: NDIS Wrapper - Driver Group

SafeBootNet:64bit: NetBIOSGroup - Driver Group

SafeBootNet:64bit: NetDDEGroup - Driver Group

SafeBootNet:64bit: Network - Driver Group

SafeBootNet:64bit: NetworkProvider - Driver Group

SafeBootNet:64bit: PCI Configuration - Driver Group

SafeBootNet:64bit: PNP Filter - Driver Group

SafeBootNet:64bit: PNP_TDI - Driver Group

SafeBootNet:64bit: Primary disk - Driver Group

SafeBootNet:64bit: rdsessmgr - Service

SafeBootNet:64bit: sacsvr - Service

SafeBootNet:64bit: SCSI Class - Driver Group

SafeBootNet:64bit: Streams Drivers - Driver Group

SafeBootNet:64bit: System Bus Extender - Driver Group

SafeBootNet:64bit: TDI - Driver Group

SafeBootNet:64bit: vmms - Service

SafeBootNet:64bit: WinDefend - C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)

SafeBootNet:64bit: WudfUsbccidDriver - Driver

SafeBootNet:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers

SafeBootNet:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive

SafeBootNet:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive

SafeBootNet:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller

SafeBootNet:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc

SafeBootNet:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard

SafeBootNet:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse

SafeBootNet:64bit: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net

SafeBootNet:64bit: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient

SafeBootNet:64bit: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService

SafeBootNet:64bit: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans

SafeBootNet:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters

SafeBootNet:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter

SafeBootNet:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System

SafeBootNet:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive

SafeBootNet:64bit: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers

SafeBootNet:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy

SafeBootNet:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers

SafeBootNet:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume

SafeBootNet:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices

SafeBootNet:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootNet: Base - Driver Group

SafeBootNet: Boot Bus Extender - Driver Group

SafeBootNet: Boot file system - Driver Group

SafeBootNet: File system - Driver Group

SafeBootNet: Filter - Driver Group

SafeBootNet: HelpSvc - Service

SafeBootNet: Messenger - Service

SafeBootNet: NDIS Wrapper - Driver Group

SafeBootNet: NetBIOSGroup - Driver Group

SafeBootNet: NetDDEGroup - Driver Group

SafeBootNet: Network - Driver Group

SafeBootNet: NetworkProvider - Driver Group

SafeBootNet: PCI Configuration - Driver Group

SafeBootNet: PNP Filter - Driver Group

SafeBootNet: PNP_TDI - Driver Group

SafeBootNet: Primary disk - Driver Group

SafeBootNet: rdsessmgr - Service

SafeBootNet: sacsvr - Service

SafeBootNet: SCSI Class - Driver Group

SafeBootNet: Streams Drivers - Driver Group

SafeBootNet: System Bus Extender - Driver Group

SafeBootNet: TDI - Driver Group

SafeBootNet: vmms - Service

SafeBootNet: WudfUsbccidDriver - Driver

SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers

SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive

SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive

SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller

SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc

SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard

SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse

SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net

SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient

SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService

SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans

SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters

SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter

SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System

SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive

SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers

SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy

SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers

SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume

SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices

SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

 

ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0

ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll

ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack

ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE

ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx

ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help

ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6

ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools

ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements

ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player

ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access

ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7

ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll

ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings

ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install

ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding

ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts

ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help

ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface

ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework

ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework

ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP

ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig

ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP

ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)

ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0

ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework

ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll

ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack

ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE

ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx

ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help

ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6

ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools

ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements

ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player

ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access

ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7

ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework

ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll

ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings

ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install

ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding

ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts

ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player

ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help

ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface

ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework

ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP

ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig

ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP

 

Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)

Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)

Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)

Drivers32: vidc.DIVX - C:\Windows\SysWow64\DivX.dll (DivX, Inc.)

Drivers32: vidc.yv12 - C:\Windows\SysWow64\DivX.dll (DivX, Inc.)

 

CREATERESTOREPOINT

Restore point Set: OTL Restore Point

 
 ========== Files/Folders - Created Within 30 Days ==========

 

[2011.11.07 16:46:46 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\Theresa\Desktop\OTL(1).exe

[2011.11.07 16:31:06 | 000,000,000 | ---D | C] -- C:\ProgramData\RegCure

[2011.11.07 16:31:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegCure

[2011.11.07 16:31:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\RegCure

[2011.11.07 12:33:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET

[2011.11.07 12:33:07 | 002,322,184 | ---- | C] (ESET) -- C:\Users\Theresa\Desktop\esetsmartinstaller_enu.exe

[2011.11.07 09:43:11 | 000,000,000 | ---D | C] -- C:\Users\Theresa\Desktop\Malwarebytes' Anti-Malware

[2011.11.07 08:56:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip

[2011.11.07 08:56:38 | 000,000,000 | ---D | C] -- C:\Users\Theresa\Desktop\7-Zip

[2011.11.06 00:44:31 | 000,000,000 | ---D | C] -- C:\Users\Theresa\Desktop\fb

[2011.11.01 17:22:07 | 000,000,000 | -HSD | C] -- C:\Windows\SysWow64\%USERPROFILE%

[2011.11.01 16:45:42 | 000,000,000 | -H-D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy

[2011.10.29 15:00:37 | 000,000,000 | -H-D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner

[2011.10.29 15:00:36 | 000,000,000 | -H-D | C] -- C:\Program Files\CCleaner

[2011.10.28 16:46:25 | 000,000,000 | -H-D | C] -- C:\Users\Theresa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Restore

[2011.10.28 15:40:57 | 000,000,000 | -H-D | C] -- C:\Users\Theresa\Desktop\usa

[2011.10.20 09:48:36 | 000,000,000 | -H-D | C] -- C:\Users\Theresa\Desktop\data

[2011.10.20 09:24:48 | 000,000,000 | -H-D | C] -- C:\Users\Theresa\AppData\Roaming\Download Manager

[2011.10.20 08:07:43 | 000,000,000 | -HSD | C] -- C:\Windows\SysWow64\%APPDATA%

[2011.10.20 08:03:31 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\svchost.exe

[2011.10.20 07:42:18 | 000,000,000 | -H-D | C] -- C:\Windows\Sun

[2011.10.14 15:31:04 | 000,000,000 | -H-D | C] -- C:\Users\Theresa\AppData\Roaming\gtk-2.0

[2011.10.14 15:28:19 | 000,000,000 | -H-D | C] -- C:\Users\Theresa\.thumbnails

[2011.10.13 16:29:50 | 000,703,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll

[2011.10.13 16:29:50 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll

[2011.10.13 16:29:50 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll

[2011.10.13 16:29:49 | 000,256,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll

[2011.10.13 16:29:48 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll

[2011.10.13 16:29:48 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll

[2011.10.13 16:29:48 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll

[2011.10.13 16:29:47 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll

[2011.10.13 16:29:47 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll

[2011.10.13 16:29:46 | 000,482,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec

[2011.10.13 16:29:46 | 000,386,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec

[2011.10.13 16:29:46 | 000,134,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll

[2011.10.13 16:29:46 | 000,132,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll

[2011.10.13 16:29:46 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe

[2011.10.13 16:29:46 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe

[2011.10.13 16:29:15 | 000,613,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisdecd.dll

[2011.10.13 16:29:15 | 000,465,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisdecd.dll

[2011.10.13 16:29:15 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MSNP.ax

[2011.10.13 16:29:15 | 000,108,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisrndr.ax

[2011.10.13 16:29:15 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisrndr.ax

[2011.10.13 16:29:14 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSNP.ax

[2011.10.13 16:29:14 | 000,104,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Mpeg2Data.ax

[2011.10.13 16:29:14 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MSDvbNP.ax

[2011.10.13 16:29:14 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Mpeg2Data.ax

[2011.10.13 16:29:13 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSDvbNP.ax

[2011.10.13 16:29:08 | 000,331,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleacc.dll

[2011.10.13 16:29:07 | 000,861,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleaut32.dll

[2011.10.13 15:20:12 | 000,000,000 | -H-D | C] -- C:\ProgramData\.Syncables

[2011.10.13 15:19:28 | 000,000,000 | -H-D | C] -- C:\Users\Theresa\Desktop\ping

[2011.10.12 15:49:49 | 000,000,000 | -H-D | C] -- C:\Users\Theresa\Externe Festplatte

[2011.10.12 14:25:16 | 000,000,000 | -H-D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes

[2011.10.12 14:24:38 | 000,000,000 | -H-D | C] -- C:\Program Files\iTunes

[2011.10.12 14:24:38 | 000,000,000 | -H-D | C] -- C:\Program Files\iPod

[2011.10.12 14:23:24 | 000,000,000 | -H-D | C] -- C:\Program Files\Bonjour

[2011.10.12 14:23:24 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Bonjour

[2011.10.12 14:16:00 | 000,000,000 | -H-D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime

[2011.10.12 14:15:52 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\QuickTime

[2011.10.12 07:12:15 | 000,000,000 | -H-D | C] -- C:\Users\Theresa\AppData\Roaming\Avira

[2011.10.12 07:12:02 | 000,000,000 | -H-D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira

[2011.10.12 07:11:53 | 000,130,760 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avipbb.sys

[2011.10.12 07:11:53 | 000,097,312 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avgntflt.sys

[2011.10.12 07:11:53 | 000,027,760 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avkmgr.sys

[2011.10.12 07:11:53 | 000,000,000 | -H-D | C] -- C:\ProgramData\Avira

[2011.10.12 07:11:53 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Avira

[2011.10.11 18:37:32 | 000,643,200 | ---- | C] (Hewlett-Packard) -- C:\Windows\SysNative\hpzids40.dll

[2011.10.11 18:37:31 | 000,138,752 | ---- | C] (Hewlett-Packard Company) -- C:\Windows\SysNative\hpf3l101.dll

[2011.10.11 17:38:37 | 000,000,000 | -H-D | C] -- C:\Windows\temp

[2011.10.11 17:33:10 | 000,000,000 | -H-D | C] -- C:\$RECYCLE.BIN

[2011.10.11 16:45:15 | 000,518,144 | -H-- | C] (SteelWerX) -- C:\Windows\SWREG.exe

[2011.10.11 16:45:15 | 000,406,528 | -H-- | C] (SteelWerX) -- C:\Windows\SWSC.exe

[2011.10.11 16:45:15 | 000,060,416 | -H-- | C] (NirSoft) -- C:\Windows\NIRCMD.exe

[2011.10.11 16:45:11 | 000,000,000 | -H-D | C] -- C:\Windows\ERDNT

[2011.10.11 16:45:08 | 000,000,000 | -H-D | C] -- C:\Qoobox

[2011.10.11 16:28:17 | 000,000,000 | -H-D | C] -- C:\Users\Theresa\AppData\Local\jZip

[2011.10.11 16:27:50 | 000,000,000 | -H-D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\jZip

[2011.10.11 16:27:47 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\jZip

[2011.10.10 22:05:06 | 000,000,000 | -HSD | C] -- C:\Users\Theresa\AppData\Roaming\C4136249

[2011.10.08 21:01:19 | 000,000,000 | -H-D | C] -- C:\ProgramData\Symantec

[2011.10.08 21:01:19 | 000,000,000 | -H-D | C] -- C:\ProgramData\Norton

[2011.10.08 21:01:18 | 000,000,000 | -H-D | C] -- C:\ProgramData\NortonInstaller

[2011.10.08 21:01:18 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\NortonInstaller

[1 C:\Users\Theresa\Desktop\*.tmp files -> C:\Users\Theresa\Desktop\*.tmp -> ]

 
 ========== Files - Modified Within 30 Days ==========

 

[2011.11.07 16:46:42 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Theresa\Desktop\OTL(1).exe

[2011.11.07 16:31:09 | 000,000,418 | ---- | M] () -- C:\Windows\tasks\RegCure Program Check.job

[2011.11.07 16:31:09 | 000,000,400 | ---- | M] () -- C:\Windows\tasks\RegCure.job

[2011.11.07 16:31:06 | 000,000,973 | ---- | M] () -- C:\Users\Public\Desktop\RegCure.lnk

[2011.11.07 16:25:44 | 001,304,322 | ---- | M] () -- C:\Users\Theresa\Desktop\regsicherung.reg

[2011.11.07 15:59:01 | 000,001,124 | -H-- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

[2011.11.07 14:31:42 | 000,229,763 | ---- | M] () -- C:\Users\Theresa\Documents\Fringe.mp3

[2011.11.07 13:19:36 | 001,531,014 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI

[2011.11.07 13:19:36 | 000,666,256 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat

[2011.11.07 13:19:36 | 000,628,098 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat

[2011.11.07 13:19:36 | 000,134,178 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat

[2011.11.07 13:19:36 | 000,110,560 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat

[2011.11.07 12:33:09 | 002,322,184 | ---- | M] (ESET) -- C:\Users\Theresa\Desktop\esetsmartinstaller_enu.exe

[2011.11.07 12:26:10 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

[2011.11.07 12:26:10 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

[2011.11.07 12:19:14 | 000,045,056 | ---- | M] () -- C:\Windows\SysNative\acovcnt.exe

[2011.11.07 12:19:07 | 000,001,120 | -H-- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

[2011.11.07 12:17:18 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2011.11.07 12:17:10 | 3151,839,232 | -HS- | M] () -- C:\hiberfil.sys

[2011.11.07 09:43:16 | 000,000,799 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk

[2011.11.07 08:31:05 | 000,000,000 | ---- | M] () -- C:\Users\Theresa\defogger_reenable

[2011.11.02 10:13:20 | 000,203,577 | -H-- | M] () -- C:\Users\Theresa\Desktop\IMG_02112011_151244.png

[2011.11.01 18:01:15 | 000,002,454 | ---- | M] () -- C:\Windows\SysNative\AutoRunFilter.ini

[2011.11.01 17:13:48 | 000,000,085 | -H-- | M] () -- C:\Windows\wininit.ini

[2011.11.01 16:45:42 | 000,001,256 | -H-- | M] () -- C:\Users\Theresa\Desktop\Spybot - Search & Destroy.lnk

[2011.10.29 16:46:15 | 000,043,198 | -H-- | M] () -- C:\Users\Theresa\Desktop\samstag 16.juli.jpg

[2011.10.29 16:45:55 | 000,020,869 | -H-- | M] () -- C:\Users\Theresa\Desktop\a.jpg

[2011.10.29 14:51:59 | 000,059,776 | -H-- | M] () -- C:\Users\Theresa\Desktop\You will not need a program called System Recovery if there.odt

[2011.10.29 09:12:25 | 000,000,192 | -H-- | M] () -- C:\ProgramData\~9lVK7dmpdonxRW

[2011.10.29 09:12:25 | 000,000,088 | -H-- | M] () -- C:\ProgramData\~9lVK7dmpdonxRWr

[2011.10.29 09:12:14 | 000,000,336 | -H-- | M] () -- C:\ProgramData\9lVK7dmpdonxRW

[2011.10.28 23:33:51 | 000,000,224 | -H-- | M] () -- C:\ProgramData\~6DSS92c31Apgjk

[2011.10.28 23:33:50 | 000,000,112 | -H-- | M] () -- C:\ProgramData\~6DSS92c31Apgjkr

[2011.10.28 23:33:36 | 000,000,336 | -H-- | M] () -- C:\ProgramData\6DSS92c31Apgjk

[2011.10.28 16:49:33 | 000,000,440 | -H-- | M] () -- C:\ProgramData\1kAlMiG2Kb7FzP

[2011.10.28 16:46:44 | 000,000,224 | -H-- | M] () -- C:\ProgramData\~1kAlMiG2Kb7FzP

[2011.10.28 16:46:44 | 000,000,112 | -H-- | M] () -- C:\ProgramData\~1kAlMiG2Kb7FzPr

[2011.10.28 16:46:25 | 000,000,659 | -H-- | M] () -- C:\Users\Theresa\Desktop\System Restore.lnk

[2011.10.20 09:45:49 | 000,364,927 | -H-- | M] () -- C:\Users\Theresa\Documents\WinFlash_WIN7_32_WIN7_64_z2310.zip

[2011.10.14 15:31:04 | 000,001,470 | -H-- | M] () -- C:\Users\Theresa\.recently-used.xbel

[2011.10.14 11:14:43 | 000,293,616 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT

[2011.10.11 17:33:08 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts

[2011.10.08 20:56:04 | 000,001,259 | ---- | M] () -- C:\Windows\SysNative\ServiceFilter.ini

[1 C:\Users\Theresa\Desktop\*.tmp files -> C:\Users\Theresa\Desktop\*.tmp -> ]

 
 ========== Files Created - No Company Name ==========

 

[2011.11.07 16:31:09 | 000,000,418 | ---- | C] () -- C:\Windows\tasks\RegCure Program Check.job

[2011.11.07 16:31:08 | 000,000,400 | ---- | C] () -- C:\Windows\tasks\RegCure.job

[2011.11.07 16:31:06 | 000,000,973 | ---- | C] () -- C:\Users\Public\Desktop\RegCure.lnk

[2011.11.07 16:25:43 | 001,304,322 | ---- | C] () -- C:\Users\Theresa\Desktop\regsicherung.reg

[2011.11.07 14:31:24 | 000,229,763 | ---- | C] () -- C:\Users\Theresa\Documents\Fringe.mp3

[2011.11.07 09:43:16 | 000,000,799 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk

[2011.11.07 08:31:05 | 000,000,000 | ---- | C] () -- C:\Users\Theresa\defogger_reenable

[2011.11.02 10:12:59 | 000,203,577 | -H-- | C] () -- C:\Users\Theresa\Desktop\IMG_02112011_151244.png

[2011.11.01 17:13:48 | 000,000,085 | -H-- | C] () -- C:\Windows\wininit.ini

[2011.11.01 16:45:42 | 000,001,256 | -H-- | C] () -- C:\Users\Theresa\Desktop\Spybot - Search & Destroy.lnk

[2011.10.29 16:46:02 | 000,043,198 | -H-- | C] () -- C:\Users\Theresa\Desktop\samstag 16.juli.jpg

[2011.10.29 16:45:33 | 000,020,869 | -H-- | C] () -- C:\Users\Theresa\Desktop\a.jpg

[2011.10.29 14:51:56 | 000,059,776 | -H-- | C] () -- C:\Users\Theresa\Desktop\You will not need a program called System Recovery if there.odt

[2011.10.29 09:12:25 | 000,000,088 | -H-- | C] () -- C:\ProgramData\~9lVK7dmpdonxRWr

[2011.10.29 09:12:24 | 000,000,192 | -H-- | C] () -- C:\ProgramData\~9lVK7dmpdonxRW

[2011.10.29 09:12:14 | 000,000,336 | -H-- | C] () -- C:\ProgramData\9lVK7dmpdonxRW

[2011.10.28 23:33:50 | 000,000,224 | -H-- | C] () -- C:\ProgramData\~6DSS92c31Apgjk

[2011.10.28 23:33:50 | 000,000,112 | -H-- | C] () -- C:\ProgramData\~6DSS92c31Apgjkr

[2011.10.28 23:33:36 | 000,000,336 | -H-- | C] () -- C:\ProgramData\6DSS92c31Apgjk

[2011.10.28 16:46:44 | 000,000,224 | -H-- | C] () -- C:\ProgramData\~1kAlMiG2Kb7FzP

[2011.10.28 16:46:44 | 000,000,112 | -H-- | C] () -- C:\ProgramData\~1kAlMiG2Kb7FzPr

[2011.10.28 16:46:25 | 000,000,659 | -H-- | C] () -- C:\Users\Theresa\Desktop\System Restore.lnk

[2011.10.28 16:46:22 | 000,000,440 | -H-- | C] () -- C:\ProgramData\1kAlMiG2Kb7FzP

[2011.10.20 09:45:53 | 000,055,936 | -H-- | C] () -- C:\Users\Theresa\Desktop\Setup.exe

[2011.10.20 09:25:00 | 000,364,927 | -H-- | C] () -- C:\Users\Theresa\Documents\WinFlash_WIN7_32_WIN7_64_z2310.zip

[2011.10.14 15:31:04 | 000,001,470 | -H-- | C] () -- C:\Users\Theresa\.recently-used.xbel

[2011.10.11 16:45:15 | 000,256,000 | -H-- | C] () -- C:\Windows\PEV.exe

[2011.10.11 16:45:15 | 000,208,896 | -H-- | C] () -- C:\Windows\MBR.exe

[2011.10.11 16:45:15 | 000,098,816 | -H-- | C] () -- C:\Windows\sed.exe

[2011.10.11 16:45:15 | 000,080,412 | -H-- | C] () -- C:\Windows\grep.exe

[2011.10.11 16:45:15 | 000,068,096 | -H-- | C] () -- C:\Windows\zip.exe

[2011.08.05 11:40:12 | 000,000,428 | -H-- | C] () -- C:\Windows\MAXLINK.INI

[2011.08.01 14:24:55 | 001,557,708 | -H-- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI

[2011.04.08 01:40:56 | 000,960,940 | -H-- | C] () -- C:\Windows\SysWow64\igkrng600.bin

[2011.04.08 01:40:54 | 000,213,332 | -H-- | C] () -- C:\Windows\SysWow64\igfcg600m.bin

[2011.04.08 01:40:53 | 000,145,804 | -H-- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin

[2009.10.25 22:38:22 | 000,000,176 | -H-- | C] () -- C:\Windows\explorer.exe.config

[2009.07.29 00:20:40 | 000,000,010 | -H-- | C] () -- C:\Windows\SysWow64\ABLKSR.ini

[2009.07.14 00:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat

[2009.07.13 21:35:51 | 000,000,741 | -H-- | C] () -- C:\Windows\SysWow64\NOISE.DAT

[2009.07.13 21:34:42 | 000,215,943 | -H-- | C] () -- C:\Windows\SysWow64\dssec.dat

[2009.07.13 19:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin

[2009.07.13 18:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll

[2009.07.13 16:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll

[2009.06.10 16:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat

 
 ========== LOP Check ==========

 

[2011.11.01 20:13:41 | 000,000,000 | -H-D | M] -- C:\Users\Theresa\AppData\Roaming\Asus WebStorage

[2011.10.10 22:20:10 | 000,000,000 | -HSD | M] -- C:\Users\Theresa\AppData\Roaming\C4136249

[2011.11.01 20:13:41 | 000,000,000 | -H-D | M] -- C:\Users\Theresa\AppData\Roaming\Canon

[2011.09.06 20:24:40 | 000,000,000 | -H-D | M] -- C:\Users\Theresa\AppData\Roaming\DVDVideoSoft

[2011.08.06 11:44:07 | 000,000,000 | -H-D | M] -- C:\Users\Theresa\AppData\Roaming\DVDVideoSoftIEHelpers

[2011.11.01 20:13:41 | 000,000,000 | -H-D | M] -- C:\Users\Theresa\AppData\Roaming\gtk-2.0

[2011.08.01 12:26:26 | 000,000,000 | -H-D | M] -- C:\Users\Theresa\AppData\Roaming\Nuance

[2011.11.01 20:10:13 | 000,000,000 | -H-D | M] -- C:\Users\Theresa\AppData\Roaming\OpenOffice.org

[2011.08.05 11:32:30 | 000,000,000 | -H-D | M] -- C:\Users\Theresa\AppData\Roaming\ScanSoft

[2011.11.01 20:10:13 | 000,000,000 | -H-D | M] -- C:\Users\Theresa\AppData\Roaming\SoftGrid Client

[2011.10.04 22:16:03 | 000,000,000 | -H-D | M] -- C:\Users\Theresa\AppData\Roaming\TIPP10

[2011.08.01 14:25:38 | 000,000,000 | -H-D | M] -- C:\Users\Theresa\AppData\Roaming\TP

[2011.11.01 20:10:14 | 000,000,000 | -H-D | M] -- C:\Users\Theresa\AppData\Roaming\Zeon

[2011.11.07 16:31:09 | 000,000,418 | ---- | M] () -- C:\Windows\Tasks\RegCure Program Check.job

[2011.11.07 16:31:09 | 000,000,400 | ---- | M] () -- C:\Windows\Tasks\RegCure.job

[2011.10.24 18:44:12 | 000,032,614 | -H-- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

 
 ========== Purity Check ==========

 

 

 
 ========== Custom Scans ==========

 

 
 < %ALLUSERSPROFILE%\Application Data\*. >

 
 < %ALLUSERSPROFILE%\Application Data\*.exe /s >

 
 < %APPDATA%\*. >

[2011.11.01 20:10:09 | 000,000,000 | -H-D | M] -- C:\Users\Theresa\AppData\Roaming\Adobe

[2011.08.16 12:07:23 | 000,000,000 | -H-D | M] -- C:\Users\Theresa\AppData\Roaming\Apple Computer

[2011.11.01 20:13:41 | 000,000,000 | -H-D | M] -- C:\Users\Theresa\AppData\Roaming\Asus WebStorage

[2011.10.12 07:12:15 | 000,000,000 | -H-D | M] -- C:\Users\Theresa\AppData\Roaming\Avira

[2011.10.10 22:20:10 | 000,000,000 | -HSD | M] -- C:\Users\Theresa\AppData\Roaming\C4136249

[2011.11.01 20:13:41 | 000,000,000 | -H-D | M] -- C:\Users\Theresa\AppData\Roaming\Canon

[2011.10.08 21:30:27 | 000,000,000 | -H-D | M] -- C:\Users\Theresa\AppData\Roaming\DivX

[2011.10.20 09:45:49 | 000,000,000 | -H-D | M] -- C:\Users\Theresa\AppData\Roaming\Download Manager

[2011.09.06 20:24:40 | 000,000,000 | -H-D | M] -- C:\Users\Theresa\AppData\Roaming\DVDVideoSoft

[2011.08.06 11:44:07 | 000,000,000 | -H-D | M] -- C:\Users\Theresa\AppData\Roaming\DVDVideoSoftIEHelpers

[2011.11.01 20:10:11 | 000,000,000 | -H-D | M] -- C:\Users\Theresa\AppData\Roaming\FLEXnet

[2011.11.01 20:13:41 | 000,000,000 | -H-D | M] -- C:\Users\Theresa\AppData\Roaming\gtk-2.0

[2011.08.01 12:05:48 | 000,000,000 | -H-D | M] -- C:\Users\Theresa\AppData\Roaming\Identities

[2011.08.01 12:10:19 | 000,000,000 | -H-D | M] -- C:\Users\Theresa\AppData\Roaming\Macromedia

[2011.09.25 18:17:24 | 000,000,000 | -H-D | M] -- C:\Users\Theresa\AppData\Roaming\Malwarebytes

[2009.07.14 02:44:38 | 000,000,000 | -H-D | M] -- C:\Users\Theresa\AppData\Roaming\Media Center Programs

[2011.11.01 20:13:41 | 000,000,000 | --SD | M] -- C:\Users\Theresa\AppData\Roaming\Microsoft

[2011.11.01 20:10:13 | 000,000,000 | -H-D | M] -- C:\Users\Theresa\AppData\Roaming\Mozilla

[2011.08.01 12:26:26 | 000,000,000 | -H-D | M] -- C:\Users\Theresa\AppData\Roaming\Nuance

[2011.11.01 20:10:13 | 000,000,000 | -H-D | M] -- C:\Users\Theresa\AppData\Roaming\OpenOffice.org

[2011.08.05 11:32:30 | 000,000,000 | -H-D | M] -- C:\Users\Theresa\AppData\Roaming\ScanSoft

[2011.11.07 16:48:49 | 000,000,000 | -H-D | M] -- C:\Users\Theresa\AppData\Roaming\Skype

[2011.11.01 20:10:13 | 000,000,000 | -H-D | M] -- C:\Users\Theresa\AppData\Roaming\SoftGrid Client

[2011.10.04 22:16:03 | 000,000,000 | -H-D | M] -- C:\Users\Theresa\AppData\Roaming\TIPP10

[2011.08.01 14:25:38 | 000,000,000 | -H-D | M] -- C:\Users\Theresa\AppData\Roaming\TP

[2011.11.01 20:10:14 | 000,000,000 | -H-D | M] -- C:\Users\Theresa\AppData\Roaming\Zeon

 
 < %APPDATA%\*.exe /s >

 
 < %SYSTEMDRIVE%\*.exe >

 

 
 < MD5 for: AGP440.SYS  >

[2009.07.13 20:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys

[2009.07.13 20:52:21 | 000,061,008 | -H-- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_9e6bb86c3b39a3e9\AGP440.sys

[2009.07.13 20:52:21 | 000,061,008 | -H-- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys

[2009.07.13 20:52:21 | 000,061,008 | -H-- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys

 
 < MD5 for: ATAPI.SYS  >

[2009.07.13 20:52:21 | 000,024,128 | -H-- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\ERDNT\cache64\atapi.sys

[2009.07.13 20:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys

[2009.07.13 20:52:21 | 000,024,128 | -H-- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_a69a58a4286f0b22\atapi.sys

[2009.07.13 20:52:21 | 000,024,128 | -H-- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys

[2009.07.13 20:52:21 | 000,024,128 | -H-- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys

 
 < MD5 for: CNGAUDIT.DLL  >

[2009.07.13 20:15:06 | 000,012,288 | -H-- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\ERDNT\cache86\cngaudit.dll

[2009.07.13 20:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll

[2009.07.13 20:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll

[2009.07.13 20:40:20 | 000,018,944 | -H-- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\ERDNT\cache64\cngaudit.dll

[2009.07.13 20:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\SysNative\cngaudit.dll

[2009.07.13 20:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll

 
 < MD5 for: IASTOR.SYS  >

[2010.09.13 05:24:26 | 000,437,272 | -H-- | M] (Intel Corporation) MD5=F7CE9BE72EDAC499B713ECA6DAE5D26F -- C:\eSupport\eDriver\Software\Other\Intel\IRST\iaStor.sys

[2010.09.13 05:24:26 | 000,437,272 | ---- | M] (Intel Corporation) MD5=F7CE9BE72EDAC499B713ECA6DAE5D26F -- C:\Windows\SysNative\drivers\iaStor.sys

[2010.09.13 05:24:26 | 000,437,272 | -H-- | M] (Intel Corporation) MD5=F7CE9BE72EDAC499B713ECA6DAE5D26F -- C:\Windows\SysNative\DriverStore\FileRepository\iaahci.inf_amd64_neutral_2b0c50dc63f09dae\iaStor.sys

 
 < MD5 for: IASTORV.SYS  >

[2010.11.20 08:33:38 | 000,410,496 | -H-- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_0d3757e79e6784d0\iaStorV.sys

[2011.01.12 11:20:46 | 000,410,504 | -H-- | M] (Intel Corporation) MD5=513DC087CFED7D2BB82F005385D3531F -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16592_none_0af87721a183cb70\iaStorV.sys

[2011.03.11 01:19:16 | 000,410,496 | -H-- | M] (Intel Corporation) MD5=5B3DE7208E5000D5B451B9D290D2579C -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_0d714416b7c182d5\iaStorV.sys

[2011.03.11 01:41:26 | 000,410,496 | -H-- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_0cf9793d9e95787b\iaStorV.sys

[2011.03.11 01:23:00 | 000,410,496 | ---- | M] (Intel Corporation) MD5=B75E45C564E944A2657167D197AB29DA -- C:\Windows\SysNative\drivers\iaStorV.sys

[2011.03.11 01:23:00 | 000,410,496 | -H-- | M] (Intel Corporation) MD5=B75E45C564E944A2657167D197AB29DA -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0033117673c16921\iaStorV.sys

[2011.03.11 01:23:00 | 000,410,496 | -H-- | M] (Intel Corporation) MD5=B75E45C564E944A2657167D197AB29DA -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16778_none_0b141c81a16e25e6\iaStorV.sys

[2011.03.11 01:25:49 | 000,410,496 | -H-- | M] (Intel Corporation) MD5=BFDC9D75698800CFE4D1698BF2750EA2 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.20921_none_0bccc8c8ba6985c1\iaStorV.sys

[2009.07.13 20:48:04 | 000,410,688 | -H-- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_18cccb83b34e1453\iaStorV.sys

[2009.07.13 20:48:04 | 000,410,688 | -H-- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_0b06441fa1790136\iaStorV.sys

[2011.01.12 11:20:46 | 000,410,496 | -H-- | M] (Intel Corporation) MD5=E353CF970C5D4D6A092911E15FB78C07 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.20712_none_0bd89532ba6088d9\iaStorV.sys

 
 < MD5 for: NETLOGON.DLL  >

[2009.07.13 20:41:52 | 000,692,736 | -H-- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\ERDNT\cache64\netlogon.dll

[2009.07.13 20:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\SysNative\netlogon.dll

[2009.07.13 20:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_59aca8ea51aaeefe\netlogon.dll

[2010.11.20 08:27:22 | 000,695,808 | -H-- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll

[2010.11.20 07:20:28 | 000,563,712 | -H-- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll

[2009.07.13 20:16:02 | 000,563,712 | -H-- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\ERDNT\cache86\netlogon.dll

[2009.07.13 20:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\SysWOW64\netlogon.dll

[2009.07.13 20:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_6401533c860bb0f9\netlogon.dll

 
 < MD5 for: NVSTOR.SYS  >

[2011.01.12 11:20:46 | 000,166,280 | -H-- | M] (NVIDIA Corporation) MD5=0AF7B8136794E23E87BE138992880E64 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16592_none_95c1e7d0d8ba7548\nvstor.sys

[2009.07.13 20:45:45 | 000,167,488 | -H-- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_5bde3fe2945bce9e\nvstor.sys

[2009.07.13 20:45:45 | 000,167,488 | -H-- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvstor.sys

[2011.03.11 01:23:06 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=6C1D5F70E7A6A3FD1C90D840EDC048B9 -- C:\Windows\SysNative\drivers\nvstor.sys

[2011.03.11 01:23:06 | 000,166,272 | -H-- | M] (NVIDIA Corporation) MD5=6C1D5F70E7A6A3FD1C90D840EDC048B9 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_38e464dbe521cc7f\nvstor.sys

[2011.03.11 01:23:06 | 000,166,272 | -H-- | M] (NVIDIA Corporation) MD5=6C1D5F70E7A6A3FD1C90D840EDC048B9 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_95dd8d30d8a4cfbe\nvstor.sys

[2011.03.11 01:25:53 | 000,166,272 | -H-- | M] (NVIDIA Corporation) MD5=AE274836BA56518E279087363A781214 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_96963977f1a02f99\nvstor.sys

[2011.01.12 11:20:46 | 000,166,272 | -H-- | M] (NVIDIA Corporation) MD5=CE76755AF933E728CEBA6C7A970838A4 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.20712_none_96a205e1f19732b1\nvstor.sys

[2011.03.11 01:19:21 | 000,166,272 | -H-- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys

[2011.03.11 01:41:34 | 000,166,272 | -H-- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys

[2010.11.20 08:33:48 | 000,166,272 | -H-- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvstor.sys

 
 < MD5 for: SCECLI.DLL  >

[2009.07.13 20:16:13 | 000,175,616 | -H-- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\ERDNT\cache86\scecli.dll

[2009.07.13 20:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\SysWOW64\scecli.dll

[2009.07.13 20:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll

[2009.07.13 20:41:53 | 000,232,448 | -H-- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\ERDNT\cache64\scecli.dll

[2009.07.13 20:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\SysNative\scecli.dll

[2009.07.13 20:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll

[2010.11.20 07:21:04 | 000,175,616 | -H-- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll

[2010.11.20 08:27:25 | 000,232,960 | -H-- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll

 
 < MD5 for: USER32.DLL  >

[2010.11.20 07:08:57 | 000,833,024 | -H-- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_35b31c02b85ccb6e\user32.dll

[2009.07.13 20:41:56 | 001,008,640 | -H-- | M] (Microsoft Corporation) MD5=72D7B3EA16946E8F0CF7458150031CC6 -- C:\Windows\ERDNT\cache64\user32.dll

[2009.07.13 20:41:56 | 001,008,640 | ---- | M] (Microsoft Corporation) MD5=72D7B3EA16946E8F0CF7458150031CC6 -- C:\Windows\SysNative\user32.dll

[2009.07.13 20:41:56 | 001,008,640 | ---- | M] (Microsoft Corporation) MD5=72D7B3EA16946E8F0CF7458150031CC6 -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_292d5de8870d85d9\user32.dll

[2009.07.13 20:11:24 | 000,833,024 | -H-- | M] (Microsoft Corporation) MD5=E8B0FFC209E504CB7E79FC24E6C085F0 -- C:\Windows\ERDNT\cache86\user32.dll

[2009.07.13 20:11:24 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=E8B0FFC209E504CB7E79FC24E6C085F0 -- C:\Windows\SysWOW64\user32.dll

[2009.07.13 20:11:24 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=E8B0FFC209E504CB7E79FC24E6C085F0 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_3382083abb6e47d4\user32.dll

[2010.11.20 08:27:27 | 001,008,128 | -H-- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_2b5e71b083fc0973\user32.dll

 
 < MD5 for: USERINIT.EXE  >

[2010.11.20 07:17:48 | 000,026,624 | -H-- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe

[2009.07.13 20:14:43 | 000,026,112 | -H-- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\ERDNT\cache86\userinit.exe

[2009.07.13 20:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\SysWOW64\userinit.exe

[2009.07.13 20:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe

[2009.07.13 20:39:48 | 000,030,208 | -H-- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\ERDNT\cache64\userinit.exe

[2009.07.13 20:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\SysNative\userinit.exe

[2009.07.13 20:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe

[2010.11.20 08:25:24 | 000,030,720 | -H-- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

 
 < MD5 for: WININIT.EXE  >

[2009.07.13 20:39:52 | 000,129,024 | -H-- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\ERDNT\cache64\wininit.exe

[2009.07.13 20:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\SysNative\wininit.exe

[2009.07.13 20:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\winsxs\amd64_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_8ce7aa761e01ad49\wininit.exe

[2009.07.13 20:14:45 | 000,096,256 | -H-- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\ERDNT\cache86\wininit.exe

[2009.07.13 20:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\SysWOW64\wininit.exe

[2009.07.13 20:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe

 
 < MD5 for: WINLOGON.EXE  >

[2010.11.20 08:25:30 | 000,390,656 | -H-- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe

[2009.07.13 20:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe

[2011.01.12 09:51:11 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe

[2011.01.12 09:51:11 | 000,389,632 | -H-- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\ERDNT\cache64\winlogon.exe

[2011.01.12 09:51:11 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\SysNative\winlogon.exe

[2011.01.12 09:51:11 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe

 
 < MD5 for: WS2IFSL.SYS  >

[2009.07.13 19:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\SysNative\drivers\ws2ifsl.sys

[2009.07.13 19:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\winsxs\amd64_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_ab7b927be17eace8\ws2ifsl.sys

 
 < %systemroot%\system32\drivers\*.sys /lockedfiles >

 
 < %systemroot%\System32\config\*.sav >

 
 < %systemroot%\*. /mp /s >

 
 < %systemroot%\system32\*.dll /lockedfiles >

[2009.07.13 20:14:57 | 000,070,144 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\atl.dll

[2009.07.13 20:15:13 | 000,346,112 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\dxtmsft.dll

[2009.07.13 20:15:13 | 000,215,552 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\dxtrans.dll

[2011.08.19 23:35:00 | 010,990,080 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\ieframe.dll

[2011.08.19 23:35:00 | 000,185,856 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\iepeers.dll

 
 <           >

 
 ========== Alternate Data Streams ==========

 

@Alternate Data Stream - 109 bytes -> C:\ProgramData\Temp:DFC5A2B2
 

< End of report >

--- --- ---

Ich hab grad beim rumstöbern hier im Forum entdeckt, dass sie hier:

http://www.trojaner-board.de/104051-...ermeldung.html

genau das Problem beschreibt, was ich auch habe. Überall heißt es ja immer man sollte aber bloß nicht einfach die Schritte befolgen, die jemand anderem empfohlen werden, weil jedes Problem individuell ist. Deshalb dachte ich, ich frag einfach mal nach, denkst du ich sollte es mal mit Combofix usw. probieren? :)

Zitat:

Deshalb dachte ich, ich frag einfach mal nach, denkst du ich sollte es mal mit Combofix usw. probieren?

Witzig, du hast ja schonmal CF ausgeführt!

=> [2011.10.11 16:45:08 | 000,000,000 | -H-D | C] -- C:\Qoobox

Das Log dazu bitte nachreichen!!

Mach einen OTL-Fix, beende alle evtl. geöffneten Programme, auch Virenscanner deaktivieren (!), starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!)

Code:

:OTL

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://asus.msn.com

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://asus.msn.com

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://asus.msn.com

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,XMLHTTP_UUID_Default = 9F 08 E8 0A 4F A6 BA 4D B9 6B 5D 43 F0 A6 04 45  [binary data]

IE - HKCU\..\URLSearchHook: {472734EA-242A-422b-ADF8-83D1E48CC825} - No CLSID value found

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

FF - prefs.js..network.proxy.http: "127.0.0.1"

FF - prefs.js..network.proxy.http_port: 49434

FF - prefs.js..network.proxy.type: 0

[2011.10.28 16:46:25 | 000,000,000 | -H-D | C] -- C:\Users\Theresa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Restore

[2011.10.10 22:05:06 | 000,000,000 | -HSD | C] -- C:\Users\Theresa\AppData\Roaming\C4136249

[2011.11.07 12:19:14 | 000,045,056 | ---- | M] () -- C:\Windows\SysNative\acovcnt.exe

[2011.10.28 16:46:25 | 000,000,659 | -H-- | M] () -- C:\Users\Theresa\Desktop\System Restore.lnk

@Alternate Data Stream - 109 bytes -> C:\ProgramData\Temp:DFC5A2B2

:Files

C:\WINDOWS\svchost.exe

C:\ProgramData\~9

C:\ProgramData\~6

C:\ProgramData\~1

C:\ProgramData\9

C:\ProgramData\6

C:\ProgramData\1

:Commands

[emptytemp]

[resethosts]

Klick dann oben links auf den Button Fix!
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet.

Die mit diesem Script gefixten Einträge, Dateien und Ordner werden zur Sicherheit nicht vollständig gelöscht, es wird eine Sicherheitskopie auf der Systempartition im Ordner "_OTL" erstellt.

Hinweis: Das obige Script ist nur für diesen einen User in dieser Situtation erstellt worden. Es ist auf keinen anderen Rechner portierbar und darf nicht anderweitig verwandt werden, da es das System nachhaltig schädigen kann!

Ja stimmt ich hab schon mal combofix laufen lassen, aber das war vor einem monat, da hatte ich einen anderen virus drauf und damit ist er dann verschwunden :) aber ich weiß nicht wo ich die logdatei finden soll, weil ich keinen zugriff auf meine ordner und programme habe, die sind alle weg oder eben versteckt. Ich hab eben mal combofix gestartet um zu gucken ob man dort die logdateien abrufen kann, aber der hat dann nur direkt einen scan gemacht.Sschon mal was sich verändert hat...in meiner startzeile steht jetzt rechts wieder dokumente, bilder, musik, computer, systemsteuerung und hilfe und support, aber meine programme und ordner sind immer noch weg und mein desktophintergrund auch immer noch schwarz und ich kann ihn auch nicht ändern :( aber das system restore und die fehlermeldungen erscheinen nicht mehr beim starten :)
also hier dann die logdatei von OTL

All processes killed
========== OTL ==========
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Local Page| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\XMLHTTP_UUID_Default| /E : value set successfully!
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{472734EA-242A-422b-ADF8-83D1E48CC825} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{472734EA-242A-422b-ADF8-83D1E48CC825}\ not found.
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable|dword:0 /E : value set successfully!
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyOverride| /E : value set successfully!
Prefs.js: "127.0.0.1" removed from network.proxy.http
Prefs.js: 49434 removed from network.proxy.http_port
Prefs.js: 0 removed from network.proxy.type
Folder C:\Users\Theresa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Restore\ not found.
C:\Users\Theresa\AppData\Roaming\C4136249 folder moved successfully.
C:\Windows\SysNative\acovcnt.exe moved successfully.
C:\Users\Theresa\Desktop\System Restore.lnk moved successfully.
ADS C:\ProgramData\Temp:DFC5A2B2 deleted successfully.
========== FILES ==========
C:\WINDOWS\svchost.exe moved successfully.
File\Folder C:\ProgramData\~9 not found.
File\Folder C:\ProgramData\~6 not found.
File\Folder C:\ProgramData\~1 not found.
File\Folder C:\ProgramData\9 not found.
File\Folder C:\ProgramData\6 not found.
File\Folder C:\ProgramData\1 not found.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Public
->Temp folder emptied: 0 bytes

User: Theresa
->Temp folder emptied: 2678 bytes
->Temporary Internet Files folder emptied: 47246722 bytes
->Java cache emptied: 380974 bytes
->FireFox cache emptied: 75719685 bytes
->Flash cache emptied: 25818 bytes

User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 213789475 bytes
->Flash cache emptied: 8488 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 13398019 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 85029 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 334,00 mb

C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

OTL by OldTimer - Version 3.2.31.0 log created on 11082011_201048

Files\Folders moved on Reboot...
C:\Users\Theresa\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

Registry entries deleted on Reboot...

Ich brauch den Quarantäneordner von Combofix. Bitte folgendes machen:

1.) GANZ WICHTIG!! Virenscanner deaktivieren, der darf das Packen nicht beeinflussen!
2.) Ordner Quarantine in C:\Qoobox in eine Datei zippen
3.) die erstellte ZIP-Datei hier hochladen => http://www.trojaner-board.de/54791-a...ner-board.html

Hinweis: Die Datei bitte wie in der Anleitung zum UpChannel angegeben auch da hochladen. Bitte NICHT die ZIP-Datei hier als Anhang in den Thread posten!

4.) Wenns erfolgreich war Bescheid sagen
5.) Erst dann wieder den Virenscanner einschalten

Hey, ich hab den Quarantäne Ordner hochgeladen. Außerdem hab ich dieses Program ausprobiert hxxp://download.bleepingcomputer.com/grinler/unhide.exe weil ich ganz dringend Dateien von mir benötigte. Ich war richtig überrascht, meine Programme und meine Dateien sind dadurch alle wieder aufgetauscht und auch meinen Desktophintergrund kann ich jetzt wieder ändern. Allerdings ist mein Laptop heute wieder einmal abgestürzt und hat mir einen blue screen angezeigt. Danke noch mal für die Hilfe, ich bin jetzt schon voll begeistert, hatte es eigentlich vorher schon aufgegeben ;)

Bitte nun dieses Tool von Kaspersky ausführen und das Log posten => http://www.trojaner-board.de/82358-t...entfernen.html

Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet,
Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten.
Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition nach, da speichert der TDSS-Killer seine Logs.

Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten!

http://saved.im/mtkwmtcxexhp/setting...8_16-25-18.jpg

okay,hier ist es...

19:37:27.0836 1304 TDSS rootkit removing tool 2.6.17.0 Nov 9 2011 16:48:26
19:37:28.0007 1304 ============================================================
19:37:28.0007 1304 Current date / time: 2011/11/10 19:37:28.0007
19:37:28.0007 1304 SystemInfo:
19:37:28.0007 1304
19:37:28.0007 1304 OS Version: 6.1.7600 ServicePack: 0.0
19:37:28.0007 1304 Product type: Workstation
19:37:28.0007 1304 ComputerName: THERESA-PC
19:37:28.0007 1304 UserName: Theresa
19:37:28.0007 1304 Windows directory: C:\Windows
19:37:28.0007 1304 System windows directory: C:\Windows
19:37:28.0007 1304 Running under WOW64
19:37:28.0007 1304 Processor architecture: Intel x64
19:37:28.0007 1304 Number of processors: 4
19:37:28.0007 1304 Page size: 0x1000
19:37:28.0007 1304 Boot type: Normal boot
19:37:28.0007 1304 ============================================================
19:37:29.0505 1304 Initialize success
19:37:39.0083 4956 ============================================================
19:37:39.0083 4956 Scan started
19:37:39.0083 4956 Mode: Manual; SigCheck; TDLFS;
19:37:39.0083 4956 ============================================================
19:37:41.0726 4956 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\DRIVERS\1394ohci.sys
19:37:42.0034 4956 1394ohci - ok
19:37:42.0487 4956 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\DRIVERS\ACPI.sys
19:37:42.0518 4956 ACPI - ok
19:37:42.0956 4956 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\DRIVERS\acpipmi.sys
19:37:43.0548 4956 AcpiPmi - ok
19:37:44.0127 4956 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
19:37:44.0158 4956 adp94xx - ok
19:37:44.0283 4956 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
19:37:44.0314 4956 adpahci - ok
19:37:44.0392 4956 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
19:37:44.0407 4956 adpu320 - ok
19:37:44.0532 4956 AFD (6ef20ddf3172e97d69f596fb90602f29) C:\Windows\system32\drivers\afd.sys
19:37:44.0579 4956 AFD - ok
19:37:44.0626 4956 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\DRIVERS\agp440.sys
19:37:44.0657 4956 agp440 - ok
19:37:44.0782 4956 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\DRIVERS\aliide.sys
19:37:44.0813 4956 aliide - ok
19:37:44.0875 4956 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\DRIVERS\amdide.sys
19:37:44.0907 4956 amdide - ok
19:37:45.0094 4956 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
19:37:45.0187 4956 AmdK8 - ok
19:37:45.0343 4956 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
19:37:45.0437 4956 AmdPPM - ok
19:37:45.0546 4956 amdsata (ec7ebab00a4d8448bab68d1e49b4beb9) C:\Windows\system32\drivers\amdsata.sys
19:37:45.0577 4956 amdsata - ok
19:37:45.0624 4956 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
19:37:45.0655 4956 amdsbs - ok
19:37:45.0702 4956 amdxata (db27766102c7bf7e95140a2aa81d042e) C:\Windows\system32\drivers\amdxata.sys
19:37:45.0718 4956 amdxata - ok
19:37:45.0765 4956 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys
19:37:45.0889 4956 AppID - ok
19:37:45.0967 4956 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
19:37:45.0999 4956 arc - ok
19:37:46.0045 4956 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
19:37:46.0077 4956 arcsas - ok
19:37:46.0186 4956 ASMMAP64 (4c016fd76ed5c05e84ca8cab77993961) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys
19:37:46.0295 4956 ASMMAP64 - ok
19:37:46.0326 4956 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
19:37:46.0404 4956 AsyncMac - ok
19:37:46.0467 4956 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\DRIVERS\atapi.sys
19:37:46.0498 4956 atapi - ok
19:37:46.0576 4956 athr (f8633cdd09647a64ee8db550630427ff) C:\Windows\system32\DRIVERS\athrx.sys
19:37:46.0716 4956 athr - ok
19:37:46.0857 4956 ATKWMIACPIIO (1f7238a37389ed92e9d8eee975cabd54) C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys
19:37:46.0872 4956 ATKWMIACPIIO - ok
19:37:47.0028 4956 avgntflt (aa8f79a1bdfc03b3bc70c44ab00589b4) C:\Windows\system32\DRIVERS\avgntflt.sys
19:37:47.0059 4956 avgntflt - ok
19:37:47.0091 4956 avipbb (d959309ececca73fc79f8ef8521346b2) C:\Windows\system32\DRIVERS\avipbb.sys
19:37:47.0122 4956 avipbb - ok
19:37:47.0137 4956 avkmgr (248db59fc86de44d2779f4c7fb1a567d) C:\Windows\system32\DRIVERS\avkmgr.sys
19:37:47.0153 4956 avkmgr - ok
19:37:47.0247 4956 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
19:37:47.0340 4956 b06bdrv - ok
19:37:47.0403 4956 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
19:37:47.0481 4956 b57nd60a - ok
19:37:47.0543 4956 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
19:37:47.0621 4956 Beep - ok
19:37:47.0699 4956 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
19:37:47.0777 4956 blbdrive - ok
19:37:47.0886 4956 bowser (19d20159708e152267e53b66677a4995) C:\Windows\system32\DRIVERS\bowser.sys
19:37:47.0995 4956 bowser - ok
19:37:48.0089 4956 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
19:37:48.0136 4956 BrFiltLo - ok
19:37:48.0151 4956 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
19:37:48.0167 4956 BrFiltUp - ok
19:37:48.0198 4956 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
19:37:48.0245 4956 Brserid - ok
19:37:48.0276 4956 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
19:37:48.0323 4956 BrSerWdm - ok
19:37:48.0323 4956 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
19:37:48.0370 4956 BrUsbMdm - ok
19:37:48.0370 4956 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
19:37:48.0401 4956 BrUsbSer - ok
19:37:48.0479 4956 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys
19:37:48.0573 4956 BthEnum - ok
19:37:48.0604 4956 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
19:37:48.0682 4956 BTHMODEM - ok
19:37:48.0713 4956 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
19:37:48.0775 4956 BthPan - ok
19:37:48.0853 4956 BTHPORT (21084ceb85280468c9aca3c805c0f8cf) C:\Windows\System32\Drivers\BTHport.sys
19:37:48.0947 4956 BTHPORT - ok
19:37:49.0009 4956 BTHUSB (8504842634dd144c075b6b0c982ccec4) C:\Windows\System32\Drivers\BTHUSB.sys
19:37:49.0041 4956 BTHUSB - ok
19:37:49.0212 4956 catchme - ok
19:37:49.0275 4956 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
19:37:49.0384 4956 cdfs - ok
19:37:49.0431 4956 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys
19:37:49.0493 4956 cdrom - ok
19:37:49.0540 4956 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
19:37:49.0602 4956 circlass - ok
19:37:49.0649 4956 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
19:37:49.0665 4956 CLFS - ok
19:37:49.0789 4956 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
19:37:49.0836 4956 CmBatt - ok
19:37:49.0852 4956 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\DRIVERS\cmdide.sys
19:37:49.0867 4956 cmdide - ok
19:37:49.0899 4956 CNG (f95fd4cb7da00ba2a63ce9f6b5c053e1) C:\Windows\system32\Drivers\cng.sys
19:37:49.0992 4956 CNG - ok
19:37:50.0039 4956 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
19:37:50.0070 4956 Compbatt - ok
19:37:50.0117 4956 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\DRIVERS\CompositeBus.sys
19:37:50.0179 4956 CompositeBus - ok
19:37:50.0211 4956 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
19:37:50.0242 4956 crcdisk - ok
19:37:50.0335 4956 DfsC (9c253ce7311ca60fc11c774692a13208) C:\Windows\system32\Drivers\dfsc.sys
19:37:50.0382 4956 DfsC - ok
19:37:50.0429 4956 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
19:37:50.0523 4956 discache - ok
19:37:50.0616 4956 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
19:37:50.0647 4956 Disk - ok
19:37:50.0710 4956 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
19:37:50.0757 4956 drmkaud - ok
19:37:50.0819 4956 DXGKrnl (1633b9abf52784a1331476397a48cbef) C:\Windows\System32\drivers\dxgkrnl.sys
19:37:50.0897 4956 DXGKrnl - ok
19:37:50.0991 4956 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
19:37:51.0162 4956 ebdrv - ok
19:37:51.0256 4956 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
19:37:51.0303 4956 elxstor - ok
19:37:51.0303 4956 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\DRIVERS\errdev.sys
19:37:51.0349 4956 ErrDev - ok
19:37:51.0396 4956 ETD (5b042aa9cebdab5b61e747ddcebff51b) C:\Windows\system32\DRIVERS\ETD.sys
19:37:51.0427 4956 ETD - ok
19:37:51.0459 4956 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
19:37:51.0537 4956 exfat - ok
19:37:51.0568 4956 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
19:37:51.0630 4956 fastfat - ok
19:37:51.0661 4956 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
19:37:51.0708 4956 fdc - ok
19:37:51.0755 4956 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
19:37:51.0771 4956 FileInfo - ok
19:37:51.0802 4956 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
19:37:51.0880 4956 Filetrace - ok
19:37:51.0911 4956 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
19:37:51.0942 4956 flpydisk - ok
19:37:51.0973 4956 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys
19:37:52.0005 4956 FltMgr - ok
19:37:52.0020 4956 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
19:37:52.0036 4956 FsDepends - ok
19:37:52.0098 4956 fssfltr (6c06701bf1db05405804d7eb610991ce) C:\Windows\system32\DRIVERS\fssfltr.sys
19:37:52.0114 4956 fssfltr - ok
19:37:52.0176 4956 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
19:37:52.0207 4956 Fs_Rec - ok
19:37:52.0254 4956 fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\Windows\system32\DRIVERS\fvevol.sys
19:37:52.0270 4956 fvevol - ok
19:37:52.0317 4956 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
19:37:52.0348 4956 gagp30kx - ok
19:37:52.0395 4956 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
19:37:52.0426 4956 GEARAspiWDM - ok
19:37:52.0519 4956 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
19:37:52.0566 4956 hcw85cir - ok
19:37:52.0582 4956 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\Windows\system32\drivers\HdAudio.sys
19:37:52.0675 4956 HdAudAddService - ok
19:37:52.0785 4956 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\DRIVERS\HDAudBus.sys
19:37:52.0847 4956 HDAudBus - ok
19:37:52.0863 4956 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
19:37:52.0925 4956 HidBatt - ok
19:37:52.0956 4956 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
19:37:53.0003 4956 HidBth - ok
19:37:53.0019 4956 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
19:37:53.0065 4956 HidIr - ok
19:37:53.0081 4956 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys
19:37:53.0112 4956 HidUsb - ok
19:37:53.0143 4956 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\DRIVERS\HpSAMD.sys
19:37:53.0175 4956 HpSAMD - ok
19:37:53.0237 4956 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys
19:37:53.0331 4956 HTTP - ok
19:37:53.0362 4956 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys
19:37:53.0362 4956 hwpolicy - ok
19:37:53.0393 4956 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
19:37:53.0409 4956 i8042prt - ok
19:37:53.0471 4956 iaStor (f7ce9be72edac499b713eca6dae5d26f) C:\Windows\system32\DRIVERS\iaStor.sys
19:37:53.0487 4956 iaStor - ok
19:37:53.0549 4956 iaStorV (b75e45c564e944a2657167d197ab29da) C:\Windows\system32\drivers\iaStorV.sys
19:37:53.0611 4956 iaStorV - ok
19:37:53.0861 4956 igfx (efe5a0af39a8e179624117c521f1e012) C:\Windows\system32\DRIVERS\igdkmd64.sys
19:37:54.0298 4956 igfx - ok
19:37:54.0423 4956 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
19:37:54.0454 4956 iirsp - ok
19:37:54.0625 4956 IntcAzAudAddService (3e3926f4fa7c9162c5c3ec6bf1e4f349) C:\Windows\system32\drivers\RTKVHD64.sys
19:37:54.0766 4956 IntcAzAudAddService - ok
19:37:54.0891 4956 IntcDAud (fc727061c0f47c8059e88e05d5c8e381) C:\Windows\system32\DRIVERS\IntcDAud.sys
19:37:54.0953 4956 IntcDAud - ok
19:37:55.0031 4956 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\DRIVERS\intelide.sys
19:37:55.0047 4956 intelide - ok
19:37:55.0093 4956 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
19:37:55.0125 4956 intelppm - ok
19:37:55.0140 4956 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:37:55.0203 4956 IpFilterDriver - ok
19:37:55.0234 4956 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\DRIVERS\IPMIDrv.sys
19:37:55.0265 4956 IPMIDRV - ok
19:37:55.0327 4956 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
19:37:55.0390 4956 IPNAT - ok
19:37:55.0437 4956 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
19:37:55.0483 4956 IRENUM - ok
19:37:55.0515 4956 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\DRIVERS\isapnp.sys
19:37:55.0530 4956 isapnp - ok
19:37:55.0561 4956 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\DRIVERS\msiscsi.sys
19:37:55.0593 4956 iScsiPrt - ok
19:37:55.0639 4956 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
19:37:55.0671 4956 kbdclass - ok
19:37:55.0733 4956 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys
19:37:55.0795 4956 kbdhid - ok
19:37:55.0842 4956 kbfiltr (e63ef8c3271d014f14e2469ce75fecb4) C:\Windows\system32\DRIVERS\kbfiltr.sys
19:37:55.0873 4956 kbfiltr - ok
19:37:55.0905 4956 KSecDD (e8b6fcc9c83535c67f835d407620bd27) C:\Windows\system32\Drivers\ksecdd.sys
19:37:55.0936 4956 KSecDD - ok
19:37:55.0967 4956 KSecPkg (a8c63880ef6f4d3fec7b616b9c060215) C:\Windows\system32\Drivers\ksecpkg.sys
19:37:55.0983 4956 KSecPkg - ok
19:37:56.0029 4956 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
19:37:56.0123 4956 ksthunk - ok
19:37:56.0435 4956 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
19:37:56.0544 4956 lltdio - ok
19:37:56.0591 4956 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
19:37:56.0622 4956 LSI_FC - ok
19:37:56.0638 4956 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
19:37:56.0653 4956 LSI_SAS - ok
19:37:56.0716 4956 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
19:37:56.0747 4956 LSI_SAS2 - ok
19:37:56.0763 4956 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
19:37:56.0778 4956 LSI_SCSI - ok
19:37:56.0809 4956 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
19:37:56.0872 4956 luafv - ok
19:37:56.0950 4956 MBAMProtector (23a854450dab5c9b7a42ab9be6f2e4bd) C:\Windows\system32\drivers\mbam.sys
19:37:56.0981 4956 MBAMProtector - ok
19:37:57.0028 4956 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
19:37:57.0059 4956 megasas - ok
19:37:57.0075 4956 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
19:37:57.0106 4956 MegaSR - ok
19:37:57.0168 4956 MEIx64 (1c6e73fc46b509eff9d0086aa37132df) C:\Windows\system32\DRIVERS\HECIx64.sys
19:37:57.0184 4956 MEIx64 - ok
19:37:57.0199 4956 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
19:37:57.0293 4956 Modem - ok
19:37:57.0340 4956 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
19:37:57.0387 4956 monitor - ok
19:37:57.0449 4956 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
19:37:57.0480 4956 mouclass - ok
19:37:57.0496 4956 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
19:37:57.0543 4956 mouhid - ok
19:37:57.0621 4956 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys
19:37:57.0652 4956 mountmgr - ok
19:37:57.0667 4956 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\DRIVERS\mpio.sys
19:37:57.0683 4956 mpio - ok
19:37:57.0730 4956 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
19:37:57.0855 4956 mpsdrv - ok
19:37:57.0870 4956 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys
19:37:57.0917 4956 MRxDAV - ok
19:37:57.0964 4956 mrxsmb (040d62a9d8ad28922632137acdd984f2) C:\Windows\system32\DRIVERS\mrxsmb.sys
19:37:58.0011 4956 mrxsmb - ok
19:37:58.0057 4956 mrxsmb10 (f0067552f8f9b33d7c59403ab808a3cb) C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:37:58.0120 4956 mrxsmb10 - ok
19:37:58.0151 4956 mrxsmb20 (3c142d31de9f2f193218a53fe2632051) C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:37:58.0167 4956 mrxsmb20 - ok
19:37:58.0198 4956 msahci (5c37497276e3b3a5488b23a326a754b7) C:\Windows\system32\DRIVERS\msahci.sys
19:37:58.0213 4956 msahci - ok
19:37:58.0245 4956 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\DRIVERS\msdsm.sys
19:37:58.0260 4956 msdsm - ok
19:37:58.0323 4956 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
19:37:58.0416 4956 Msfs - ok
19:37:58.0463 4956 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
19:37:58.0557 4956 mshidkmdf - ok
19:37:58.0572 4956 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\DRIVERS\msisadrv.sys
19:37:58.0588 4956 msisadrv - ok
19:37:58.0635 4956 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
19:37:58.0697 4956 MSKSSRV - ok
19:37:58.0713 4956 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
19:37:58.0775 4956 MSPCLOCK - ok
19:37:58.0775 4956 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
19:37:58.0837 4956 MSPQM - ok
19:37:58.0869 4956 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys
19:37:58.0884 4956 MsRPC - ok
19:37:58.0915 4956 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
19:37:58.0915 4956 mssmbios - ok
19:37:58.0931 4956 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
19:37:58.0962 4956 MSTEE - ok
19:37:58.0978 4956 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
19:37:59.0009 4956 MTConfig - ok
19:37:59.0040 4956 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
19:37:59.0056 4956 Mup - ok
19:37:59.0103 4956 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
19:37:59.0196 4956 NativeWifiP - ok
19:37:59.0274 4956 NDIS (a3151b3463eea7e47f618f115d0d142e) C:\Windows\system32\drivers\ndis.sys
19:37:59.0337 4956 NDIS - ok
19:37:59.0383 4956 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
19:37:59.0446 4956 NdisCap - ok
19:37:59.0493 4956 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
19:37:59.0586 4956 NdisTapi - ok
19:37:59.0633 4956 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys
19:37:59.0695 4956 Ndisuio - ok
19:37:59.0727 4956 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys
19:37:59.0789 4956 NdisWan - ok
19:37:59.0820 4956 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys
19:37:59.0867 4956 NDProxy - ok
19:37:59.0914 4956 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
19:37:59.0961 4956 NetBIOS - ok
19:37:59.0992 4956 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys
19:38:00.0054 4956 NetBT - ok
19:38:00.0117 4956 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
19:38:00.0132 4956 nfrd960 - ok
19:38:00.0180 4956 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
19:38:00.0236 4956 Npfs - ok
19:38:00.0267 4956 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
19:38:00.0325 4956 nsiproxy - ok
19:38:00.0415 4956 Ntfs (378e0e0dfea67d98ae6ea53adbbd76bc) C:\Windows\system32\drivers\Ntfs.sys
19:38:00.0586 4956 Ntfs - ok
19:38:00.0609 4956 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
19:38:00.0680 4956 Null - ok
19:38:01.0015 4956 nvlddmkm (d5dea2c1865cab9ee6aa29cf9e79a2ce) C:\Windows\system32\DRIVERS\nvlddmkm.sys
19:38:01.0501 4956 nvlddmkm - ok
19:38:01.0611 4956 nvpciflt (5ef70f7714c664bcf50edfc141dea9b8) C:\Windows\system32\DRIVERS\nvpciflt.sys
19:38:01.0642 4956 nvpciflt - ok
19:38:01.0720 4956 nvraid (a4d9c9a608a97f59307c2f2600edc6a4) C:\Windows\system32\drivers\nvraid.sys
19:38:01.0751 4956 nvraid - ok
19:38:01.0798 4956 nvstor (6c1d5f70e7a6a3fd1c90d840edc048b9) C:\Windows\system32\drivers\nvstor.sys
19:38:01.0829 4956 nvstor - ok
19:38:01.0891 4956 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\DRIVERS\nv_agp.sys
19:38:01.0938 4956 nv_agp - ok
19:38:01.0938 4956 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\DRIVERS\ohci1394.sys
19:38:02.0001 4956 ohci1394 - ok
19:38:02.0063 4956 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
19:38:02.0110 4956 Parport - ok
19:38:02.0141 4956 partmgr (7daa117143316c4a1537e074a5a9eaf0) C:\Windows\system32\drivers\partmgr.sys
19:38:02.0157 4956 partmgr - ok
19:38:02.0188 4956 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\DRIVERS\pci.sys
19:38:02.0203 4956 pci - ok
19:38:02.0266 4956 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
19:38:02.0297 4956 pciide - ok
19:38:02.0328 4956 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
19:38:02.0344 4956 pcmcia - ok
19:38:02.0375 4956 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
19:38:02.0391 4956 pcw - ok
19:38:02.0422 4956 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
19:38:02.0515 4956 PEAUTH - ok
19:38:02.0671 4956 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys
19:38:02.0812 4956 PptpMiniport - ok
19:38:02.0890 4956 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
19:38:02.0921 4956 Processor - ok
19:38:02.0952 4956 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys
19:38:02.0999 4956 Psched - ok
19:38:03.0077 4956 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
19:38:03.0186 4956 ql2300 - ok
19:38:03.0202 4956 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
19:38:03.0217 4956 ql40xx - ok
19:38:03.0249 4956 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
19:38:03.0311 4956 QWAVEdrv - ok
19:38:03.0327 4956 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
19:38:03.0389 4956 RasAcd - ok
19:38:03.0451 4956 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
19:38:03.0514 4956 RasAgileVpn - ok
19:38:03.0576 4956 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys
19:38:03.0639 4956 Rasl2tp - ok
19:38:03.0685 4956 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
19:38:03.0810 4956 RasPppoe - ok
19:38:03.0857 4956 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
19:38:03.0966 4956 RasSstp - ok
19:38:03.0997 4956 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys
19:38:04.0044 4956 rdbss - ok
19:38:04.0075 4956 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
19:38:04.0107 4956 rdpbus - ok
19:38:04.0153 4956 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
19:38:04.0231 4956 RDPCDD - ok
19:38:04.0263 4956 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
19:38:04.0341 4956 RDPENCDD - ok
19:38:04.0372 4956 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
19:38:04.0450 4956 RDPREFMP - ok
19:38:04.0481 4956 RDPWD (8a3e6bea1c53ea6177fe2b6eba2c80d7) C:\Windows\system32\drivers\RDPWD.sys
19:38:04.0543 4956 RDPWD - ok
19:38:04.0606 4956 rdyboost (e5dc9ba9e439d6dbdd79f8caacb5bf01) C:\Windows\system32\drivers\rdyboost.sys
19:38:04.0637 4956 rdyboost - ok
19:38:04.0684 4956 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
19:38:04.0777 4956 RFCOMM - ok
19:38:04.0824 4956 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
19:38:04.0933 4956 rspndr - ok
19:38:04.0965 4956 RSUSBVSTOR (e57fac2cdb73f06586ed2ed310b80932) C:\Windows\system32\Drivers\RtsUVStor.sys
19:38:04.0996 4956 RSUSBVSTOR - ok
19:38:05.0058 4956 RTL8167 (6d3c7e7d82d3dc92dc2a8b0df9f20f8a) C:\Windows\system32\DRIVERS\Rt64win7.sys
19:38:05.0105 4956 RTL8167 - ok
19:38:05.0136 4956 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\DRIVERS\sbp2port.sys
19:38:05.0167 4956 sbp2port - ok
19:38:05.0230 4956 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys
19:38:05.0323 4956 scfilter - ok
19:38:05.0370 4956 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
19:38:05.0417 4956 secdrv - ok
19:38:05.0464 4956 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
19:38:05.0526 4956 Serenum - ok
19:38:05.0526 4956 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
19:38:05.0557 4956 Serial - ok
19:38:05.0589 4956 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
19:38:05.0620 4956 sermouse - ok
19:38:05.0635 4956 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys
19:38:05.0698 4956 sffdisk - ok
19:38:05.0713 4956 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\DRIVERS\sffp_mmc.sys
19:38:05.0745 4956 sffp_mmc - ok
19:38:05.0760 4956 sffp_sd (178298f767fe638c9fedcbdef58bb5e4) C:\Windows\system32\DRIVERS\sffp_sd.sys
19:38:05.0791 4956 sffp_sd - ok
19:38:05.0791 4956 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
19:38:05.0823 4956 sfloppy - ok
19:38:05.0901 4956 Sftfs (a40abfdcb75f835fdf3ce0cc64e4250d) C:\Windows\system32\DRIVERS\Sftfslh.sys
19:38:05.0963 4956 Sftfs - ok
19:38:06.0010 4956 Sftplay (411769ed1cb12d2b44217734347bdb7a) C:\Windows\system32\DRIVERS\Sftplaylh.sys
19:38:06.0057 4956 Sftplay - ok
19:38:06.0088 4956 Sftredir (a14d0df34bbb00ea94da16193d0c7957) C:\Windows\system32\DRIVERS\Sftredirlh.sys
19:38:06.0103 4956 Sftredir - ok
19:38:06.0150 4956 Sftvol (393b22addd89979eb1c60898f51c3648) C:\Windows\system32\DRIVERS\Sftvollh.sys
19:38:06.0166 4956 Sftvol - ok
19:38:06.0244 4956 SiSGbeLH (1bc348cf6baa90ec8e533ef6e6a69933) C:\Windows\system32\DRIVERS\SiSG664.sys
19:38:06.0275 4956 SiSGbeLH - ok
19:38:06.0306 4956 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
19:38:06.0337 4956 SiSRaid2 - ok
19:38:06.0353 4956 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
19:38:06.0369 4956 SiSRaid4 - ok
19:38:06.0369 4956 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
19:38:06.0447 4956 Smb - ok
19:38:06.0525 4956 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
19:38:06.0540 4956 spldr - ok
19:38:06.0634 4956 srv (2408c0366d96bcdf63e8f1c78e4a29c5) C:\Windows\system32\DRIVERS\srv.sys
19:38:06.0727 4956 srv - ok
19:38:06.0774 4956 srv2 (76548f7b818881b47d8d1ae1be9c11f8) C:\Windows\system32\DRIVERS\srv2.sys
19:38:06.0852 4956 srv2 - ok
19:38:06.0899 4956 srvnet (0af6e19d39c70844c5caa8fb0183c36e) C:\Windows\system32\DRIVERS\srvnet.sys
19:38:06.0961 4956 srvnet - ok
19:38:07.0039 4956 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
19:38:07.0055 4956 stexstor - ok
19:38:07.0133 4956 StillCam (decacb6921ded1a38642642685d77dac) C:\Windows\system32\DRIVERS\serscan.sys
19:38:07.0195 4956 StillCam - ok
19:38:07.0242 4956 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
19:38:07.0258 4956 swenum - ok
19:38:07.0383 4956 Tcpip (f18f56efc0bfb9c87ba01c37b27f4da5) C:\Windows\system32\drivers\tcpip.sys
19:38:07.0554 4956 Tcpip - ok
19:38:07.0585 4956 TCPIP6 (f18f56efc0bfb9c87ba01c37b27f4da5) C:\Windows\system32\DRIVERS\tcpip.sys
19:38:07.0632 4956 TCPIP6 - ok
19:38:07.0741 4956 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys
19:38:07.0851 4956 tcpipreg - ok
19:38:07.0929 4956 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
19:38:08.0007 4956 TDPIPE - ok
19:38:08.0022 4956 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
19:38:08.0069 4956 TDTCP - ok
19:38:08.0100 4956 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys
19:38:08.0163 4956 tdx - ok
19:38:08.0194 4956 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\DRIVERS\termdd.sys
19:38:08.0225 4956 TermDD - ok
19:38:08.0303 4956 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys
19:38:08.0365 4956 tssecsrv - ok
19:38:08.0428 4956 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys
19:38:08.0490 4956 tunnel - ok
19:38:08.0521 4956 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
19:38:08.0537 4956 uagp35 - ok
19:38:08.0553 4956 udfs (d47baead86c65d4f4069d7ce0a4edceb) C:\Windows\system32\DRIVERS\udfs.sys
19:38:08.0615 4956 udfs - ok
19:38:08.0646 4956 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\DRIVERS\uliagpkx.sys
19:38:08.0662 4956 uliagpkx - ok
19:38:08.0709 4956 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys
19:38:08.0755 4956 umbus - ok
19:38:08.0771 4956 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
19:38:08.0802 4956 UmPass - ok
19:38:08.0865 4956 usbccgp (537a4e03d7103c12d42dfd8ffdb5bdc9) C:\Windows\system32\DRIVERS\usbccgp.sys
19:38:08.0927 4956 usbccgp - ok
19:38:08.0958 4956 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\DRIVERS\usbcir.sys
19:38:09.0005 4956 usbcir - ok
19:38:09.0036 4956 usbehci (fbb21ebe49f6d560db37ac25fbc68e66) C:\Windows\system32\drivers\usbehci.sys
19:38:09.0099 4956 usbehci - ok
19:38:09.0145 4956 usbhub (6b7a8a99c4a459e73c286a6763ea24cc) C:\Windows\system32\DRIVERS\usbhub.sys
19:38:09.0239 4956 usbhub - ok
19:38:09.0270 4956 usbohci (8c88aa7617b4cbc2e4bed61d26b33a27) C:\Windows\system32\drivers\usbohci.sys
19:38:09.0333 4956 usbohci - ok
19:38:09.0364 4956 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
19:38:09.0411 4956 usbprint - ok
19:38:09.0442 4956 USBSTOR (f39983647bc1f3e6100778ddfe9dce29) C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:38:09.0473 4956 USBSTOR - ok
19:38:09.0535 4956 usbuhci (0b5b3b2df3fd1709618acfa50b8392b0) C:\Windows\system32\drivers\usbuhci.sys
19:38:09.0567 4956 usbuhci - ok
19:38:09.0645 4956 usbvideo (7cb8c573c6e4a2714402cc0a36eab4fe) C:\Windows\system32\Drivers\usbvideo.sys
19:38:09.0691 4956 usbvideo - ok
19:38:09.0738 4956 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\DRIVERS\vdrvroot.sys
19:38:09.0769 4956 vdrvroot - ok
19:38:09.0832 4956 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
19:38:09.0847 4956 vga - ok
19:38:09.0894 4956 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
19:38:10.0019 4956 VgaSave - ok
19:38:10.0035 4956 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\DRIVERS\vhdmp.sys
19:38:10.0050 4956 vhdmp - ok
19:38:10.0097 4956 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\DRIVERS\viaide.sys
19:38:10.0113 4956 viaide - ok
19:38:10.0159 4956 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\DRIVERS\volmgr.sys
19:38:10.0175 4956 volmgr - ok
19:38:10.0222 4956 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys
19:38:10.0237 4956 volmgrx - ok
19:38:10.0284 4956 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\DRIVERS\volsnap.sys
19:38:10.0331 4956 volsnap - ok
19:38:10.0409 4956 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
19:38:10.0440 4956 vsmraid - ok
19:38:10.0471 4956 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
19:38:10.0534 4956 vwifibus - ok
19:38:10.0581 4956 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
19:38:10.0627 4956 vwififlt - ok
19:38:10.0705 4956 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
19:38:10.0752 4956 WacomPen - ok
19:38:10.0799 4956 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
19:38:10.0861 4956 WANARP - ok
19:38:10.0893 4956 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
19:38:10.0939 4956 Wanarpv6 - ok
19:38:11.0033 4956 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
19:38:11.0049 4956 Wd - ok
19:38:11.0173 4956 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
19:38:11.0236 4956 Wdf01000 - ok
19:38:11.0298 4956 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
19:38:11.0329 4956 WfpLwf - ok
19:38:11.0454 4956 WimFltr (52ded146e4797e6ccf94799e8e22bb2a) C:\Windows\system32\DRIVERS\wimfltr.sys
19:38:11.0485 4956 WimFltr - ok
19:38:11.0501 4956 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
19:38:11.0517 4956 WIMMount - ok
19:38:11.0579 4956 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys
19:38:11.0626 4956 WmiAcpi - ok
19:38:11.0673 4956 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
19:38:11.0719 4956 ws2ifsl - ok
19:38:11.0766 4956 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys
19:38:11.0891 4956 WudfPf - ok
19:38:11.0922 4956 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\Windows\system32\DRIVERS\WUDFRd.sys
19:38:11.0985 4956 WUDFRd - ok
19:38:12.0031 4956 MBR (0x1B8) (950dcd2e3db597e6b62b2b7124557fec) \Device\Harddisk0\DR0
19:38:12.0031 4956 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - infected
19:38:12.0031 4956 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Pihar.b (0)
19:38:12.0125 4956 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
19:38:12.0125 4956 \Device\Harddisk0\DR0 - detected TDSS File System (1)
19:38:12.0156 4956 Boot (0x1200) (36f051b353f0e2e5b500817ef97c9750) \Device\Harddisk0\DR0\Partition0
19:38:12.0156 4956 \Device\Harddisk0\DR0\Partition0 - ok
19:38:12.0172 4956 Boot (0x1200) (8558885ac146a853f9aa57c214e29368) \Device\Harddisk0\DR0\Partition1
19:38:12.0172 4956 \Device\Harddisk0\DR0\Partition1 - ok
19:38:12.0172 4956 ============================================================
19:38:12.0172 4956 Scan finished
19:38:12.0172 4956 ============================================================
19:38:12.0203 5008 Detected object count: 2
19:38:12.0203 5008 Actual detected object count: 2
19:44:44.0298 5008 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - will be cured on reboot
19:44:44.0313 5008 \Device\Harddisk0\DR0 - ok
19:44:44.0313 5008 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - User select action: Cure
19:44:44.0313 5008 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
19:44:44.0313 5008 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip

Zitat:

19:44:44.0298 5008 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - will be cured on reboot
19:44:44.0313 5008 \Device\Harddisk0\DR0 - ok
19:44:44.0313 5008 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - User select action: Cure
19:44:44.0313 5008 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
19:44:44.0313 5008 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip

Bitte die Anleitungen richtig lesen!
Du solltest erstmal nur das Log erstellen aber noch nichts entfernen!
Der Hinweis dazu war extra fett und in blauer Schrift angebracht!

In deinem Fall müssen aber beide Einträge weg, Rootkit.Boot.Pihar.b sowie TDSS File System.
Beides mit dem TDSS-Killer entfernen. Windows neustarten und ein neues Log mit dem TDSS-Killer machen.

oh..hatte ganz vergessen das log zu posten ;) sorry wegen dem löschen, dachte bei beiden würde skip stehen und bin dann direkt auf continue und hab dann erst gesehen, dass eins gelöscht wurde...

20:59:36.0435 4248 TDSS rootkit removing tool 2.6.18.0 Nov 11 2011 15:47:15
20:59:36.0575 4248 ============================================================
20:59:36.0575 4248 Current date / time: 2011/11/12 20:59:36.0575
20:59:36.0575 4248 SystemInfo:
20:59:36.0575 4248
20:59:36.0575 4248 OS Version: 6.1.7600 ServicePack: 0.0
20:59:36.0575 4248 Product type: Workstation
20:59:36.0575 4248 ComputerName: THERESA-PC
20:59:36.0575 4248 UserName: Theresa
20:59:36.0575 4248 Windows directory: C:\Windows
20:59:36.0575 4248 System windows directory: C:\Windows
20:59:36.0575 4248 Running under WOW64
20:59:36.0575 4248 Processor architecture: Intel x64
20:59:36.0575 4248 Number of processors: 4
20:59:36.0575 4248 Page size: 0x1000
20:59:36.0575 4248 Boot type: Normal boot
20:59:36.0575 4248 ============================================================
20:59:37.0090 4248 Initialize success
21:00:23.0547 2784 ============================================================
21:00:23.0547 2784 Scan started
21:00:23.0547 2784 Mode: Manual; SigCheck; TDLFS;
21:00:23.0547 2784 ============================================================
21:00:25.0217 2784 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\DRIVERS\1394ohci.sys
21:00:25.0388 2784 1394ohci - ok
21:00:25.0497 2784 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\DRIVERS\ACPI.sys
21:00:25.0544 2784 ACPI - ok
21:00:25.0575 2784 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\DRIVERS\acpipmi.sys
21:00:25.0669 2784 AcpiPmi - ok
21:00:25.0809 2784 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
21:00:25.0841 2784 adp94xx - ok
21:00:25.0887 2784 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
21:00:25.0903 2784 adpahci - ok
21:00:25.0934 2784 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
21:00:25.0950 2784 adpu320 - ok
21:00:26.0043 2784 AFD (6ef20ddf3172e97d69f596fb90602f29) C:\Windows\system32\drivers\afd.sys
21:00:26.0137 2784 AFD - ok
21:00:26.0199 2784 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\DRIVERS\agp440.sys
21:00:26.0231 2784 agp440 - ok
21:00:26.0262 2784 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\DRIVERS\aliide.sys
21:00:26.0277 2784 aliide - ok
21:00:26.0309 2784 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\DRIVERS\amdide.sys
21:00:26.0324 2784 amdide - ok
21:00:26.0340 2784 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
21:00:26.0371 2784 AmdK8 - ok
21:00:26.0387 2784 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
21:00:26.0465 2784 AmdPPM - ok
21:00:26.0511 2784 amdsata (ec7ebab00a4d8448bab68d1e49b4beb9) C:\Windows\system32\drivers\amdsata.sys
21:00:26.0527 2784 amdsata - ok
21:00:26.0558 2784 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
21:00:26.0574 2784 amdsbs - ok
21:00:26.0605 2784 amdxata (db27766102c7bf7e95140a2aa81d042e) C:\Windows\system32\drivers\amdxata.sys
21:00:26.0621 2784 amdxata - ok
21:00:26.0745 2784 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys
21:00:26.0886 2784 AppID - ok
21:00:26.0964 2784 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
21:00:26.0979 2784 arc - ok
21:00:27.0011 2784 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
21:00:27.0042 2784 arcsas - ok
21:00:27.0182 2784 ASMMAP64 (4c016fd76ed5c05e84ca8cab77993961) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys
21:00:27.0291 2784 ASMMAP64 - ok
21:00:27.0307 2784 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
21:00:27.0510 2784 AsyncMac - ok
21:00:27.0541 2784 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\DRIVERS\atapi.sys
21:00:27.0557 2784 atapi - ok
21:00:27.0619 2784 athr (f8633cdd09647a64ee8db550630427ff) C:\Windows\system32\DRIVERS\athrx.sys
21:00:27.0697 2784 athr - ok
21:00:27.0853 2784 ATKWMIACPIIO (1f7238a37389ed92e9d8eee975cabd54) C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys
21:00:27.0869 2784 ATKWMIACPIIO - ok
21:00:28.0009 2784 avgntflt (aa8f79a1bdfc03b3bc70c44ab00589b4) C:\Windows\system32\DRIVERS\avgntflt.sys
21:00:28.0025 2784 avgntflt - ok
21:00:28.0056 2784 avipbb (d959309ececca73fc79f8ef8521346b2) C:\Windows\system32\DRIVERS\avipbb.sys
21:00:28.0087 2784 avipbb - ok
21:00:28.0087 2784 avkmgr (248db59fc86de44d2779f4c7fb1a567d) C:\Windows\system32\DRIVERS\avkmgr.sys
21:00:28.0103 2784 avkmgr - ok
21:00:28.0165 2784 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
21:00:28.0259 2784 b06bdrv - ok
21:00:28.0305 2784 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
21:00:28.0368 2784 b57nd60a - ok
21:00:28.0415 2784 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
21:00:28.0477 2784 Beep - ok
21:00:28.0539 2784 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
21:00:28.0602 2784 blbdrive - ok
21:00:28.0649 2784 bowser (19d20159708e152267e53b66677a4995) C:\Windows\system32\DRIVERS\bowser.sys
21:00:28.0695 2784 bowser - ok
21:00:28.0727 2784 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
21:00:28.0773 2784 BrFiltLo - ok
21:00:28.0773 2784 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
21:00:28.0806 2784 BrFiltUp - ok
21:00:28.0852 2784 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
21:00:28.0921 2784 Brserid - ok
21:00:28.0936 2784 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
21:00:28.0983 2784 BrSerWdm - ok
21:00:28.0992 2784 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
21:00:29.0037 2784 BrUsbMdm - ok
21:00:29.0047 2784 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
21:00:29.0069 2784 BrUsbSer - ok
21:00:29.0130 2784 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys
21:00:29.0199 2784 BthEnum - ok
21:00:29.0231 2784 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
21:00:29.0278 2784 BTHMODEM - ok
21:00:29.0278 2784 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
21:00:29.0322 2784 BthPan - ok
21:00:29.0382 2784 BTHPORT (21084ceb85280468c9aca3c805c0f8cf) C:\Windows\System32\Drivers\BTHport.sys
21:00:29.0458 2784 BTHPORT - ok
21:00:29.0536 2784 BTHUSB (8504842634dd144c075b6b0c982ccec4) C:\Windows\System32\Drivers\BTHUSB.sys
21:00:29.0586 2784 BTHUSB - ok
21:00:29.0748 2784 catchme - ok
21:00:29.0843 2784 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
21:00:29.0922 2784 cdfs - ok
21:00:29.0969 2784 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys
21:00:30.0000 2784 cdrom - ok
21:00:30.0078 2784 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
21:00:30.0140 2784 circlass - ok
21:00:30.0218 2784 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
21:00:30.0249 2784 CLFS - ok
21:00:30.0374 2784 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
21:00:30.0421 2784 CmBatt - ok
21:00:30.0437 2784 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\DRIVERS\cmdide.sys
21:00:30.0452 2784 cmdide - ok
21:00:30.0499 2784 CNG (f95fd4cb7da00ba2a63ce9f6b5c053e1) C:\Windows\system32\Drivers\cng.sys
21:00:30.0546 2784 CNG - ok
21:00:30.0577 2784 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
21:00:30.0593 2784 Compbatt - ok
21:00:30.0608 2784 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\DRIVERS\CompositeBus.sys
21:00:30.0655 2784 CompositeBus - ok
21:00:30.0702 2784 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
21:00:30.0717 2784 crcdisk - ok
21:00:30.0811 2784 DfsC (9c253ce7311ca60fc11c774692a13208) C:\Windows\system32\Drivers\dfsc.sys
21:00:30.0889 2784 DfsC - ok
21:00:30.0920 2784 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
21:00:30.0998 2784 discache - ok
21:00:31.0045 2784 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
21:00:31.0061 2784 Disk - ok
21:00:31.0092 2784 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
21:00:31.0139 2784 drmkaud - ok
21:00:31.0201 2784 DXGKrnl (1633b9abf52784a1331476397a48cbef) C:\Windows\System32\drivers\dxgkrnl.sys
21:00:31.0232 2784 DXGKrnl - ok
21:00:31.0341 2784 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
21:00:31.0482 2784 ebdrv - ok
21:00:31.0575 2784 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
21:00:31.0622 2784 elxstor - ok
21:00:31.0622 2784 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\DRIVERS\errdev.sys
21:00:31.0669 2784 ErrDev - ok
21:00:31.0716 2784 ETD (5b042aa9cebdab5b61e747ddcebff51b) C:\Windows\system32\DRIVERS\ETD.sys
21:00:31.0747 2784 ETD - ok
21:00:31.0794 2784 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
21:00:31.0856 2784 exfat - ok
21:00:31.0887 2784 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
21:00:31.0950 2784 fastfat - ok
21:00:31.0981 2784 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
21:00:32.0012 2784 fdc - ok
21:00:32.0043 2784 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
21:00:32.0059 2784 FileInfo - ok
21:00:32.0075 2784 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
21:00:32.0168 2784 Filetrace - ok
21:00:32.0199 2784 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
21:00:32.0231 2784 flpydisk - ok
21:00:32.0262 2784 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys
21:00:32.0277 2784 FltMgr - ok
21:00:32.0293 2784 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
21:00:32.0309 2784 FsDepends - ok
21:00:32.0355 2784 fssfltr (6c06701bf1db05405804d7eb610991ce) C:\Windows\system32\DRIVERS\fssfltr.sys
21:00:32.0371 2784 fssfltr - ok
21:00:32.0418 2784 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
21:00:32.0449 2784 Fs_Rec - ok
21:00:32.0527 2784 fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\Windows\system32\DRIVERS\fvevol.sys
21:00:32.0558 2784 fvevol - ok
21:00:32.0605 2784 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
21:00:32.0621 2784 gagp30kx - ok
21:00:32.0683 2784 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
21:00:32.0699 2784 GEARAspiWDM - ok
21:00:32.0761 2784 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
21:00:32.0808 2784 hcw85cir - ok
21:00:32.0839 2784 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\Windows\system32\drivers\HdAudio.sys
21:00:32.0901 2784 HdAudAddService - ok
21:00:32.0948 2784 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\DRIVERS\HDAudBus.sys
21:00:33.0011 2784 HDAudBus - ok
21:00:33.0011 2784 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
21:00:33.0042 2784 HidBatt - ok
21:00:33.0058 2784 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
21:00:33.0073 2784 HidBth - ok
21:00:33.0104 2784 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
21:00:33.0151 2784 HidIr - ok
21:00:33.0198 2784 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys
21:00:33.0214 2784 HidUsb - ok
21:00:33.0260 2784 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\DRIVERS\HpSAMD.sys
21:00:33.0276 2784 HpSAMD - ok
21:00:33.0307 2784 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys
21:00:33.0385 2784 HTTP - ok
21:00:33.0401 2784 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys
21:00:33.0416 2784 hwpolicy - ok
21:00:33.0432 2784 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
21:00:33.0448 2784 i8042prt - ok
21:00:33.0494 2784 iaStor (f7ce9be72edac499b713eca6dae5d26f) C:\Windows\system32\DRIVERS\iaStor.sys
21:00:33.0510 2784 iaStor - ok
21:00:33.0557 2784 iaStorV (b75e45c564e944a2657167d197ab29da) C:\Windows\system32\drivers\iaStorV.sys
21:00:33.0588 2784 iaStorV - ok
21:00:33.0869 2784 igfx (efe5a0af39a8e179624117c521f1e012) C:\Windows\system32\DRIVERS\igdkmd64.sys
21:00:34.0259 2784 igfx - ok
21:00:34.0306 2784 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
21:00:34.0321 2784 iirsp - ok
21:00:34.0462 2784 IntcAzAudAddService (3e3926f4fa7c9162c5c3ec6bf1e4f349) C:\Windows\system32\drivers\RTKVHD64.sys
21:00:34.0571 2784 IntcAzAudAddService - ok
21:00:34.0633 2784 IntcDAud (fc727061c0f47c8059e88e05d5c8e381) C:\Windows\system32\DRIVERS\IntcDAud.sys
21:00:34.0680 2784 IntcDAud - ok
21:00:34.0711 2784 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\DRIVERS\intelide.sys
21:00:34.0711 2784 intelide - ok
21:00:34.0758 2784 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
21:00:34.0805 2784 intelppm - ok
21:00:34.0836 2784 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:00:34.0914 2784 IpFilterDriver - ok
21:00:34.0930 2784 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\DRIVERS\IPMIDrv.sys
21:00:34.0945 2784 IPMIDRV - ok
21:00:34.0961 2784 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
21:00:34.0992 2784 IPNAT - ok
21:00:35.0039 2784 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
21:00:35.0148 2784 IRENUM - ok
21:00:35.0148 2784 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\DRIVERS\isapnp.sys
21:00:35.0164 2784 isapnp - ok
21:00:35.0195 2784 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\DRIVERS\msiscsi.sys
21:00:35.0210 2784 iScsiPrt - ok
21:00:35.0242 2784 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
21:00:35.0242 2784 kbdclass - ok
21:00:35.0257 2784 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys
21:00:35.0304 2784 kbdhid - ok
21:00:35.0366 2784 kbfiltr (e63ef8c3271d014f14e2469ce75fecb4) C:\Windows\system32\DRIVERS\kbfiltr.sys
21:00:35.0382 2784 kbfiltr - ok
21:00:35.0413 2784 KSecDD (e8b6fcc9c83535c67f835d407620bd27) C:\Windows\system32\Drivers\ksecdd.sys
21:00:35.0429 2784 KSecDD - ok
21:00:35.0460 2784 KSecPkg (a8c63880ef6f4d3fec7b616b9c060215) C:\Windows\system32\Drivers\ksecpkg.sys
21:00:35.0460 2784 KSecPkg - ok
21:00:35.0491 2784 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
21:00:35.0554 2784 ksthunk - ok
21:00:35.0600 2784 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
21:00:35.0694 2784 lltdio - ok
21:00:35.0725 2784 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
21:00:35.0741 2784 LSI_FC - ok
21:00:35.0772 2784 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
21:00:35.0772 2784 LSI_SAS - ok
21:00:35.0803 2784 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
21:00:35.0803 2784 LSI_SAS2 - ok
21:00:35.0819 2784 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
21:00:35.0834 2784 LSI_SCSI - ok
21:00:35.0850 2784 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
21:00:35.0912 2784 luafv - ok
21:00:35.0990 2784 MBAMProtector (23a854450dab5c9b7a42ab9be6f2e4bd) C:\Windows\system32\drivers\mbam.sys
21:00:36.0022 2784 MBAMProtector - ok
21:00:36.0053 2784 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
21:00:36.0053 2784 megasas - ok
21:00:36.0084 2784 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
21:00:36.0100 2784 MegaSR - ok
21:00:36.0131 2784 MEIx64 (1c6e73fc46b509eff9d0086aa37132df) C:\Windows\system32\DRIVERS\HECIx64.sys
21:00:36.0146 2784 MEIx64 - ok
21:00:36.0146 2784 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
21:00:36.0209 2784 Modem - ok
21:00:36.0256 2784 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
21:00:36.0287 2784 monitor - ok
21:00:36.0318 2784 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
21:00:36.0334 2784 mouclass - ok
21:00:36.0365 2784 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
21:00:36.0396 2784 mouhid - ok
21:00:36.0443 2784 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys
21:00:36.0443 2784 mountmgr - ok
21:00:36.0458 2784 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\DRIVERS\mpio.sys
21:00:36.0474 2784 mpio - ok
21:00:36.0505 2784 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
21:00:36.0568 2784 mpsdrv - ok
21:00:36.0599 2784 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys
21:00:36.0646 2784 MRxDAV - ok
21:00:36.0677 2784 mrxsmb (040d62a9d8ad28922632137acdd984f2) C:\Windows\system32\DRIVERS\mrxsmb.sys
21:00:36.0739 2784 mrxsmb - ok
21:00:36.0786 2784 mrxsmb10 (f0067552f8f9b33d7c59403ab808a3cb) C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:00:36.0833 2784 mrxsmb10 - ok
21:00:36.0880 2784 mrxsmb20 (3c142d31de9f2f193218a53fe2632051) C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:00:36.0926 2784 mrxsmb20 - ok
21:00:36.0973 2784 msahci (5c37497276e3b3a5488b23a326a754b7) C:\Windows\system32\DRIVERS\msahci.sys
21:00:36.0989 2784 msahci - ok
21:00:37.0020 2784 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\DRIVERS\msdsm.sys
21:00:37.0036 2784 msdsm - ok
21:00:37.0067 2784 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
21:00:37.0114 2784 Msfs - ok
21:00:37.0160 2784 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
21:00:37.0238 2784 mshidkmdf - ok
21:00:37.0270 2784 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\DRIVERS\msisadrv.sys
21:00:37.0270 2784 msisadrv - ok
21:00:37.0316 2784 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
21:00:37.0363 2784 MSKSSRV - ok
21:00:37.0363 2784 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
21:00:37.0426 2784 MSPCLOCK - ok
21:00:37.0426 2784 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
21:00:37.0472 2784 MSPQM - ok
21:00:37.0519 2784 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys
21:00:37.0550 2784 MsRPC - ok
21:00:37.0566 2784 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
21:00:37.0582 2784 mssmbios - ok
21:00:37.0582 2784 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
21:00:37.0628 2784 MSTEE - ok
21:00:37.0628 2784 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
21:00:37.0675 2784 MTConfig - ok
21:00:37.0691 2784 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
21:00:37.0706 2784 Mup - ok
21:00:37.0738 2784 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
21:00:37.0784 2784 NativeWifiP - ok
21:00:37.0847 2784 NDIS (a3151b3463eea7e47f618f115d0d142e) C:\Windows\system32\drivers\ndis.sys
21:00:37.0894 2784 NDIS - ok
21:00:37.0909 2784 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
21:00:37.0972 2784 NdisCap - ok
21:00:38.0003 2784 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
21:00:38.0065 2784 NdisTapi - ok
21:00:38.0096 2784 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys
21:00:38.0128 2784 Ndisuio - ok
21:00:38.0159 2784 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys
21:00:38.0221 2784 NdisWan - ok
21:00:38.0268 2784 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys
21:00:38.0346 2784 NDProxy - ok
21:00:38.0377 2784 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
21:00:38.0424 2784 NetBIOS - ok
21:00:38.0486 2784 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys
21:00:38.0580 2784 NetBT - ok
21:00:38.0627 2784 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
21:00:38.0642 2784 nfrd960 - ok
21:00:38.0674 2784 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
21:00:38.0720 2784 Npfs - ok
21:00:38.0736 2784 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
21:00:38.0814 2784 nsiproxy - ok
21:00:38.0892 2784 Ntfs (378e0e0dfea67d98ae6ea53adbbd76bc) C:\Windows\system32\drivers\Ntfs.sys
21:00:38.0986 2784 Ntfs - ok
21:00:39.0001 2784 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
21:00:39.0064 2784 Null - ok
21:00:39.0391 2784 nvlddmkm (d5dea2c1865cab9ee6aa29cf9e79a2ce) C:\Windows\system32\DRIVERS\nvlddmkm.sys
21:00:39.0797 2784 nvlddmkm - ok
21:00:39.0828 2784 nvpciflt (5ef70f7714c664bcf50edfc141dea9b8) C:\Windows\system32\DRIVERS\nvpciflt.sys
21:00:39.0828 2784 nvpciflt - ok
21:00:39.0859 2784 nvraid (a4d9c9a608a97f59307c2f2600edc6a4) C:\Windows\system32\drivers\nvraid.sys
21:00:39.0875 2784 nvraid - ok
21:00:39.0906 2784 nvstor (6c1d5f70e7a6a3fd1c90d840edc048b9) C:\Windows\system32\drivers\nvstor.sys
21:00:39.0906 2784 nvstor - ok
21:00:39.0984 2784 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\DRIVERS\nv_agp.sys
21:00:39.0984 2784 nv_agp - ok
21:00:40.0000 2784 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\DRIVERS\ohci1394.sys
21:00:40.0031 2784 ohci1394 - ok
21:00:40.0078 2784 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
21:00:40.0109 2784 Parport - ok
21:00:40.0140 2784 partmgr (7daa117143316c4a1537e074a5a9eaf0) C:\Windows\system32\drivers\partmgr.sys
21:00:40.0156 2784 partmgr - ok
21:00:40.0187 2784 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\DRIVERS\pci.sys
21:00:40.0202 2784 pci - ok
21:00:40.0218 2784 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
21:00:40.0234 2784 pciide - ok
21:00:40.0249 2784 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
21:00:40.0265 2784 pcmcia - ok
21:00:40.0296 2784 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
21:00:40.0296 2784 pcw - ok
21:00:40.0327 2784 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
21:00:40.0390 2784 PEAUTH - ok
21:00:40.0468 2784 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys
21:00:40.0561 2784 PptpMiniport - ok
21:00:40.0577 2784 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
21:00:40.0624 2784 Processor - ok
21:00:40.0655 2784 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys
21:00:40.0702 2784 Psched - ok
21:00:40.0780 2784 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
21:00:40.0873 2784 ql2300 - ok
21:00:40.0873 2784 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
21:00:40.0889 2784 ql40xx - ok
21:00:40.0904 2784 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
21:00:40.0982 2784 QWAVEdrv - ok
21:00:41.0014 2784 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
21:00:41.0060 2784 RasAcd - ok
21:00:41.0107 2784 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
21:00:41.0201 2784 RasAgileVpn - ok
21:00:41.0232 2784 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys
21:00:41.0263 2784 Rasl2tp - ok
21:00:41.0294 2784 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
21:00:41.0372 2784 RasPppoe - ok
21:00:41.0388 2784 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
21:00:41.0482 2784 RasSstp - ok
21:00:41.0513 2784 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys
21:00:41.0544 2784 rdbss - ok
21:00:41.0560 2784 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
21:00:41.0606 2784 rdpbus - ok
21:00:41.0638 2784 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
21:00:41.0716 2784 RDPCDD - ok
21:00:41.0747 2784 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
21:00:41.0809 2784 RDPENCDD - ok
21:00:41.0840 2784 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
21:00:41.0918 2784 RDPREFMP - ok
21:00:41.0934 2784 RDPWD (8a3e6bea1c53ea6177fe2b6eba2c80d7) C:\Windows\system32\drivers\RDPWD.sys
21:00:41.0981 2784 RDPWD - ok
21:00:42.0012 2784 rdyboost (e5dc9ba9e439d6dbdd79f8caacb5bf01) C:\Windows\system32\drivers\rdyboost.sys
21:00:42.0028 2784 rdyboost - ok
21:00:42.0090 2784 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
21:00:42.0121 2784 RFCOMM - ok
21:00:42.0152 2784 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
21:00:42.0230 2784 rspndr - ok
21:00:42.0293 2784 RSUSBVSTOR (e57fac2cdb73f06586ed2ed310b80932) C:\Windows\system32\Drivers\RtsUVStor.sys
21:00:42.0308 2784 RSUSBVSTOR - ok
21:00:42.0340 2784 RTL8167 (6d3c7e7d82d3dc92dc2a8b0df9f20f8a) C:\Windows\system32\DRIVERS\Rt64win7.sys
21:00:42.0355 2784 RTL8167 - ok
21:00:42.0386 2784 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\DRIVERS\sbp2port.sys
21:00:42.0402 2784 sbp2port - ok
21:00:42.0449 2784 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys
21:00:42.0542 2784 scfilter - ok
21:00:42.0574 2784 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
21:00:42.0667 2784 secdrv - ok
21:00:42.0714 2784 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
21:00:42.0745 2784 Serenum - ok
21:00:42.0776 2784 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
21:00:42.0808 2784 Serial - ok
21:00:42.0823 2784 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
21:00:42.0839 2784 sermouse - ok
21:00:42.0854 2784 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys
21:00:42.0886 2784 sffdisk - ok
21:00:42.0901 2784 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\DRIVERS\sffp_mmc.sys
21:00:42.0932 2784 sffp_mmc - ok
21:00:42.0948 2784 sffp_sd (178298f767fe638c9fedcbdef58bb5e4) C:\Windows\system32\DRIVERS\sffp_sd.sys
21:00:42.0964 2784 sffp_sd - ok
21:00:42.0964 2784 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
21:00:42.0979 2784 sfloppy - ok
21:00:43.0073 2784 Sftfs (a40abfdcb75f835fdf3ce0cc64e4250d) C:\Windows\system32\DRIVERS\Sftfslh.sys
21:00:43.0120 2784 Sftfs - ok
21:00:43.0182 2784 Sftplay (411769ed1cb12d2b44217734347bdb7a) C:\Windows\system32\DRIVERS\Sftplaylh.sys
21:00:43.0213 2784 Sftplay - ok
21:00:43.0229 2784 Sftredir (a14d0df34bbb00ea94da16193d0c7957) C:\Windows\system32\DRIVERS\Sftredirlh.sys
21:00:43.0244 2784 Sftredir - ok
21:00:43.0260 2784 Sftvol (393b22addd89979eb1c60898f51c3648) C:\Windows\system32\DRIVERS\Sftvollh.sys
21:00:43.0260 2784 Sftvol - ok
21:00:43.0307 2784 SiSGbeLH (1bc348cf6baa90ec8e533ef6e6a69933) C:\Windows\system32\DRIVERS\SiSG664.sys
21:00:43.0322 2784 SiSGbeLH - ok
21:00:43.0354 2784 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
21:00:43.0369 2784 SiSRaid2 - ok
21:00:43.0385 2784 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
21:00:43.0400 2784 SiSRaid4 - ok
21:00:43.0416 2784 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
21:00:43.0478 2784 Smb - ok
21:00:43.0510 2784 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
21:00:43.0525 2784 spldr - ok
21:00:43.0556 2784 srv (2408c0366d96bcdf63e8f1c78e4a29c5) C:\Windows\system32\DRIVERS\srv.sys
21:00:43.0619 2784 srv - ok
21:00:43.0650 2784 srv2 (76548f7b818881b47d8d1ae1be9c11f8) C:\Windows\system32\DRIVERS\srv2.sys
21:00:43.0697 2784 srv2 - ok
21:00:43.0744 2784 srvnet (0af6e19d39c70844c5caa8fb0183c36e) C:\Windows\system32\DRIVERS\srvnet.sys
21:00:43.0775 2784 srvnet - ok
21:00:43.0837 2784 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
21:00:43.0853 2784 stexstor - ok
21:00:43.0915 2784 StillCam (decacb6921ded1a38642642685d77dac) C:\Windows\system32\DRIVERS\serscan.sys
21:00:43.0946 2784 StillCam - ok
21:00:43.0978 2784 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
21:00:43.0993 2784 swenum - ok
21:00:44.0102 2784 Tcpip (f18f56efc0bfb9c87ba01c37b27f4da5) C:\Windows\system32\drivers\tcpip.sys
21:00:44.0212 2784 Tcpip - ok
21:00:44.0258 2784 TCPIP6 (f18f56efc0bfb9c87ba01c37b27f4da5) C:\Windows\system32\DRIVERS\tcpip.sys
21:00:44.0290 2784 TCPIP6 - ok
21:00:44.0321 2784 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys
21:00:44.0368 2784 tcpipreg - ok
21:00:44.0399 2784 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
21:00:44.0461 2784 TDPIPE - ok
21:00:44.0477 2784 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
21:00:44.0508 2784 TDTCP - ok
21:00:44.0539 2784 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys
21:00:44.0602 2784 tdx - ok
21:00:44.0633 2784 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\DRIVERS\termdd.sys
21:00:44.0633 2784 TermDD - ok
21:00:44.0664 2784 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys
21:00:44.0726 2784 tssecsrv - ok
21:00:44.0773 2784 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys
21:00:44.0820 2784 tunnel - ok
21:00:44.0851 2784 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
21:00:44.0867 2784 uagp35 - ok
21:00:44.0867 2784 udfs (d47baead86c65d4f4069d7ce0a4edceb) C:\Windows\system32\DRIVERS\udfs.sys
21:00:44.0929 2784 udfs - ok
21:00:44.0960 2784 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\DRIVERS\uliagpkx.sys
21:00:44.0992 2784 uliagpkx - ok
21:00:45.0007 2784 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys
21:00:45.0054 2784 umbus - ok
21:00:45.0054 2784 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
21:00:45.0085 2784 UmPass - ok
21:00:45.0132 2784 usbccgp (537a4e03d7103c12d42dfd8ffdb5bdc9) C:\Windows\system32\DRIVERS\usbccgp.sys
21:00:45.0194 2784 usbccgp - ok
21:00:45.0226 2784 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\DRIVERS\usbcir.sys
21:00:45.0257 2784 usbcir - ok
21:00:45.0288 2784 usbehci (fbb21ebe49f6d560db37ac25fbc68e66) C:\Windows\system32\drivers\usbehci.sys
21:00:45.0335 2784 usbehci - ok
21:00:45.0366 2784 usbhub (6b7a8a99c4a459e73c286a6763ea24cc) C:\Windows\system32\DRIVERS\usbhub.sys
21:00:45.0413 2784 usbhub - ok
21:00:45.0460 2784 usbohci (8c88aa7617b4cbc2e4bed61d26b33a27) C:\Windows\system32\drivers\usbohci.sys
21:00:45.0506 2784 usbohci - ok
21:00:45.0538 2784 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
21:00:45.0584 2784 usbprint - ok
21:00:45.0616 2784 USBSTOR (f39983647bc1f3e6100778ddfe9dce29) C:\Windows\system32\DRIVERS\USBSTOR.SYS
21:00:45.0694 2784 USBSTOR - ok
21:00:45.0725 2784 usbuhci (0b5b3b2df3fd1709618acfa50b8392b0) C:\Windows\system32\drivers\usbuhci.sys
21:00:45.0772 2784 usbuhci - ok
21:00:45.0803 2784 usbvideo (7cb8c573c6e4a2714402cc0a36eab4fe) C:\Windows\system32\Drivers\usbvideo.sys
21:00:45.0865 2784 usbvideo - ok
21:00:45.0896 2784 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\DRIVERS\vdrvroot.sys
21:00:45.0912 2784 vdrvroot - ok
21:00:45.0943 2784 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
21:00:45.0959 2784 vga - ok
21:00:45.0990 2784 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
21:00:46.0052 2784 VgaSave - ok
21:00:46.0052 2784 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\DRIVERS\vhdmp.sys
21:00:46.0068 2784 vhdmp - ok
21:00:46.0084 2784 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\DRIVERS\viaide.sys
21:00:46.0084 2784 viaide - ok
21:00:46.0115 2784 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\DRIVERS\volmgr.sys
21:00:46.0130 2784 volmgr - ok
21:00:46.0146 2784 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys
21:00:46.0162 2784 volmgrx - ok
21:00:46.0193 2784 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\DRIVERS\volsnap.sys
21:00:46.0208 2784 volsnap - ok
21:00:46.0255 2784 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
21:00:46.0271 2784 vsmraid - ok
21:00:46.0286 2784 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
21:00:46.0318 2784 vwifibus - ok
21:00:46.0349 2784 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
21:00:46.0380 2784 vwififlt - ok
21:00:46.0442 2784 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
21:00:46.0489 2784 WacomPen - ok
21:00:46.0520 2784 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
21:00:46.0583 2784 WANARP - ok
21:00:46.0598 2784 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
21:00:46.0630 2784 Wanarpv6 - ok
21:00:46.0692 2784 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
21:00:46.0692 2784 Wd - ok
21:00:46.0723 2784 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
21:00:46.0754 2784 Wdf01000 - ok
21:00:46.0786 2784 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
21:00:46.0832 2784 WfpLwf - ok
21:00:46.0895 2784 WimFltr (52ded146e4797e6ccf94799e8e22bb2a) C:\Windows\system32\DRIVERS\wimfltr.sys
21:00:46.0910 2784 WimFltr - ok
21:00:46.0942 2784 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
21:00:46.0957 2784 WIMMount - ok
21:00:47.0020 2784 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys
21:00:47.0051 2784 WmiAcpi - ok
21:00:47.0098 2784 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
21:00:47.0144 2784 ws2ifsl - ok
21:00:47.0176 2784 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys
21:00:47.0254 2784 WudfPf - ok
21:00:47.0269 2784 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\Windows\system32\DRIVERS\WUDFRd.sys
21:00:47.0316 2784 WUDFRd - ok
21:00:47.0363 2784 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
21:00:47.0456 2784 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
21:00:47.0456 2784 \Device\Harddisk0\DR0 - detected TDSS File System (1)
21:00:47.0472 2784 Boot (0x1200) (36f051b353f0e2e5b500817ef97c9750) \Device\Harddisk0\DR0\Partition0
21:00:47.0472 2784 \Device\Harddisk0\DR0\Partition0 - ok
21:00:47.0488 2784 Boot (0x1200) (8558885ac146a853f9aa57c214e29368) \Device\Harddisk0\DR0\Partition1
21:00:47.0488 2784 \Device\Harddisk0\DR0\Partition1 - ok
21:00:47.0488 2784 ============================================================
21:00:47.0488 2784 Scan finished
21:00:47.0488 2784 ============================================================
21:00:47.0534 5288 Detected object count: 1
21:00:47.0534 5288 Actual detected object count: 1
21:01:57.0993 5288 \Device\Harddisk0\DR0\TDLFS - deleted
21:01:57.0993 5288 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Delete

Zitat:

21:01:57.0993 5288 \Device\Harddisk0\DR0\TDLFS - deleted
21:01:57.0993 5288 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Delete

Ok, ist nun gelöscht. Mach bitte ein neues Log mit dem TDSS-Killer und poste es.

okay, heißt das mein laptop ist jetzt komplett frei von viren? :)

21:31:34.0485 6932 TDSS rootkit removing tool 2.6.18.0 Nov 11 2011 15:47:15
21:31:34.0813 6932 ============================================================
21:31:34.0813 6932 Current date / time: 2011/11/15 21:31:34.0813
21:31:34.0813 6932 SystemInfo:
21:31:34.0813 6932
21:31:34.0813 6932 OS Version: 6.1.7600 ServicePack: 0.0
21:31:34.0813 6932 Product type: Workstation
21:31:34.0813 6932 ComputerName: THERESA-PC
21:31:34.0813 6932 UserName: Theresa
21:31:34.0813 6932 Windows directory: C:\Windows
21:31:34.0813 6932 System windows directory: C:\Windows
21:31:34.0813 6932 Running under WOW64
21:31:34.0813 6932 Processor architecture: Intel x64
21:31:34.0813 6932 Number of processors: 4
21:31:34.0813 6932 Page size: 0x1000
21:31:34.0813 6932 Boot type: Normal boot
21:31:34.0813 6932 ============================================================
21:31:35.0421 6932 Initialize success
21:31:42.0129 6644 ============================================================
21:31:42.0129 6644 Scan started
21:31:42.0129 6644 Mode: Manual; SigCheck; TDLFS;
21:31:42.0129 6644 ============================================================
21:31:43.0075 6644 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\DRIVERS\1394ohci.sys
21:31:43.0239 6644 1394ohci - ok
21:31:43.0353 6644 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\DRIVERS\ACPI.sys
21:31:43.0389 6644 ACPI - ok
21:31:43.0433 6644 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\DRIVERS\acpipmi.sys
21:31:43.0543 6644 AcpiPmi - ok
21:31:43.0706 6644 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
21:31:43.0750 6644 adp94xx - ok
21:31:43.0771 6644 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
21:31:43.0818 6644 adpahci - ok
21:31:43.0868 6644 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
21:31:43.0886 6644 adpu320 - ok
21:31:43.0970 6644 AFD (6ef20ddf3172e97d69f596fb90602f29) C:\Windows\system32\drivers\afd.sys
21:31:44.0104 6644 AFD - ok
21:31:44.0171 6644 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\DRIVERS\agp440.sys
21:31:44.0187 6644 agp440 - ok
21:31:44.0233 6644 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\DRIVERS\aliide.sys
21:31:44.0265 6644 aliide - ok
21:31:44.0311 6644 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\DRIVERS\amdide.sys
21:31:44.0327 6644 amdide - ok
21:31:44.0343 6644 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
21:31:44.0421 6644 AmdK8 - ok
21:31:44.0436 6644 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
21:31:44.0530 6644 AmdPPM - ok
21:31:44.0592 6644 amdsata (ec7ebab00a4d8448bab68d1e49b4beb9) C:\Windows\system32\drivers\amdsata.sys
21:31:44.0623 6644 amdsata - ok
21:31:44.0639 6644 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
21:31:44.0670 6644 amdsbs - ok
21:31:44.0717 6644 amdxata (db27766102c7bf7e95140a2aa81d042e) C:\Windows\system32\drivers\amdxata.sys
21:31:44.0748 6644 amdxata - ok
21:31:44.0826 6644 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys
21:31:44.0967 6644 AppID - ok
21:31:45.0013 6644 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
21:31:45.0029 6644 arc - ok
21:31:45.0045 6644 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
21:31:45.0076 6644 arcsas - ok
21:31:45.0201 6644 ASMMAP64 (4c016fd76ed5c05e84ca8cab77993961) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys
21:31:45.0247 6644 ASMMAP64 - ok
21:31:45.0279 6644 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
21:31:45.0497 6644 AsyncMac - ok
21:31:45.0528 6644 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\DRIVERS\atapi.sys
21:31:45.0559 6644 atapi - ok
21:31:45.0637 6644 athr (f8633cdd09647a64ee8db550630427ff) C:\Windows\system32\DRIVERS\athrx.sys
21:31:45.0731 6644 athr - ok
21:31:45.0871 6644 ATKWMIACPIIO (1f7238a37389ed92e9d8eee975cabd54) C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys
21:31:45.0887 6644 ATKWMIACPIIO - ok
21:31:46.0027 6644 avgntflt (aa8f79a1bdfc03b3bc70c44ab00589b4) C:\Windows\system32\DRIVERS\avgntflt.sys
21:31:46.0043 6644 avgntflt - ok
21:31:46.0074 6644 avipbb (d959309ececca73fc79f8ef8521346b2) C:\Windows\system32\DRIVERS\avipbb.sys
21:31:46.0105 6644 avipbb - ok
21:31:46.0121 6644 avkmgr (248db59fc86de44d2779f4c7fb1a567d) C:\Windows\system32\DRIVERS\avkmgr.sys
21:31:46.0137 6644 avkmgr - ok
21:31:46.0215 6644 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
21:31:46.0308 6644 b06bdrv - ok
21:31:46.0355 6644 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
21:31:46.0417 6644 b57nd60a - ok
21:31:46.0464 6644 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
21:31:46.0542 6644 Beep - ok
21:31:46.0605 6644 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
21:31:46.0667 6644 blbdrive - ok
21:31:46.0745 6644 bowser (19d20159708e152267e53b66677a4995) C:\Windows\system32\DRIVERS\bowser.sys
21:31:46.0823 6644 bowser - ok
21:31:46.0870 6644 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
21:31:46.0932 6644 BrFiltLo - ok
21:31:46.0932 6644 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
21:31:46.0979 6644 BrFiltUp - ok
21:31:47.0010 6644 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
21:31:47.0073 6644 Brserid - ok
21:31:47.0119 6644 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
21:31:47.0182 6644 BrSerWdm - ok
21:31:47.0213 6644 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
21:31:47.0275 6644 BrUsbMdm - ok
21:31:47.0291 6644 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
21:31:47.0322 6644 BrUsbSer - ok
21:31:47.0385 6644 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys
21:31:47.0463 6644 BthEnum - ok
21:31:47.0463 6644 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
21:31:47.0525 6644 BTHMODEM - ok
21:31:47.0541 6644 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
21:31:47.0603 6644 BthPan - ok
21:31:47.0665 6644 BTHPORT (21084ceb85280468c9aca3c805c0f8cf) C:\Windows\System32\Drivers\BTHport.sys
21:31:47.0743 6644 BTHPORT - ok
21:31:47.0790 6644 BTHUSB (8504842634dd144c075b6b0c982ccec4) C:\Windows\System32\Drivers\BTHUSB.sys
21:31:47.0837 6644 BTHUSB - ok
21:31:47.0899 6644 catchme - ok
21:31:47.0962 6644 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
21:31:48.0055 6644 cdfs - ok
21:31:48.0102 6644 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys
21:31:48.0165 6644 cdrom - ok
21:31:48.0211 6644 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
21:31:48.0289 6644 circlass - ok
21:31:48.0336 6644 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
21:31:48.0367 6644 CLFS - ok
21:31:48.0492 6644 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
21:31:48.0539 6644 CmBatt - ok
21:31:48.0586 6644 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\DRIVERS\cmdide.sys
21:31:48.0601 6644 cmdide - ok
21:31:48.0679 6644 CNG (f95fd4cb7da00ba2a63ce9f6b5c053e1) C:\Windows\system32\Drivers\cng.sys
21:31:48.0773 6644 CNG - ok
21:31:48.0820 6644 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
21:31:48.0851 6644 Compbatt - ok
21:31:48.0867 6644 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\DRIVERS\CompositeBus.sys
21:31:48.0913 6644 CompositeBus - ok
21:31:48.0960 6644 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
21:31:48.0991 6644 crcdisk - ok
21:31:49.0085 6644 DfsC (9c253ce7311ca60fc11c774692a13208) C:\Windows\system32\Drivers\dfsc.sys
21:31:49.0163 6644 DfsC - ok
21:31:49.0194 6644 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
21:31:49.0303 6644 discache - ok
21:31:49.0350 6644 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
21:31:49.0366 6644 Disk - ok
21:31:49.0397 6644 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
21:31:49.0459 6644 drmkaud - ok
21:31:49.0537 6644 DXGKrnl (1633b9abf52784a1331476397a48cbef) C:\Windows\System32\drivers\dxgkrnl.sys
21:31:49.0600 6644 DXGKrnl - ok
21:31:49.0709 6644 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
21:31:49.0865 6644 ebdrv - ok
21:31:49.0959 6644 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
21:31:50.0005 6644 elxstor - ok
21:31:50.0021 6644 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\DRIVERS\errdev.sys
21:31:50.0068 6644 ErrDev - ok
21:31:50.0146 6644 ETD (5b042aa9cebdab5b61e747ddcebff51b) C:\Windows\system32\DRIVERS\ETD.sys
21:31:50.0177 6644 ETD - ok
21:31:50.0208 6644 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
21:31:50.0333 6644 exfat - ok
21:31:50.0364 6644 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
21:31:50.0473 6644 fastfat - ok
21:31:50.0505 6644 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
21:31:50.0567 6644 fdc - ok
21:31:50.0614 6644 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
21:31:50.0629 6644 FileInfo - ok
21:31:50.0661 6644 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
21:31:50.0754 6644 Filetrace - ok
21:31:50.0770 6644 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
21:31:50.0832 6644 flpydisk - ok
21:31:50.0863 6644 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys
21:31:50.0879 6644 FltMgr - ok
21:31:50.0910 6644 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
21:31:50.0926 6644 FsDepends - ok
21:31:50.0973 6644 fssfltr (6c06701bf1db05405804d7eb610991ce) C:\Windows\system32\DRIVERS\fssfltr.sys
21:31:50.0988 6644 fssfltr - ok
21:31:51.0035 6644 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
21:31:51.0066 6644 Fs_Rec - ok
21:31:51.0129 6644 fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\Windows\system32\DRIVERS\fvevol.sys
21:31:51.0160 6644 fvevol - ok
21:31:51.0207 6644 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
21:31:51.0222 6644 gagp30kx - ok
21:31:51.0285 6644 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
21:31:51.0316 6644 GEARAspiWDM - ok
21:31:51.0378 6644 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
21:31:51.0441 6644 hcw85cir - ok
21:31:51.0472 6644 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\Windows\system32\drivers\HdAudio.sys
21:31:51.0550 6644 HdAudAddService - ok
21:31:51.0612 6644 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\DRIVERS\HDAudBus.sys
21:31:51.0706 6644 HDAudBus - ok
21:31:51.0721 6644 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
21:31:51.0784 6644 HidBatt - ok
21:31:51.0815 6644 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
21:31:51.0877 6644 HidBth - ok
21:31:51.0893 6644 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
21:31:51.0940 6644 HidIr - ok
21:31:51.0987 6644 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys
21:31:52.0033 6644 HidUsb - ok
21:31:52.0080 6644 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\DRIVERS\HpSAMD.sys
21:31:52.0127 6644 HpSAMD - ok
21:31:52.0174 6644 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys
21:31:52.0283 6644 HTTP - ok
21:31:52.0299 6644 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys
21:31:52.0330 6644 hwpolicy - ok
21:31:52.0345 6644 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
21:31:52.0377 6644 i8042prt - ok
21:31:52.0439 6644 iaStor (f7ce9be72edac499b713eca6dae5d26f) C:\Windows\system32\DRIVERS\iaStor.sys
21:31:52.0470 6644 iaStor - ok
21:31:52.0517 6644 iaStorV (b75e45c564e944a2657167d197ab29da) C:\Windows\system32\drivers\iaStorV.sys
21:31:52.0564 6644 iaStorV - ok
21:31:52.0860 6644 igfx (efe5a0af39a8e179624117c521f1e012) C:\Windows\system32\DRIVERS\igdkmd64.sys
21:31:53.0344 6644 igfx - ok
21:31:53.0406 6644 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
21:31:53.0422 6644 iirsp - ok
21:31:53.0593 6644 IntcAzAudAddService (3e3926f4fa7c9162c5c3ec6bf1e4f349) C:\Windows\system32\drivers\RTKVHD64.sys
21:31:53.0718 6644 IntcAzAudAddService - ok
21:31:53.0765 6644 IntcDAud (fc727061c0f47c8059e88e05d5c8e381) C:\Windows\system32\DRIVERS\IntcDAud.sys
21:31:53.0843 6644 IntcDAud - ok
21:31:53.0874 6644 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\DRIVERS\intelide.sys
21:31:53.0905 6644 intelide - ok
21:31:53.0937 6644 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
21:31:53.0983 6644 intelppm - ok
21:31:54.0015 6644 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:31:54.0124 6644 IpFilterDriver - ok
21:31:54.0139 6644 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\DRIVERS\IPMIDrv.sys
21:31:54.0171 6644 IPMIDRV - ok
21:31:54.0186 6644 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
21:31:54.0249 6644 IPNAT - ok
21:31:54.0280 6644 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
21:31:54.0373 6644 IRENUM - ok
21:31:54.0389 6644 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\DRIVERS\isapnp.sys
21:31:54.0405 6644 isapnp - ok
21:31:54.0467 6644 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\DRIVERS\msiscsi.sys
21:31:54.0498 6644 iScsiPrt - ok
21:31:54.0529 6644 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
21:31:54.0561 6644 kbdclass - ok
21:31:54.0607 6644 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys
21:31:54.0685 6644 kbdhid - ok
21:31:54.0779 6644 kbfiltr (e63ef8c3271d014f14e2469ce75fecb4) C:\Windows\system32\DRIVERS\kbfiltr.sys
21:31:54.0795 6644 kbfiltr - ok
21:31:54.0826 6644 KSecDD (e8b6fcc9c83535c67f835d407620bd27) C:\Windows\system32\Drivers\ksecdd.sys
21:31:54.0857 6644 KSecDD - ok
21:31:54.0888 6644 KSecPkg (a8c63880ef6f4d3fec7b616b9c060215) C:\Windows\system32\Drivers\ksecpkg.sys
21:31:54.0919 6644 KSecPkg - ok
21:31:54.0935 6644 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
21:31:55.0044 6644 ksthunk - ok
21:31:55.0122 6644 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
21:31:55.0216 6644 lltdio - ok
21:31:55.0278 6644 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
21:31:55.0294 6644 LSI_FC - ok
21:31:55.0325 6644 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
21:31:55.0341 6644 LSI_SAS - ok
21:31:55.0356 6644 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
21:31:55.0372 6644 LSI_SAS2 - ok
21:31:55.0387 6644 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
21:31:55.0403 6644 LSI_SCSI - ok
21:31:55.0434 6644 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
21:31:55.0528 6644 luafv - ok
21:31:55.0621 6644 MBAMProtector (23a854450dab5c9b7a42ab9be6f2e4bd) C:\Windows\system32\drivers\mbam.sys
21:31:55.0637 6644 MBAMProtector - ok
21:31:55.0684 6644 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
21:31:55.0699 6644 megasas - ok
21:31:55.0731 6644 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
21:31:55.0762 6644 MegaSR - ok
21:31:55.0793 6644 MEIx64 (1c6e73fc46b509eff9d0086aa37132df) C:\Windows\system32\DRIVERS\HECIx64.sys
21:31:55.0809 6644 MEIx64 - ok
21:31:55.0824 6644 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
21:31:55.0887 6644 Modem - ok
21:31:55.0933 6644 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
21:31:55.0980 6644 monitor - ok
21:31:56.0043 6644 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
21:31:56.0058 6644 mouclass - ok
21:31:56.0089 6644 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
21:31:56.0136 6644 mouhid - ok
21:31:56.0183 6644 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys
21:31:56.0199 6644 mountmgr - ok
21:31:56.0230 6644 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\DRIVERS\mpio.sys
21:31:56.0245 6644 mpio - ok
21:31:56.0277 6644 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
21:31:56.0370 6644 mpsdrv - ok
21:31:56.0386 6644 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys
21:31:56.0417 6644 MRxDAV - ok
21:31:56.0464 6644 mrxsmb (040d62a9d8ad28922632137acdd984f2) C:\Windows\system32\DRIVERS\mrxsmb.sys
21:31:56.0526 6644 mrxsmb - ok
21:31:56.0557 6644 mrxsmb10 (f0067552f8f9b33d7c59403ab808a3cb) C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:31:56.0620 6644 mrxsmb10 - ok
21:31:56.0651 6644 mrxsmb20 (3c142d31de9f2f193218a53fe2632051) C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:31:56.0682 6644 mrxsmb20 - ok
21:31:56.0713 6644 msahci (5c37497276e3b3a5488b23a326a754b7) C:\Windows\system32\DRIVERS\msahci.sys
21:31:56.0729 6644 msahci - ok
21:31:56.0807 6644 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\DRIVERS\msdsm.sys
21:31:56.0823 6644 msdsm - ok
21:31:56.0885 6644 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
21:31:56.0979 6644 Msfs - ok
21:31:57.0010 6644 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
21:31:57.0119 6644 mshidkmdf - ok
21:31:57.0150 6644 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\DRIVERS\msisadrv.sys
21:31:57.0150 6644 msisadrv - ok
21:31:57.0213 6644 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
21:31:57.0275 6644 MSKSSRV - ok
21:31:57.0291 6644 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
21:31:57.0353 6644 MSPCLOCK - ok
21:31:57.0369 6644 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
21:31:57.0415 6644 MSPQM - ok
21:31:57.0462 6644 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys
21:31:57.0478 6644 MsRPC - ok
21:31:57.0493 6644 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
21:31:57.0509 6644 mssmbios - ok
21:31:57.0525 6644 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
21:31:57.0571 6644 MSTEE - ok
21:31:57.0587 6644 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
21:31:57.0618 6644 MTConfig - ok
21:31:57.0634 6644 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
21:31:57.0649 6644 Mup - ok
21:31:57.0696 6644 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
21:31:57.0759 6644 NativeWifiP - ok
21:31:57.0837 6644 NDIS (a3151b3463eea7e47f618f115d0d142e) C:\Windows\system32\drivers\ndis.sys
21:31:57.0899 6644 NDIS - ok
21:31:57.0930 6644 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
21:31:58.0008 6644 NdisCap - ok
21:31:58.0039 6644 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
21:31:58.0133 6644 NdisTapi - ok
21:31:58.0180 6644 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys
21:31:58.0258 6644 Ndisuio - ok
21:31:58.0273 6644 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys
21:31:58.0336 6644 NdisWan - ok
21:31:58.0383 6644 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys
21:31:58.0476 6644 NDProxy - ok
21:31:58.0539 6644 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
21:31:58.0632 6644 NetBIOS - ok
21:31:58.0679 6644 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys
21:31:58.0757 6644 NetBT - ok
21:31:58.0819 6644 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
21:31:58.0851 6644 nfrd960 - ok
21:31:58.0882 6644 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
21:31:58.0975 6644 Npfs - ok
21:31:58.0991 6644 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
21:31:59.0069 6644 nsiproxy - ok
21:31:59.0163 6644 Ntfs (378e0e0dfea67d98ae6ea53adbbd76bc) C:\Windows\system32\drivers\Ntfs.sys
21:31:59.0256 6644 Ntfs - ok
21:31:59.0287 6644 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
21:31:59.0365 6644 Null - ok
21:31:59.0771 6644 nvlddmkm (d5dea2c1865cab9ee6aa29cf9e79a2ce) C:\Windows\system32\DRIVERS\nvlddmkm.sys
21:32:00.0255 6644 nvlddmkm - ok
21:32:00.0270 6644 nvpciflt (5ef70f7714c664bcf50edfc141dea9b8) C:\Windows\system32\DRIVERS\nvpciflt.sys
21:32:00.0286 6644 nvpciflt - ok
21:32:00.0317 6644 nvraid (a4d9c9a608a97f59307c2f2600edc6a4) C:\Windows\system32\drivers\nvraid.sys
21:32:00.0333 6644 nvraid - ok
21:32:00.0364 6644 nvstor (6c1d5f70e7a6a3fd1c90d840edc048b9) C:\Windows\system32\drivers\nvstor.sys
21:32:00.0379 6644 nvstor - ok
21:32:00.0442 6644 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\DRIVERS\nv_agp.sys
21:32:00.0473 6644 nv_agp - ok
21:32:00.0489 6644 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\DRIVERS\ohci1394.sys
21:32:00.0535 6644 ohci1394 - ok
21:32:00.0598 6644 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
21:32:00.0660 6644 Parport - ok
21:32:00.0691 6644 partmgr (7daa117143316c4a1537e074a5a9eaf0) C:\Windows\system32\drivers\partmgr.sys
21:32:00.0707 6644 partmgr - ok
21:32:00.0738 6644 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\DRIVERS\pci.sys
21:32:00.0769 6644 pci - ok
21:32:00.0801 6644 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
21:32:00.0816 6644 pciide - ok
21:32:00.0847 6644 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
21:32:00.0879 6644 pcmcia - ok
21:32:00.0894 6644 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
21:32:00.0910 6644 pcw - ok
21:32:00.0941 6644 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
21:32:01.0035 6644 PEAUTH - ok
21:32:01.0128 6644 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys
21:32:01.0222 6644 PptpMiniport - ok
21:32:01.0237 6644 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
21:32:01.0284 6644 Processor - ok
21:32:01.0331 6644 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys
21:32:01.0425 6644 Psched - ok
21:32:01.0487 6644 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
21:32:01.0581 6644 ql2300 - ok
21:32:01.0581 6644 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
21:32:01.0596 6644 ql40xx - ok
21:32:01.0627 6644 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
21:32:01.0690 6644 QWAVEdrv - ok
21:32:01.0705 6644 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
21:32:01.0768 6644 RasAcd - ok
21:32:01.0815 6644 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
21:32:01.0908 6644 RasAgileVpn - ok
21:32:01.0955 6644 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys
21:32:02.0002 6644 Rasl2tp - ok
21:32:02.0049 6644 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
21:32:02.0158 6644 RasPppoe - ok
21:32:02.0189 6644 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
21:32:02.0251 6644 RasSstp - ok
21:32:02.0283 6644 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys
21:32:02.0345 6644 rdbss - ok
21:32:02.0376 6644 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
21:32:02.0423 6644 rdpbus - ok
21:32:02.0439 6644 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
21:32:02.0517 6644 RDPCDD - ok
21:32:02.0563 6644 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
21:32:02.0657 6644 RDPENCDD - ok
21:32:02.0688 6644 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
21:32:02.0782 6644 RDPREFMP - ok
21:32:02.0797 6644 RDPWD (8a3e6bea1c53ea6177fe2b6eba2c80d7) C:\Windows\system32\drivers\RDPWD.sys
21:32:02.0860 6644 RDPWD - ok
21:32:02.0891 6644 rdyboost (e5dc9ba9e439d6dbdd79f8caacb5bf01) C:\Windows\system32\drivers\rdyboost.sys
21:32:02.0922 6644 rdyboost - ok
21:32:02.0985 6644 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
21:32:03.0031 6644 RFCOMM - ok
21:32:03.0080 6644 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
21:32:03.0180 6644 rspndr - ok
21:32:03.0245 6644 RSUSBVSTOR (e57fac2cdb73f06586ed2ed310b80932) C:\Windows\system32\Drivers\RtsUVStor.sys
21:32:03.0275 6644 RSUSBVSTOR - ok
21:32:03.0332 6644 RTL8167 (6d3c7e7d82d3dc92dc2a8b0df9f20f8a) C:\Windows\system32\DRIVERS\Rt64win7.sys
21:32:03.0365 6644 RTL8167 - ok
21:32:03.0396 6644 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\DRIVERS\sbp2port.sys
21:32:03.0419 6644 sbp2port - ok
21:32:03.0479 6644 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys
21:32:03.0583 6644 scfilter - ok
21:32:03.0630 6644 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
21:32:03.0728 6644 secdrv - ok
21:32:03.0767 6644 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
21:32:03.0806 6644 Serenum - ok
21:32:03.0818 6644 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
21:32:03.0863 6644 Serial - ok
21:32:03.0873 6644 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
21:32:03.0895 6644 sermouse - ok
21:32:03.0919 6644 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys
21:32:03.0972 6644 sffdisk - ok
21:32:03.0972 6644 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\DRIVERS\sffp_mmc.sys
21:32:04.0027 6644 sffp_mmc - ok
21:32:04.0039 6644 sffp_sd (178298f767fe638c9fedcbdef58bb5e4) C:\Windows\system32\DRIVERS\sffp_sd.sys
21:32:04.0063 6644 sffp_sd - ok
21:32:04.0074 6644 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
21:32:04.0109 6644 sfloppy - ok
21:32:04.0187 6644 Sftfs (a40abfdcb75f835fdf3ce0cc64e4250d) C:\Windows\system32\DRIVERS\Sftfslh.sys
21:32:04.0249 6644 Sftfs - ok
21:32:04.0296 6644 Sftplay (411769ed1cb12d2b44217734347bdb7a) C:\Windows\system32\DRIVERS\Sftplaylh.sys
21:32:04.0327 6644 Sftplay - ok
21:32:04.0343 6644 Sftredir (a14d0df34bbb00ea94da16193d0c7957) C:\Windows\system32\DRIVERS\Sftredirlh.sys
21:32:04.0358 6644 Sftredir - ok
21:32:04.0390 6644 Sftvol (393b22addd89979eb1c60898f51c3648) C:\Windows\system32\DRIVERS\Sftvollh.sys
21:32:04.0405 6644 Sftvol - ok
21:32:04.0468 6644 SiSGbeLH (1bc348cf6baa90ec8e533ef6e6a69933) C:\Windows\system32\DRIVERS\SiSG664.sys
21:32:04.0499 6644 SiSGbeLH - ok
21:32:04.0530 6644 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
21:32:04.0546 6644 SiSRaid2 - ok
21:32:04.0561 6644 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
21:32:04.0577 6644 SiSRaid4 - ok
21:32:04.0592 6644 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
21:32:04.0686 6644 Smb - ok
21:32:04.0717 6644 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
21:32:04.0733 6644 spldr - ok
21:32:04.0811 6644 srv (2408c0366d96bcdf63e8f1c78e4a29c5) C:\Windows\system32\DRIVERS\srv.sys
21:32:04.0889 6644 srv - ok
21:32:04.0920 6644 srv2 (76548f7b818881b47d8d1ae1be9c11f8) C:\Windows\system32\DRIVERS\srv2.sys
21:32:04.0982 6644 srv2 - ok
21:32:05.0029 6644 srvnet (0af6e19d39c70844c5caa8fb0183c36e) C:\Windows\system32\DRIVERS\srvnet.sys
21:32:05.0076 6644 srvnet - ok
21:32:05.0138 6644 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
21:32:05.0154 6644 stexstor - ok
21:32:05.0216 6644 StillCam (decacb6921ded1a38642642685d77dac) C:\Windows\system32\DRIVERS\serscan.sys
21:32:05.0248 6644 StillCam - ok
21:32:05.0279 6644 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
21:32:05.0310 6644 swenum - ok
21:32:05.0419 6644 Tcpip (f18f56efc0bfb9c87ba01c37b27f4da5) C:\Windows\system32\drivers\tcpip.sys
21:32:05.0528 6644 Tcpip - ok
21:32:05.0560 6644 TCPIP6 (f18f56efc0bfb9c87ba01c37b27f4da5) C:\Windows\system32\DRIVERS\tcpip.sys
21:32:05.0622 6644 TCPIP6 - ok
21:32:05.0653 6644 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys
21:32:05.0731 6644 tcpipreg - ok
21:32:05.0778 6644 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
21:32:05.0856 6644 TDPIPE - ok
21:32:05.0872 6644 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
21:32:05.0934 6644 TDTCP - ok
21:32:05.0965 6644 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys
21:32:06.0028 6644 tdx - ok
21:32:06.0059 6644 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\DRIVERS\termdd.sys
21:32:06.0074 6644 TermDD - ok
21:32:06.0121 6644 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys
21:32:06.0199 6644 tssecsrv - ok
21:32:06.0262 6644 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys
21:32:06.0308 6644 tunnel - ok
21:32:06.0340 6644 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
21:32:06.0355 6644 uagp35 - ok
21:32:06.0371 6644 udfs (d47baead86c65d4f4069d7ce0a4edceb) C:\Windows\system32\DRIVERS\udfs.sys
21:32:06.0433 6644 udfs - ok
21:32:06.0480 6644 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\DRIVERS\uliagpkx.sys
21:32:06.0496 6644 uliagpkx - ok
21:32:06.0511 6644 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys
21:32:06.0542 6644 umbus - ok
21:32:06.0558 6644 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
21:32:06.0574 6644 UmPass - ok
21:32:06.0620 6644 usbccgp (537a4e03d7103c12d42dfd8ffdb5bdc9) C:\Windows\system32\DRIVERS\usbccgp.sys
21:32:06.0683 6644 usbccgp - ok
21:32:06.0714 6644 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\DRIVERS\usbcir.sys
21:32:06.0761 6644 usbcir - ok
21:32:06.0792 6644 usbehci (fbb21ebe49f6d560db37ac25fbc68e66) C:\Windows\system32\drivers\usbehci.sys
21:32:06.0854 6644 usbehci - ok
21:32:06.0901 6644 usbhub (6b7a8a99c4a459e73c286a6763ea24cc) C:\Windows\system32\DRIVERS\usbhub.sys
21:32:06.0964 6644 usbhub - ok
21:32:07.0010 6644 usbohci (8c88aa7617b4cbc2e4bed61d26b33a27) C:\Windows\system32\drivers\usbohci.sys
21:32:07.0073 6644 usbohci - ok
21:32:07.0151 6644 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
21:32:07.0198 6644 usbprint - ok
21:32:07.0244 6644 USBSTOR (f39983647bc1f3e6100778ddfe9dce29) C:\Windows\system32\DRIVERS\USBSTOR.SYS
21:32:07.0307 6644 USBSTOR - ok
21:32:07.0338 6644 usbuhci (0b5b3b2df3fd1709618acfa50b8392b0) C:\Windows\system32\drivers\usbuhci.sys
21:32:07.0385 6644 usbuhci - ok
21:32:07.0447 6644 usbvideo (7cb8c573c6e4a2714402cc0a36eab4fe) C:\Windows\system32\Drivers\usbvideo.sys
21:32:07.0510 6644 usbvideo - ok
21:32:07.0556 6644 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\DRIVERS\vdrvroot.sys
21:32:07.0588 6644 vdrvroot - ok
21:32:07.0619 6644 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
21:32:07.0650 6644 vga - ok
21:32:07.0681 6644 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
21:32:07.0790 6644 VgaSave - ok
21:32:07.0790 6644 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\DRIVERS\vhdmp.sys
21:32:07.0822 6644 vhdmp - ok
21:32:07.0822 6644 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\DRIVERS\viaide.sys
21:32:07.0837 6644 viaide - ok
21:32:07.0868 6644 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\DRIVERS\volmgr.sys
21:32:07.0884 6644 volmgr - ok
21:32:07.0915 6644 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys
21:32:07.0946 6644 volmgrx - ok
21:32:07.0978 6644 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\DRIVERS\volsnap.sys
21:32:07.0993 6644 volsnap - ok
21:32:08.0040 6644 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
21:32:08.0056 6644 vsmraid - ok
21:32:08.0087 6644 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
21:32:08.0134 6644 vwifibus - ok
21:32:08.0165 6644 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
21:32:08.0227 6644 vwififlt - ok
21:32:08.0274 6644 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
21:32:08.0321 6644 WacomPen - ok
21:32:08.0352 6644 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
21:32:08.0446 6644 WANARP - ok
21:32:08.0446 6644 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
21:32:08.0508 6644 Wanarpv6 - ok
21:32:08.0602 6644 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
21:32:08.0633 6644 Wd - ok
21:32:08.0680 6644 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
21:32:08.0726 6644 Wdf01000 - ok
21:32:08.0773 6644 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
21:32:08.0820 6644 WfpLwf - ok
21:32:08.0898 6644 WimFltr (52ded146e4797e6ccf94799e8e22bb2a) C:\Windows\system32\DRIVERS\wimfltr.sys
21:32:08.0914 6644 WimFltr - ok
21:32:08.0945 6644 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
21:32:08.0976 6644 WIMMount - ok
21:32:09.0070 6644 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys
21:32:09.0116 6644 WmiAcpi - ok
21:32:09.0179 6644 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
21:32:09.0288 6644 ws2ifsl - ok
21:32:09.0319 6644 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys
21:32:09.0413 6644 WudfPf - ok
21:32:09.0444 6644 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\Windows\system32\DRIVERS\WUDFRd.sys
21:32:09.0538 6644 WUDFRd - ok
21:32:09.0600 6644 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
21:32:09.0740 6644 \Device\Harddisk0\DR0 - ok
21:32:09.0756 6644 Boot (0x1200) (36f051b353f0e2e5b500817ef97c9750) \Device\Harddisk0\DR0\Partition0
21:32:09.0756 6644 \Device\Harddisk0\DR0\Partition0 - ok
21:32:09.0787 6644 Boot (0x1200) (8558885ac146a853f9aa57c214e29368) \Device\Harddisk0\DR0\Partition1
21:32:09.0787 6644 \Device\Harddisk0\DR0\Partition1 - ok
21:32:09.0787 6644 ============================================================
21:32:09.0787 6644 Scan finished
21:32:09.0787 6644 ============================================================
21:32:09.0803 6652 Detected object count: 0
21:32:09.0803 6652 Actual detected object count: 0

Dann bitte jetzt CF ausführen:

ComboFix

Ein Leitfaden und Tutorium zur Nutzung von ComboFix

Lade dir ComboFix hier herunter auf deinen Desktop.

Schliesse alle Programme, vor allem dein Antivirenprogramm und andere Hintergrundwächter sowie deinen Internetbrowser.

Starte cofi.exe von deinem Desktop aus, bestätige die Warnmeldungen, führe die Updates durch (falls vorgeschlagen), installiere die Wiederherstellungskonsole (falls vorgeschlagen) und lass dein System durchsuchen.
Vermeide es auch während Combofix läuft die Maus und Tastatur zu benutzen.

Im Anschluss öffnet sich automatisch eine combofix.txt, diesen Inhalt bitte kopieren ([Strg]a, [Strg]c) und in deinen Beitrag einfügen ([Strg]v). Die Datei findest du außerdem unter: C:\ComboFix.txt.

Wichtiger Hinweis:

Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat!

Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich ziehen und eine Bereinigung der Infektion noch erschweren.

Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie

Zitat:

Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.

startest du Windows dann manuell neu und die Fehlermeldungen sollten nicht mehr auftauchen.

Combofix Logfile:

Code:

ComboFix 11-11-16.02 - Theresa 16.11.2011  23:55:01.3.4 - x64

Microsoft Windows 7 Home Premium   6.1.7600.0.1252.49.1031.18.4008.2334 [GMT -5:00]

ausgeführt von:: c:\users\Theresa\Desktop\ComboFix.exe

AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}

SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

.

((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\windows\svchost.exe

c:\windows\SysWow64\0.26519880160489306.exe

.

---- Vorheriger Suchlauf -------

.

c:\users\Theresa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Restore\System Restore.lnk

c:\users\Theresa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Restore\Uninstall System Restore.lnk

c:\users\Theresa\Desktop\Setup.exe

c:\windows\svchost.exe

.

.

(((((((((((((((((((((((((((((((((((((((   Treiber/Dienste   )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

-------\Service_RkHit

.

.

(((((((((((((((((((((((   Dateien erstellt von 2011-10-17 bis 2011-11-17  ))))))))))))))))))))))))))))))

.

.

2011-11-17 05:01 . 2011-11-17 05:01        --------        d-----w-        c:\users\User\AppData\Local\temp

2011-11-17 05:01 . 2011-11-17 05:01        --------        d-----w-        c:\users\UpdatusUser\AppData\Local\temp

2011-11-17 05:01 . 2011-11-17 05:01        --------        d-----w-        c:\users\Public\AppData\Local\temp

2011-11-17 05:01 . 2011-11-17 05:01        --------        d-----w-        c:\users\Default\AppData\Local\temp

2011-11-17 04:43 . 2011-11-17 04:43        69000        ----a-w-        c:\programdata\Microsoft\Windows Defender\Definition Updates\{25D6DF39-E1F8-473A-A849-42273B6490FE}\offreg.dll

2011-11-16 01:41 . 2011-10-18 06:27        8570192        ----a-w-        c:\programdata\Microsoft\Windows Defender\Definition Updates\{25D6DF39-E1F8-473A-A849-42273B6490FE}\mpengine.dll

2011-11-09 17:54 . 2011-10-01 05:28        886784        ----a-w-        c:\program files\Common Files\System\wab32.dll

2011-11-09 17:54 . 2011-10-01 04:43        708608        ----a-w-        c:\program files (x86)\Common Files\System\wab32.dll

2011-11-09 17:54 . 2011-09-29 16:24        1897328        ----a-w-        c:\windows\system32\drivers\tcpip.sys

2011-11-09 17:54 . 2011-09-29 04:09        3141120        ----a-w-        c:\windows\system32\win32k.sys

2011-11-09 01:13 . 2011-11-17 04:40        45056        ----a-w-        c:\windows\system32\acovcnt.exe

2011-11-09 01:10 . 2011-11-09 01:10        --------        d-----w-        C:\_OTL

2011-11-07 21:31 . 2011-11-07 21:31        --------        d-----w-        c:\programdata\RegCure

2011-11-07 21:31 . 2011-11-07 21:33        --------        d-----w-        c:\program files (x86)\RegCure

2011-11-07 17:33 . 2011-11-07 17:33        --------        d-----w-        c:\program files (x86)\ESET

2011-11-01 22:22 . 2011-11-01 22:22        --------        d-sh--w-        c:\windows\SysWow64\%USERPROFILE%

2011-10-29 20:00 . 2011-11-02 01:12        --------        d-----w-        c:\program files\CCleaner

2011-10-29 14:16 . 2011-10-29 14:16        --------        d-----w-        c:\users\User\AppData\Roaming\Avira

2011-10-29 14:07 . 2011-10-29 14:07        --------        d-----w-        c:\users\User\AppData\Roaming\Apple Computer

2011-10-26 03:15 . 2011-08-15 05:08        6144        ----a-w-        c:\program files\Internet Explorer\iecompat.dll

2011-10-26 03:15 . 2011-08-15 04:25        6144        ----a-w-        c:\program files (x86)\Internet Explorer\iecompat.dll

2011-10-20 14:24 . 2011-10-20 14:45        --------        d-----w-        c:\users\Theresa\AppData\Roaming\Download Manager

2011-10-20 13:07 . 2011-11-02 01:11        --------        d-sh--w-        c:\windows\SysWow64\%APPDATA%

2011-10-20 12:42 . 2011-10-20 12:42        --------        d-----w-        c:\windows\Sun

.

.

.

((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2011-10-01 03:21 . 2011-10-13 21:29        1638912        ----a-w-        c:\windows\system32\mshtml.tlb

2011-10-01 02:59 . 2011-10-13 21:29        1638912        ----a-w-        c:\windows\SysWow64\mshtml.tlb

2011-09-22 18:52 . 2011-09-22 18:53        472808        ----a-w-        c:\windows\SysWow64\deployJava1.dll

2011-09-18 12:39 . 2011-10-12 12:11        130760        ----a-w-        c:\windows\system32\drivers\avipbb.sys

2011-09-16 03:55 . 2011-10-12 12:11        97312        ----a-w-        c:\windows\system32\drivers\avgntflt.sys

2011-09-16 03:55 . 2011-10-12 12:11        27760        ----a-w-        c:\windows\system32\drivers\avkmgr.sys

2011-09-14 00:05 . 2011-08-01 23:53        404640        ----a-w-        c:\windows\SysWow64\FlashPlayerCPLApp.cpl

2011-08-31 22:00 . 2011-09-25 23:17        25416        ----a-w-        c:\windows\system32\drivers\mbam.sys

2011-08-31 03:05 . 2011-08-31 03:05        96104        ----a-w-        c:\windows\system32\dns-sd.exe

2011-08-31 03:05 . 2011-08-31 03:05        85864        ----a-w-        c:\windows\system32\dnssd.dll

2011-08-31 03:05 . 2011-08-31 03:05        61288        ----a-w-        c:\windows\system32\jdns_sd.dll

2011-08-31 03:05 . 2011-08-31 03:05        212840        ----a-w-        c:\windows\system32\dnssdX.dll

2011-08-31 03:05 . 2011-08-31 03:05        83816        ----a-w-        c:\windows\SysWow64\dns-sd.exe

2011-08-31 03:05 . 2011-08-31 03:05        73064        ----a-w-        c:\windows\SysWow64\dnssd.dll

2011-08-31 03:05 . 2011-08-31 03:05        50536        ----a-w-        c:\windows\SysWow64\jdns_sd.dll

2011-08-31 03:05 . 2011-08-31 03:05        178536        ----a-w-        c:\windows\SysWow64\dnssdX.dll

2011-08-27 05:40 . 2011-10-13 21:29        331776        ----a-w-        c:\windows\system32\oleacc.dll

2011-08-27 05:40 . 2011-10-13 21:29        861184        ----a-w-        c:\windows\system32\oleaut32.dll

2011-08-27 04:43 . 2011-10-13 21:29        571904        ----a-w-        c:\windows\SysWow64\oleaut32.dll

2011-08-27 04:43 . 2011-10-13 21:29        233472        ----a-w-        c:\windows\SysWow64\oleacc.dll

2011-08-20 05:45 . 2011-10-13 21:29        1197568        ----a-w-        c:\windows\system32\wininet.dll

2011-08-20 05:41 . 2011-10-13 21:29        57856        ----a-w-        c:\windows\system32\licmgr10.dll

2011-08-20 04:38 . 2011-10-13 21:29        981504        ----a-w-        c:\windows\SysWow64\wininet.dll

2011-08-20 04:35 . 2011-10-13 21:29        44544        ----a-w-        c:\windows\SysWow64\licmgr10.dll

2011-08-20 04:20 . 2011-10-13 21:29        482816        ----a-w-        c:\windows\system32\html.iec

2011-08-20 03:26 . 2011-10-13 21:29        386048        ----a-w-        c:\windows\SysWow64\html.iec

.

.

((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))

.

.

*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 

REGEDIT4

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1475072]

"Syncables"="c:\program files (x86)\syncables\syncables desktop\Syncables.exe" [2010-07-19 370480]

"SpybotSD TeaTimer"="c:\program files (x86)\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]

"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2011-10-13 19550344]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"UpdateLBPShortCut"="c:\program files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]

"UpdateP2GoShortCut"="c:\program files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]

"Nuance PDF Reader-reminder"="c:\program files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe" [2008-11-03 328992]

"SonicMasterTray"="c:\program files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe" [2010-07-10 984400]

"ATKOSD2"="c:\program files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe" [2010-08-17 5732992]

"ATKMEDIA"="c:\program files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe" [2010-10-07 170624]

"HControlUser"="c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe" [2009-06-19 105016]

"Wireless Console 3"="c:\program files (x86)\ASUS\Wireless Console 3\wcourier.exe" [2010-09-23 1601536]

"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920]

"SSBkgdUpdate"="c:\program files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2006-09-28 185896]

"OpwareSE4"="c:\program files (x86)\ScanSoft\OmniPageSE4.0\OpwareSE4.exe" [2006-10-11 75304]

"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]

"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376]

"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2011-10-05 258512]

"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-09-27 59240]

"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2011-07-05 421888]

"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2011-10-09 421736]

"Malwarebytes' Anti-Malware"="c:\users\Theresa\Desktop\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-08-31 449608]

.

c:\users\Theresa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

OpenOffice.org 3.3.lnk - c:\program files (x86)\OpenOffice.org 3\program\quickstart.exe [2010-12-13 1198592]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]

"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]

"aux"=wdmaud.drv

.

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]

Security Packages        REG_MULTI_SZ           kerberos msv1_0 schannel wdigest tspkg pku2u livessp

.

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]

R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-01-12 135664]

R2 MBAMService;MBAMService;c:\users\Theresa\Desktop\Malwarebytes' Anti-Malware\mbamservice.exe [2011-08-31 366152]

R3 gupdatem;Google Update-Dienst (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-01-12 135664]

R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]

R3 Partner Service;Partner Service;c:\programdata\Partner\Partner.exe [2011-01-12 332272]

R3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUVStor.sys [x]

R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys [x]

R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe [x]

R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]

S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys [x]

S1 ATKWMIACPIIO;ATKWMIACPI Driver;c:\program files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2010-07-26 17024]

S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [x]

S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]

S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]

S2 AFBAgent;AFBAgent;c:\windows\system32\FBAgent.exe [x]

S2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2011-10-05 86224]

S2 ASMMAP64;ASMMAP64;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-03 15416]

S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2010-10-20 821664]

S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-02-22 2009704]

S2 SBSDWSCService;SBSD Security Center Service;c:\program files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]

S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2010-09-14 508264]

S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [x]

S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [x]

S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]

S3 MEIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x]

S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]

S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [x]

S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [x]

S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [x]

S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [x]

S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2010-09-14 219496]

.

.

Inhalt des "geplante Tasks" Ordners

.

2011-11-17 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-01-12 15:50]

.

2011-11-17 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-01-12 15:50]

.

2011-11-16 c:\windows\Tasks\RegCure Program Check.job

- c:\program files (x86)\RegCure\RegCure.exe [2010-05-19 23:20]

.

2011-11-07 c:\windows\Tasks\RegCure.job

- c:\program files (x86)\RegCure\RegCure.exe [2010-05-19 23:20]

.

.

--------- x86-64 -----------

.

.

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4}]

2011-01-12 15:50        750064        ----a-w-        c:\programdata\Partner\Partner64.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_B]

@="{6D4133E5-0742-4ADC-8A8C-9303440F7190}"

[HKEY_CLASSES_ROOT\CLSID\{6D4133E5-0742-4ADC-8A8C-9303440F7190}]

2009-11-26 05:49        70656        ----a-w-        c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSShellExt64.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_O]

@="{64174815-8D98-4CE6-8646-4C039977D808}"

[HKEY_CLASSES_ROOT\CLSID\{64174815-8D98-4CE6-8646-4C039977D808}]

2009-11-26 05:49        70656        ----a-w-        c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSShellExt64.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"ASUS WebStorage"="c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe" [2010-03-16 1754448]

"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-02-10 167960]

"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-02-10 391704]

"Persistence"="c:\windows\system32\igfxpers.exe" [2011-02-10 418328]

"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2011-01-18 2188904]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

"AppInit_DLLs"=c:\windows\System32\nvinitx.dll

.

------- Zusätzlicher Suchlauf -------

.

uLocal Page = c:\windows\system32\blank.htm

uStart Page = 

mStart Page = 

mLocal Page = 

IE: Free YouTube Download - c:\users\Theresa\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm

IE: Free YouTube to MP3 Converter - c:\users\Theresa\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm

TCP: DhcpNameServer = 192.168.1.1 71.250.0.12

FF - ProfilePath - c:\users\Theresa\AppData\Roaming\Mozilla\Firefox\Profiles\vo3088lh.default\

.

- - - - Entfernte verwaiste Registrierungseinträge - - - -

.

BHO-{0AE8089F-A64F-4DBA-B96B-5D43F0A60445} - c:\users\Theresa\AppData\Local\NetworkWin32.dll

Toolbar-Locked - (no file)

Wow6432Node-HKCU-Run-MouseProfileVerifier - (no file)

Wow6432Node-HKCU-Run-Macromedia Update - (no file)

Wow6432Node-HKCU-Run-Clients Update - (no file)

HKLM-Run-ETDCtrl - c:\program files (x86)\Elantech\ETDCtrl.exe

HKLM-Run-Setwallpaper - c:\programdata\SetWallpaper.cmd

HKLM-Run-combofix - c:\combofix\CF18716.3XE

.

.

.

--------------------- Gesperrte Registrierungsschluessel ---------------------

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10d.exe,-101"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32]

@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10d.exe"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Shockwave Flash Object"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]

@="0"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]

@="ShockwaveFlash.ShockwaveFlash.10"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx, 1"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="ShockwaveFlash.ShockwaveFlash"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Macromedia Flash Factory Object"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]

@="FlashFactory.FlashFactory.1"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx, 1"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="FlashFactory.FlashFactory"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]

@Denied: (A 2) (Everyone)

@="IFlashBroker3"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

Zeit der Fertigstellung: 2011-11-17  00:02:55

ComboFix-quarantined-files.txt  2011-11-17 05:02

.

Vor Suchlauf: 16 Verzeichnis(se), 21.039.042.560 Bytes frei

Nach Suchlauf: 16 Verzeichnis(se), 21.024.387.072 Bytes frei

.

- - End Of File - - 275BF19F4634D082A238C692BB7AB8E6

--- --- ---

Downloade dir bitte aswMBR.exe und speichere die Datei auf deinem Desktop.

Starte die aswMBR.exe Vista und Win7 User aswMBR per Rechtsklick "als Administrator ausführen"
Das Tool wird dich fragen, ob Du mit der aktuellen Virendefinition von AVAST! dein System scannen willst. Beantworte diese Frage bitte mit Ja. (Sollte deine Firewall fragen, bitte den Zugriff auf das Internet zulassen) Der Download der Definitionen kann je nach Verbindung eine Weile dauern.
Klicke auf Scan.
Warte bitte bis Scan finished successfully im DOS Fenster steht.
Drücke auf Save Log und speichere diese auf dem Desktop.

Poste mir die aswMBR.txt in deiner nächsten Antwort. Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte es erneut nicht klappen teile mir das bitte mit.

Okay, also ich habe die Anwendung runtergeladen, sie geöffnet und dann auf Scan geklickt und genau in dem Moment ist dann mein Laptop abgestürzt und mir wurde wieder ein blue screen angezeigt ' A problem has been detected ...' dabei läuft mein laptop jetzt seit einiger zeit wieder einwandfrei! Ich hab dann neu im abgesicherten modus gestartet und hier ist nun die logdatei.

aswMBR version 0.9.8.986 Copyright(c) 2011 AVAST Software
Run date: 2011-11-17 08:52:42
-----------------------------
08:52:42.314 OS Version: Windows x64 6.1.7600
08:52:42.314 Number of processors: 4 586 0x2A07
08:52:42.314 ComputerName: THERESA-PC UserName: Theresa
08:52:42.907 Initialize success
08:53:38.085 AVAST engine defs: 11111702
08:53:44.293 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
08:53:44.293 Disk 0 Vendor: WDC_WD32 01.0 Size: 305245MB BusType: 3
08:53:44.325 Disk 0 MBR read successfully
08:53:44.325 Disk 0 MBR scan
08:53:44.325 Disk 0 Windows 7 default MBR code
08:53:44.325 Service scanning
08:53:46.025 Modules scanning
08:53:46.025 Disk 0 trace - called modules:
08:53:46.056 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys iaStor.sys hal.dll
08:53:46.056 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800508f060]
08:53:46.056 3 CLASSPNP.SYS[fffff880013b443f] -> nt!IofCallDriver -> [0xfffffa8004a70c40]
08:53:46.056 5 ACPI.sys[fffff88000f1b781] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8004a74050]
08:53:46.945 AVAST engine scan C:\Windows
08:53:49.051 AVAST engine scan C:\Windows\system32
08:54:56.662 AVAST engine scan C:\Windows\system32\drivers
08:55:03.261 AVAST engine scan C:\Users\Theresa
09:02:49.358 AVAST engine scan C:\ProgramData
09:03:44.208 Scan finished successfully
09:07:07.804 Disk 0 MBR has been saved successfully to "C:\Users\Theresa\Desktop\MBR.dat"
09:07:07.804 The log file has been saved successfully to "C:\Users\Theresa\Desktop\aswMBR.txt"

Sieht ok aus. Mach bitte zur Kontrolle Vollscans mit Malwarebytes und SASW und poste die Logs.
Denk dran beide Tools zu updaten vor dem Scan!!

Anschließend über den OnlineScanner von ESET eine zusätzliche Meinung zu holen ist auch nicht verkehrt:

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

schon mal von Superantispyware
SUPERAntiSpyware Scan Log
hxxp://www.superantispyware.com

Generated 11/27/2011 at 11:22 PM

Application Version : 5.0.1136

Core Rules Database Version : 7988
Trace Rules Database Version: 5800

Scan type : Complete Scan
Total Scan Time : 05:31:20

Operating System Information
Windows 7 Home Premium 64-bit (Build 6.01.7600)
UAC On - Limited User

Memory items scanned : 637
Memory threats detected : 0
Registry items scanned : 74764
Registry threats detected : 0
File items scanned : 277454
File threats detected : 672

Adware.Tracking Cookie
C:\Users\Theresa\AppData\Roaming\Microsoft\Windows\Cookies\TBSBS97E.txt [ /pointroll.com ]
C:\Users\Theresa\AppData\Roaming\Microsoft\Windows\Cookies\Y6807KVI.txt [ /interclick.com ]
C:\Users\Theresa\AppData\Roaming\Microsoft\Windows\Cookies\H91OTQ5U.txt [ /www.burstnet.com ]
C:\Users\Theresa\AppData\Roaming\Microsoft\Windows\Cookies\8LZIHRJX.txt [ /crackle.com ]
C:\Users\Theresa\AppData\Roaming\Microsoft\Windows\Cookies\X1KUA25I.txt [ /akamai.interclickproxy.com ]
C:\Users\Theresa\AppData\Roaming\Microsoft\Windows\Cookies\TQT6SVTW.txt [ /gotacha.rotator.hadj7.adjuggler.net ]
C:\Users\Theresa\AppData\Roaming\Microsoft\Windows\Cookies\B2NAKBOM.txt [ /apmebf.com ]
C:\Users\Theresa\AppData\Roaming\Microsoft\Windows\Cookies\VFOGF07R.txt [ /t.pointroll.com ]
C:\Users\Theresa\AppData\Roaming\Microsoft\Windows\Cookies\6JJG0KXP.txt [ /r1-ads.ace.advertising.com ]
C:\Users\Theresa\AppData\Roaming\Microsoft\Windows\Cookies\IY1K03W2.txt [ /getclicky.com ]
C:\Users\Theresa\AppData\Roaming\Microsoft\Windows\Cookies\IB39D46W.txt [ /pro-market.net ]
C:\Users\Theresa\AppData\Roaming\Microsoft\Windows\Cookies\9BK0QT1A.txt [ /casalemedia.com ]
C:\Users\Theresa\AppData\Roaming\Microsoft\Windows\Cookies\BZ9JDRJM.txt [ /ads.gamersmedia.com ]
C:\Users\Theresa\AppData\Roaming\Microsoft\Windows\Cookies\PHCH0UO4.txt [ /advertising.com ]
C:\Users\Theresa\AppData\Roaming\Microsoft\Windows\Cookies\5Z7ZNCPK.txt [ /ads.react2media.com ]
C:\Users\Theresa\AppData\Roaming\Microsoft\Windows\Cookies\SO2YEC8T.txt [ /ads.creafi.com ]
C:\Users\Theresa\AppData\Roaming\Microsoft\Windows\Cookies\QE7PRNNR.txt [ /vidasco.rotator.hadj7.adjuggler.net ]
C:\Users\Theresa\AppData\Roaming\Microsoft\Windows\Cookies\IMAEUEJU.txt [ /lucidmedia.com ]
C:\Users\Theresa\AppData\Roaming\Microsoft\Windows\Cookies\CFDR1A83.txt [ /static.getclicky.com ]
C:\Users\Theresa\AppData\Roaming\Microsoft\Windows\Cookies\KZ5Z0WZF.txt [ /doubleclick.net ]
C:\Users\Theresa\AppData\Roaming\Microsoft\Windows\Cookies\4ZJB4OQP.txt [ /flatwatermedia.com ]
C:\Users\Theresa\AppData\Roaming\Microsoft\Windows\Cookies\NWTJNHXS.txt [ /myroitracking.com ]
C:\Users\Theresa\AppData\Roaming\Microsoft\Windows\Cookies\P6J76SFD.txt [ /in.getclicky.com ]
C:\Users\Theresa\AppData\Roaming\Microsoft\Windows\Cookies\8504NLJH.txt [ /ads.undertone.com ]
C:\Users\Theresa\AppData\Roaming\Microsoft\Windows\Cookies\FQ8LNFP9.txt [ /ads.blogtalkradio.com ]
C:\Users\Theresa\AppData\Roaming\Microsoft\Windows\Cookies\YGC7694X.txt [ /www.crackle.com ]
C:\Users\Theresa\AppData\Roaming\Microsoft\Windows\Cookies\SYTXZQAQ.txt [ /content.yieldmanager.com ]
C:\Users\Theresa\AppData\Roaming\Microsoft\Windows\Cookies\92XS4UOT.txt [ /adinterax.com ]
C:\Users\Theresa\AppData\Roaming\Microsoft\Windows\Cookies\DRC9ZYBF.txt [ /mediaplex.com ]
C:\Users\Theresa\AppData\Roaming\Microsoft\Windows\Cookies\BO4C6MUK.txt [ /adjuggler.net ]
C:\Users\Theresa\AppData\Roaming\Microsoft\Windows\Cookies\K3JI0IQD.txt [ /media6degrees.com ]
C:\Users\Theresa\AppData\Roaming\Microsoft\Windows\Cookies\CCLR2N6V.txt [ /ru4.com ]
C:\Users\Theresa\AppData\Roaming\Microsoft\Windows\Cookies\G8QKLEUP.txt [ /hhm.rotator.hadj7.adjuggler.net ]
C:\Users\Theresa\AppData\Roaming\Microsoft\Windows\Cookies\0E114DV2.txt [ /atdmt.com ]
C:\Users\Theresa\AppData\Roaming\Microsoft\Windows\Cookies\UHV5KRVM.txt [ /fastclick.net ]
C:\Users\Theresa\AppData\Roaming\Microsoft\Windows\Cookies\XX8TFEOR.txt [ /ads.adk2.com ]
C:\Users\Theresa\AppData\Roaming\Microsoft\Windows\Cookies\GST4T4TD.txt [ /imrworldwide.com ]
C:\Users\Theresa\AppData\Roaming\Microsoft\Windows\Cookies\9FWDH0R5.txt [ /adbrite.com ]
C:\Users\Theresa\AppData\Roaming\Microsoft\Windows\Cookies\X5HE8S0S.txt [ /dc.tremormedia.com ]
C:\Users\Theresa\AppData\Roaming\Microsoft\Windows\Cookies\Z0UGFUM2.txt [ /realmedia.com ]
C:\Users\Theresa\AppData\Roaming\Microsoft\Windows\Cookies\R6F755A9.txt [ /eyewonder.com ]
C:\Users\Theresa\AppData\Roaming\Microsoft\Windows\Cookies\9XL4ULFI.txt [ /tribalfusion.com ]
C:\Users\Theresa\AppData\Roaming\Microsoft\Windows\Cookies\E438Q22C.txt [ /insightexpressai.com ]
C:\Users\Theresa\AppData\Roaming\Microsoft\Windows\Cookies\O5B5CKWD.txt [ /at.atwola.com ]
C:\Users\Theresa\AppData\Roaming\Microsoft\Windows\Cookies\W7V35NWY.txt [ /bizzclick.com ]
C:\Users\Theresa\AppData\Roaming\Microsoft\Windows\Cookies\4S5OWFY1.txt [ /clicksor.com ]
C:\Users\Theresa\AppData\Roaming\Microsoft\Windows\Cookies\1JSR3VQS.txt [ /ad.yieldmanager.com ]
C:\Users\Theresa\AppData\Roaming\Microsoft\Windows\Cookies\XUINVBI4.txt [ /rotator.adjuggler.com ]
C:\Users\Theresa\AppData\Roaming\Microsoft\Windows\Cookies\JFBF3W25.txt [ /eyeviewads.com ]
C:\Users\Theresa\AppData\Roaming\Microsoft\Windows\Cookies\2KN6P4PQ.txt [ /fls.doubleclick.net ]
C:\Users\Theresa\AppData\Roaming\Microsoft\Windows\Cookies\QAG5SFN3.txt [ /a1.interclick.com ]
C:\Users\Theresa\AppData\Roaming\Microsoft\Windows\Cookies\KNA6N3IR.txt [ /adserver.adtechus.com ]
C:\Users\Theresa\AppData\Roaming\Microsoft\Windows\Cookies\5K42O6Q9.txt [ /247realmedia.com ]
C:\Users\Theresa\AppData\Roaming\Microsoft\Windows\Cookies\MALVHKZ3.txt [ /ads.pubmatic.com ]
C:\Users\Theresa\AppData\Roaming\Microsoft\Windows\Cookies\CVUNZHII.txt [ /intermundomedia.com ]
C:\Users\Theresa\AppData\Roaming\Microsoft\Windows\Cookies\09BLQBD0.txt [ /ads.us.e-planning.net ]
C:\Users\Theresa\AppData\Roaming\Microsoft\Windows\Cookies\ZFEJWNET.txt [ /questionmarket.com ]
C:\Users\Theresa\AppData\Roaming\Microsoft\Windows\Cookies\RT7I4DOV.txt [ /harrenmedianetwork.com ]
C:\Users\Theresa\AppData\Roaming\Microsoft\Windows\Cookies\8Q2SQEFW.txt [ /statcounter.com ]
C:\Users\Theresa\AppData\Roaming\Microsoft\Windows\Cookies\2823K1R3.txt [ /trafficmp.com ]
C:\Users\Theresa\AppData\Roaming\Microsoft\Windows\Cookies\M2L3PZ0A.txt [ /collective-media.net ]
C:\Users\Theresa\AppData\Roaming\Microsoft\Windows\Cookies\SXUF7L8Q.txt [ /invitemedia.com ]
C:\Users\Theresa\AppData\Roaming\Microsoft\Windows\Cookies\1JWVQDE3.txt [ /popularscreensavers.com ]
C:\Users\Theresa\AppData\Roaming\Microsoft\Windows\Cookies\JZQCAGOM.txt [ /legolas-media.com ]
C:\Users\Theresa\AppData\Roaming\Microsoft\Windows\Cookies\ZLGKLIGH.txt [ /burstnet.com ]
C:\Users\Theresa\AppData\Roaming\Microsoft\Windows\Cookies\5NR26HW5.txt [ /xm.xtendmedia.com ]
C:\Users\Theresa\AppData\Roaming\Microsoft\Windows\Cookies\MEYCBU4N.txt [ /adxpose.com ]
C:\Users\Theresa\AppData\Roaming\Microsoft\Windows\Cookies\90CEYQOO.txt [ /ads.pointroll.com ]
C:\Users\Theresa\AppData\Roaming\Microsoft\Windows\Cookies\40UEYJ2M.txt [ /zedo.com ]
C:\Users\Theresa\AppData\Roaming\Microsoft\Windows\Cookies\0O2KO25J.txt [ /adup.rotator.hadj7.adjuggler.net ]
C:\Users\Theresa\AppData\Roaming\Microsoft\Windows\Cookies\50VVIRKI.txt [ /specificclick.net ]
C:\Users\Theresa\AppData\Roaming\Microsoft\Windows\Cookies\Q55P1X00.txt [ /fidelity.rotator.hadj7.adjuggler.net ]
C:\Users\Theresa\AppData\Roaming\Microsoft\Windows\Cookies\INPAE1VL.txt [ /serving-sys.com ]
C:\Users\Theresa\AppData\Roaming\Microsoft\Windows\Cookies\6QXC7T66.txt [ /revsci.net ]
C:\Users\Theresa\AppData\Roaming\Microsoft\Windows\Cookies\K9T9HF3A.txt [ /yieldmanager.net ]
C:\Users\Theresa\AppData\Roaming\Microsoft\Windows\Cookies\PMKMWTNG.txt [ /ads.cpxadroit.com ]
C:\Users\Theresa\AppData\Roaming\Microsoft\Windows\Cookies\X16WGKJZ.txt [ /adtech.de ]
C:\Users\Theresa\AppData\Roaming\Microsoft\Windows\Cookies\B0EZLLAO.txt [ /ghmedia.com ]
C:\USERS\THERESA\AppData\Roaming\Microsoft\Windows\Cookies\ORHBU0Y5.txt [ Cookie:theresa@cpmserver.com/ad/view/ ]
C:\USERS\THERESA\Cookies\TBSBS97E.txt [ Cookie:theresa@pointroll.com/ ]
C:\USERS\THERESA\Cookies\Y6807KVI.txt [ Cookie:theresa@interclick.com/ ]
C:\USERS\THERESA\Cookies\H91OTQ5U.txt [ Cookie:theresa@www.burstnet.com/ ]
C:\USERS\THERESA\Cookies\X1KUA25I.txt [ Cookie:theresa@akamai.interclickproxy.com/ ]
C:\USERS\THERESA\Cookies\TQT6SVTW.txt [ Cookie:theresa@gotacha.rotator.hadj7.adjuggler.net/ ]
C:\USERS\THERESA\Cookies\B2NAKBOM.txt [ Cookie:theresa@apmebf.com/ ]
C:\USERS\THERESA\Cookies\VFOGF07R.txt [ Cookie:theresa@t.pointroll.com/ ]
C:\USERS\THERESA\Cookies\6JJG0KXP.txt [ Cookie:theresa@r1-ads.ace.advertising.com/ ]
C:\USERS\THERESA\Cookies\IY1K03W2.txt [ Cookie:theresa@getclicky.com/ ]
C:\USERS\THERESA\Cookies\IB39D46W.txt [ Cookie:theresa@pro-market.net/ ]
C:\USERS\THERESA\Cookies\BZ9JDRJM.txt [ Cookie:theresa@ads.gamersmedia.com/ ]
C:\USERS\THERESA\Cookies\PHCH0UO4.txt [ Cookie:theresa@advertising.com/ ]
C:\USERS\THERESA\Cookies\5Z7ZNCPK.txt [ Cookie:theresa@ads.react2media.com/ ]
C:\USERS\THERESA\Cookies\QE7PRNNR.txt [ Cookie:theresa@vidasco.rotator.hadj7.adjuggler.net/ ]
C:\USERS\THERESA\Cookies\CFDR1A83.txt [ Cookie:theresa@static.getclicky.com/ ]
C:\USERS\THERESA\Cookies\NWTJNHXS.txt [ Cookie:theresa@myroitracking.com/ ]
C:\USERS\THERESA\Cookies\P6J76SFD.txt [ Cookie:theresa@in.getclicky.com/ ]
C:\USERS\THERESA\Cookies\YGC7694X.txt [ Cookie:theresa@www.crackle.com/ ]
C:\USERS\THERESA\Cookies\ORHBU0Y5.txt [ Cookie:theresa@cpmserver.com/ad/view/ ]
C:\USERS\THERESA\Cookies\SYTXZQAQ.txt [ Cookie:theresa@content.yieldmanager.com/ ]
C:\USERS\THERESA\Cookies\DRC9ZYBF.txt [ Cookie:theresa@mediaplex.com/ ]
C:\USERS\THERESA\Cookies\BO4C6MUK.txt [ Cookie:theresa@adjuggler.net/ ]
C:\USERS\THERESA\Cookies\K3JI0IQD.txt [ Cookie:theresa@media6degrees.com/ ]
C:\USERS\THERESA\Cookies\G8QKLEUP.txt [ Cookie:theresa@hhm.rotator.hadj7.adjuggler.net/ ]
C:\USERS\THERESA\Cookies\0E114DV2.txt [ Cookie:theresa@atdmt.com/ ]
C:\USERS\THERESA\Cookies\UHV5KRVM.txt [ Cookie:theresa@fastclick.net/ ]
C:\USERS\THERESA\Cookies\GST4T4TD.txt [ Cookie:theresa@imrworldwide.com/cgi-bin ]
C:\USERS\THERESA\Cookies\9FWDH0R5.txt [ Cookie:theresa@adbrite.com/ ]
C:\USERS\THERESA\Cookies\X5HE8S0S.txt [ Cookie:theresa@dc.tremormedia.com/ ]
C:\USERS\THERESA\Cookies\Z0UGFUM2.txt [ Cookie:theresa@realmedia.com/ ]
C:\USERS\THERESA\Cookies\R6F755A9.txt [ Cookie:theresa@eyewonder.com/ ]
C:\USERS\THERESA\Cookies\9XL4ULFI.txt [ Cookie:theresa@tribalfusion.com/ ]
C:\USERS\THERESA\Cookies\O5B5CKWD.txt [ Cookie:theresa@at.atwola.com/ ]
C:\USERS\THERESA\Cookies\W7V35NWY.txt [ Cookie:theresa@bizzclick.com/ ]
C:\USERS\THERESA\Cookies\4S5OWFY1.txt [ Cookie:theresa@clicksor.com/ ]
C:\USERS\THERESA\Cookies\1JSR3VQS.txt [ Cookie:theresa@ad.yieldmanager.com/ ]
C:\USERS\THERESA\Cookies\XUINVBI4.txt [ Cookie:theresa@rotator.adjuggler.com/ ]
C:\USERS\THERESA\Cookies\JFBF3W25.txt [ Cookie:theresa@eyeviewads.com/ ]
C:\USERS\THERESA\Cookies\2KN6P4PQ.txt [ Cookie:theresa@fls.doubleclick.net/ ]
C:\USERS\THERESA\Cookies\KNA6N3IR.txt [ Cookie:theresa@adserver.adtechus.com/ ]
C:\USERS\THERESA\Cookies\5K42O6Q9.txt [ Cookie:theresa@247realmedia.com/ ]
C:\USERS\THERESA\Cookies\CVUNZHII.txt [ Cookie:theresa@intermundomedia.com/ ]
C:\USERS\THERESA\Cookies\ZFEJWNET.txt [ Cookie:theresa@questionmarket.com/ ]
C:\USERS\THERESA\Cookies\RT7I4DOV.txt [ Cookie:theresa@harrenmedianetwork.com/ ]
C:\USERS\THERESA\Cookies\8Q2SQEFW.txt [ Cookie:theresa@statcounter.com/ ]
C:\USERS\THERESA\Cookies\2823K1R3.txt [ Cookie:theresa@trafficmp.com/ ]
C:\USERS\THERESA\Cookies\M2L3PZ0A.txt [ Cookie:theresa@collective-media.net/ ]
C:\USERS\THERESA\Cookies\1JWVQDE3.txt [ Cookie:theresa@popularscreensavers.com/ ]
C:\USERS\THERESA\Cookies\ZLGKLIGH.txt [ Cookie:theresa@burstnet.com/ ]
C:\USERS\THERESA\Cookies\5NR26HW5.txt [ Cookie:theresa@xm.xtendmedia.com/ ]
C:\USERS\THERESA\Cookies\MEYCBU4N.txt [ Cookie:theresa@adxpose.com/ ]
C:\USERS\THERESA\Cookies\90CEYQOO.txt [ Cookie:theresa@ads.pointroll.com/ ]
C:\USERS\THERESA\Cookies\40UEYJ2M.txt [ Cookie:theresa@zedo.com/ ]
C:\USERS\THERESA\Cookies\0O2KO25J.txt [ Cookie:theresa@adup.rotator.hadj7.adjuggler.net/ ]
C:\USERS\THERESA\Cookies\50VVIRKI.txt [ Cookie:theresa@specificclick.net/ ]
C:\USERS\THERESA\Cookies\Q55P1X00.txt [ Cookie:theresa@fidelity.rotator.hadj7.adjuggler.net/ ]
C:\USERS\THERESA\Cookies\INPAE1VL.txt [ Cookie:theresa@serving-sys.com/ ]
C:\USERS\THERESA\Cookies\6QXC7T66.txt [ Cookie:theresa@revsci.net/ ]
C:\USERS\THERESA\Cookies\X16WGKJZ.txt [ Cookie:theresa@adtech.de/ ]
convoad.technoratimedia.net [ C:\USERS\THERESA\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\5UPQRVZB ]
ia.media-imdb.com [ C:\USERS\THERESA\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\5UPQRVZB ]
s0.2mdn.net [ C:\USERS\THERESA\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\5UPQRVZB ]
secure-us.imrworldwide.com [ C:\USERS\THERESA\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\5UPQRVZB ]
.revsci.net [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.r1-ads.ace.advertising.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.kanoodle.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.atdmt.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.imrworldwide.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.imrworldwide.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.kontera.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
track.prd1.netshelter.net [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.realmedia.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.specificclick.net [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.legolas-media.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.realmedia.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.steelhousemedia.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.bizrate.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.bizrate.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.bizrate.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.adxpose.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.advertising.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.zedo.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.zedo.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.ads.pointroll.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.pointroll.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.interclick.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.interclick.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.adinterax.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
tracking.sim-technik.de [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.eyewonder.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.eyewonder.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.ru4.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.adviva.net [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
tracking.mlsat02.de [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
track.adform.net [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.yadro.ru [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.adbrite.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.server.cpmstar.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.server.cpmstar.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.server.cpmstar.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.server.cpmstar.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.server.cpmstar.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.server.cpmstar.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.apmebf.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.mediaplex.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
tracking.affiliaxe.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
tracking.affiliaxe.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
tracking.affiliaxe.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
ads.gamersmedia.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
ads.gamersmedia.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
ads.gamersmedia.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.ru4.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.ru4.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.akamai.interclickproxy.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.a1.interclick.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.a1.interclick.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.traffictrack.de [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.adserver.adtechus.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.realmedia.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.dealtime.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
stat.dealtime.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.apmebf.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.liveperson.net [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
server.iad.liveperson.net [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.newlook.112.2o7.net [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.nextag.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.realmedia.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.redorbit.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.redorbit.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
ads.redorbit.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
eas.apm.emediate.eu [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.eset.122.2o7.net [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.azjmp.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.azjmp.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.rocketbanner.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.rocketbanner.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.rocketbanner.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
eas.apm.emediate.eu [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
eas.apm.emediate.eu [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.euros4click.de [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.media.adfrontiers.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.trafficmp.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.trafficmp.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.bs.serving-sys.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.bs.serving-sys.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
track.adform.net [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.adform.net [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.amazon-adsystem.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.amazon-adsystem.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
wstat.wibiya.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.w3counter.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
beacon.dmsinsights.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
beacon.dmsinsights.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.zedo.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.zedo.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
cn.clickable.net [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.advertising.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.eyeviewads.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.eyeviewads.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.ru4.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.ru4.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.ru4.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.guj.122.2o7.net [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.eyewonder.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.eyewonder.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.adlegend.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.adlegend.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.mediaplex.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
zbox.zanox.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
eas21.emediate.eu [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.atdmt.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.c.atdmt.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.c.atdmt.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
ad1.adfarm1.adition.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.adinterax.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.movieticketscom.122.2o7.net [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.clickfuse.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.clickfuse.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.clickfuse.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.clickfuse.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
adserver.valwa.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.clickfuse.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.doubleclick.net [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.steelhousemedia.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.steelhousemedia.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.www.burstnet.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.burstnet.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.yieldmanager.net [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.adbrite.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.content.yieldmanager.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.content.yieldmanager.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.osloadserver.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.osloadserver.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
banner.slashcam.de [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
ad4.adfarm1.adition.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
ww251.smartadserver.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.harrenmedianetwork.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.lucidmedia.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.a1.interclick.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.a1.interclick.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.a1.interclick.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.lucidmedia.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
statse.webtrendslive.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.pro-market.net [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.lucidmedia.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
rts.pgmediaserve.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
rts.pgmediaserve.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
rts.pgmediaserve.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.stats.ilivid.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.adbrite.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.apmebf.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.clickthestream.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.clickthestream.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.clickthestream.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
www.adv-adserver.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.questionmarket.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.questionmarket.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.warnerbros.112.2o7.net [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.doubleclick.net [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.xm.xtendmedia.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.azjmp.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.azjmp.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.azjmp.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.trafficmp.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.trafficmp.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.trafficmp.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.trafficmp.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.trafficmp.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.trafficmp.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.a1.interclick.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.interclick.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.a1.interclick.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.a1.interclick.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.a1.interclick.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.a1.interclick.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.interclick.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.ero-advertising.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.redorbit.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.redorbit.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.redorbit.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.zedo.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.zedo.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.zedo.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
view.atdmt.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
dc.tremormedia.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.zedo.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.ads.quartermedia.de [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.ads.quartermedia.de [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.ads.quartermedia.de [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
ad.zanox.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
ad.velmedia.net [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
ad.velmedia.net [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
ad.velmedia.net [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
ad.velmedia.net [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.ad.velmedia.net [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.ad.velmedia.net [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.ad.velmedia.net [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
ad.velmedia.net [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.velmedia.net [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
network.realmedia.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.questionmarket.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.questionmarket.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
accounts.google.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.zedo.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.zedo.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.zedo.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
eas21.emediate.eu [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.adbrite.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.adbrite.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.adbrite.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.pro-market.net [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.interclick.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.zedo.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.zedo.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.trafficmp.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.trafficmp.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.media.adfrontiers.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.mediaplex.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.fastclick.net [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.adbrite.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.adbrite.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.adbrite.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.advertising.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.advertising.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.lfstmedia.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.statcounter.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.lfstmedia.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.lfstmedia.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.lfstmedia.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.at.atwola.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.at.atwola.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.tacoda.at.atwola.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.tacoda.at.atwola.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.tacoda.at.atwola.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.tacoda.at.atwola.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.at.atwola.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.tacoda.at.atwola.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.atwola.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.advertising.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.advertising.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.ar.atwola.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.atwola.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
ad2.adfarm1.adition.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.zanox.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
ad.zanox.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
ad3.adfarm1.adition.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.doubleclick.net [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.nextag.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
www.burstnet.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.burstnet.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
www.burstnet.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
www.burstbeacon.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.burstbeacon.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.legolas-media.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.legolas-media.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.t.pointroll.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.tribalfusion.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.ads.pointroll.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.pointroll.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.ads.pointroll.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.ads.pointroll.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.ads.pointroll.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.ads.pointroll.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.ads.pointroll.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.ads.pointroll.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.legolas-media.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.t.pointroll.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.megaclick.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.f.megaclick.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.f.megaclick.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.f.megaclick.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\THERESA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VO3088LH.DEFAULT\COOKIES.SQLITE ]
.doubleclick.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\02IB17Q7.DEFAULT\COOKIES.SQLITE ]
.imrworldwide.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\02IB17Q7.DEFAULT\COOKIES.SQLITE ]
.imrworldwide.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\02IB17Q7.DEFAULT\COOKIES.SQLITE ]
.eyewonder.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\02IB17Q7.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\02IB17Q7.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\02IB17Q7.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\02IB17Q7.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\02IB17Q7.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\02IB17Q7.DEFAULT\COOKIES.SQLITE ]
.atdmt.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\02IB17Q7.DEFAULT\COOKIES.SQLITE ]
.atdmt.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\02IB17Q7.DEFAULT\COOKIES.SQLITE ]
.kontera.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\02IB17Q7.DEFAULT\COOKIES.SQLITE ]
.content.yieldmanager.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\02IB17Q7.DEFAULT\COOKIES.SQLITE ]
.legolas-media.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\02IB17Q7.DEFAULT\COOKIES.SQLITE ]
.adxpose.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\02IB17Q7.DEFAULT\COOKIES.SQLITE ]
.questionmarket.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\02IB17Q7.DEFAULT\COOKIES.SQLITE ]
.questionmarket.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\02IB17Q7.DEFAULT\COOKIES.SQLITE ]
tracking.sim-technik.de [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\02IB17Q7.DEFAULT\COOKIES.SQLITE ]
ad.zanox.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\02IB17Q7.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\02IB17Q7.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\02IB17Q7.DEFAULT\COOKIES.SQLITE ]
.zanox.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\02IB17Q7.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\02IB17Q7.DEFAULT\COOKIES.SQLITE ]
.ru4.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\02IB17Q7.DEFAULT\COOKIES.SQLITE ]
.ru4.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\02IB17Q7.DEFAULT\COOKIES.SQLITE ]
.ru4.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\02IB17Q7.DEFAULT\COOKIES.SQLITE ]
fr.sitestat.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\02IB17Q7.DEFAULT\COOKIES.SQLITE ]
fr.sitestat.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\02IB17Q7.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\02IB17Q7.DEFAULT\COOKIES.SQLITE ]
.bs.serving-sys.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\02IB17Q7.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\02IB17Q7.DEFAULT\COOKIES.SQLITE ]
.apmebf.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\02IB17Q7.DEFAULT\COOKIES.SQLITE ]
.apmebf.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\02IB17Q7.DEFAULT\COOKIES.SQLITE ]
adx.chip.de [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\02IB17Q7.DEFAULT\COOKIES.SQLITE ]
adx.chip.de [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\02IB17Q7.DEFAULT\COOKIES.SQLITE ]
ad3.adfarm1.adition.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\02IB17Q7.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\02IB17Q7.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\02IB17Q7.DEFAULT\COOKIES.SQLITE ]
.fastclick.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\02IB17Q7.DEFAULT\COOKIES.SQLITE ]
.clickfuse.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\02IB17Q7.DEFAULT\COOKIES.SQLITE ]
.clickfuse.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\02IB17Q7.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\02IB17Q7.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\02IB17Q7.DEFAULT\COOKIES.SQLITE ]
.clickfuse.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\02IB17Q7.DEFAULT\COOKIES.SQLITE ]
.advertising.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\02IB17Q7.DEFAULT\COOKIES.SQLITE ]
.r1-ads.ace.advertising.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\02IB17Q7.DEFAULT\COOKIES.SQLITE ]
.advertising.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\02IB17Q7.DEFAULT\COOKIES.SQLITE ]
.advertising.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\02IB17Q7.DEFAULT\COOKIES.SQLITE ]
.advertising.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\02IB17Q7.DEFAULT\COOKIES.SQLITE ]
.advertising.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\02IB17Q7.DEFAULT\COOKIES.SQLITE ]
.advertising.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\02IB17Q7.DEFAULT\COOKIES.SQLITE ]
.doubleclick.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\02IB17Q7.DEFAULT\COOKIES.SQLITE ]
.legolas-media.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\02IB17Q7.DEFAULT\COOKIES.SQLITE ]
.legolas-media.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\02IB17Q7.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\02IB17Q7.DEFAULT\COOKIES.SQLITE ]
.zedo.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\02IB17Q7.DEFAULT\COOKIES.SQLITE ]
.zedo.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\02IB17Q7.DEFAULT\COOKIES.SQLITE ]
.adbrite.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\02IB17Q7.DEFAULT\COOKIES.SQLITE ]
.adbrite.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\02IB17Q7.DEFAULT\COOKIES.SQLITE ]
.adbrite.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\02IB17Q7.DEFAULT\COOKIES.SQLITE ]
.adbrite.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\02IB17Q7.DEFAULT\COOKIES.SQLITE ]
.adbrite.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\02IB17Q7.DEFAULT\COOKIES.SQLITE ]
.media.adfrontiers.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\02IB17Q7.DEFAULT\COOKIES.SQLITE ]
.realmedia.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\02IB17Q7.DEFAULT\COOKIES.SQLITE ]
.media.adfrontiers.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\02IB17Q7.DEFAULT\COOKIES.SQLITE ]
network.realmedia.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\02IB17Q7.DEFAULT\COOKIES.SQLITE ]
.www.burstnet.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\02IB17Q7.DEFAULT\COOKIES.SQLITE ]
.burstnet.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\02IB17Q7.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\02IB17Q7.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\02IB17Q7.DEFAULT\COOKIES.SQLITE ]
www.burstnet.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\02IB17Q7.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\02IB17Q7.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\02IB17Q7.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\02IB17Q7.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\02IB17Q7.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\02IB17Q7.DEFAULT\COOKIES.SQLITE ]
www.burstnet.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\02IB17Q7.DEFAULT\COOKIES.SQLITE ]
.pro-market.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\02IB17Q7.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\02IB17Q7.DEFAULT\COOKIES.SQLITE ]
.interclick.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\02IB17Q7.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\02IB17Q7.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\02IB17Q7.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\02IB17Q7.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\02IB17Q7.DEFAULT\COOKIES.SQLITE ]
.adbrite.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\02IB17Q7.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\02IB17Q7.DEFAULT\COOKIES.SQLITE ]
.interclick.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\02IB17Q7.DEFAULT\COOKIES.SQLITE ]
.zedo.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\02IB17Q7.DEFAULT\COOKIES.SQLITE ]
.zedo.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\02IB17Q7.DEFAULT\COOKIES.SQLITE ]
.zedo.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\02IB17Q7.DEFAULT\COOKIES.SQLITE ]
.zedo.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\02IB17Q7.DEFAULT\COOKIES.SQLITE ]
.eyewonder.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\02IB17Q7.DEFAULT\COOKIES.SQLITE ]
.eyewonder.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\02IB17Q7.DEFAULT\COOKIES.SQLITE ]
dc.tremormedia.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\02IB17Q7.DEFAULT\COOKIES.SQLITE ]
.eyewonder.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\02IB17Q7.DEFAULT\COOKIES.SQLITE ]
.legolas-media.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\02IB17Q7.DEFAULT\COOKIES.SQLITE ]
ad.velmedia.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\02IB17Q7.DEFAULT\COOKIES.SQLITE ]
ad.velmedia.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\02IB17Q7.DEFAULT\COOKIES.SQLITE ]
ad.velmedia.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\02IB17Q7.DEFAULT\COOKIES.SQLITE ]
ad.velmedia.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\02IB17Q7.DEFAULT\COOKIES.SQLITE ]
.ad.velmedia.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\02IB17Q7.DEFAULT\COOKIES.SQLITE ]
.ad.velmedia.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\02IB17Q7.DEFAULT\COOKIES.SQLITE ]
.ad.velmedia.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\02IB17Q7.DEFAULT\COOKIES.SQLITE ]
.velmedia.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\02IB17Q7.DEFAULT\COOKIES.SQLITE ]
.statcounter.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\02IB17Q7.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\02IB17Q7.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\02IB17Q7.DEFAULT\COOKIES.SQLITE ]
.ru4.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\02IB17Q7.DEFAULT\COOKIES.SQLITE ]
.mediabrandsww.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\02IB17Q7.DEFAULT\COOKIES.SQLITE ]
.adbrite.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\02IB17Q7.DEFAULT\COOKIES.SQLITE ]
.adbrite.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\02IB17Q7.DEFAULT\COOKIES.SQLITE ]
.yieldmanager.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\02IB17Q7.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\02IB17Q7.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\02IB17Q7.DEFAULT\COOKIES.SQLITE ]
ad2.adfarm1.adition.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\02IB17Q7.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\02IB17Q7.DEFAULT\COOKIES.SQLITE ]
.stats.ilivid.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\02IB17Q7.DEFAULT\COOKIES.SQLITE ]
.bs.serving-sys.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\02IB17Q7.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\02IB17Q7.DEFAULT\COOKIES.SQLITE ]
.tribalfusion.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\02IB17Q7.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\02IB17Q7.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\02IB17Q7.DEFAULT\COOKIES.SQLITE ]
.doubleclick.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\02IB17Q7.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\02IB17Q7.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\02IB17Q7.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\02IB17Q7.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\02IB17Q7.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\02IB17Q7.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\02IB17Q7.DEFAULT\COOKIES.SQLITE ]
.content.yieldmanager.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\02IB17Q7.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\02IB17Q7.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\02IB17Q7.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\02IB17Q7.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\02IB17Q7.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\02IB17Q7.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\02IB17Q7.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\02IB17Q7.DEFAULT\COOKIES.SQLITE ]
ad.insightexpressai.com [ C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\KQFBDKBQ ]
cdn.eyewonder.com [ C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\KQFBDKBQ ]
cdn.tremormedia.com [ C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\KQFBDKBQ ]
crackle.com [ C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\KQFBDKBQ ]
i.adultswim.com [ C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\KQFBDKBQ ]
media.heavy.com [ C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\KQFBDKBQ ]
media.mtvnservices.com [ C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\KQFBDKBQ ]
media.oprah.com [ C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\KQFBDKBQ ]
media.scanscout.com [ C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\KQFBDKBQ ]
media1.break.com [ C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\KQFBDKBQ ]
msnbcmedia.msn.com [ C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\KQFBDKBQ ]
objects.tremormedia.com [ C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\KQFBDKBQ ]
s0.2mdn.net [ C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\KQFBDKBQ ]
secure-uk.imrworldwide.com [ C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\KQFBDKBQ ]
secure-us.imrworldwide.com [ C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\KQFBDKBQ ]
sftrack.searchforce.net [ C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\KQFBDKBQ ]

soll ich hier die gefundenen sachen löschen?

Sind nur Cookies, kann aber alles weg.

okay :) hier dann jetzt die logdatei von Malwarebytes
Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org

Datenbank Version: 8222

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

28.11.2011 16:39:28
mbam-log-2011-11-28 (16-39-28).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|G:\|Q:\|)
Durchsuchte Objekte: 478218
Laufzeit: 1 Stunde(n), 10 Minute(n), 40 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
(Keine bösartigen Objekte gefunden)

Zitat:

Datenbank Version: 8222

Du hast Malwarebytes vorher nicht aktualisiert. Bitte updaten und einen Vollscan machen.